From 3779f2f4a8b544a7e4c362915322726b66cff114 Mon Sep 17 00:00:00 2001
From: cvs2svn <admin@example.com>
Date: Tue, 12 Mar 2002 00:05:45 +0000
Subject: This commit was manufactured by cvs2git to create tag
'OPENBSD_3_1_BASE'.
---
src/lib/libcrypto/asn1/a_bitstr.c | 259 ---
src/lib/libcrypto/asn1/a_bool.c | 112 --
src/lib/libcrypto/asn1/a_bytes.c | 323 ---
src/lib/libcrypto/asn1/a_d2i_fp.c | 195 --
src/lib/libcrypto/asn1/a_digest.c | 90 -
src/lib/libcrypto/asn1/a_dup.c | 83 -
src/lib/libcrypto/asn1/a_enum.c | 224 ---
src/lib/libcrypto/asn1/a_i2d_fp.c | 113 --
src/lib/libcrypto/asn1/a_int.c | 473 -----
src/lib/libcrypto/asn1/a_mbstr.c | 400 ----
src/lib/libcrypto/asn1/a_object.c | 320 ---
src/lib/libcrypto/asn1/a_octet.c | 95 -
src/lib/libcrypto/asn1/a_print.c | 197 --
src/lib/libcrypto/asn1/a_set.c | 217 --
src/lib/libcrypto/asn1/a_sign.c | 148 --
src/lib/libcrypto/asn1/a_strex.c | 533 -----
src/lib/libcrypto/asn1/a_strnid.c | 250 ---
src/lib/libcrypto/asn1/a_time.c | 127 --
src/lib/libcrypto/asn1/a_type.c | 352 ----
src/lib/libcrypto/asn1/a_utf8.c | 238 ---
src/lib/libcrypto/asn1/a_verify.c | 119 --
src/lib/libcrypto/asn1/asn1.h | 1151 -----------
src/lib/libcrypto/asn1/asn1_err.c | 352 ----
src/lib/libcrypto/asn1/asn1_lib.c | 427 ----
src/lib/libcrypto/asn1/asn1_mac.h | 583 ------
src/lib/libcrypto/asn1/asn1_par.c | 423 ----
src/lib/libcrypto/asn1/asn_pack.c | 145 --
src/lib/libcrypto/asn1/charmap.h | 15 -
src/lib/libcrypto/asn1/charmap.pl | 80 -
src/lib/libcrypto/asn1/d2i_pr.c | 137 --
src/lib/libcrypto/asn1/d2i_pu.c | 114 --
src/lib/libcrypto/asn1/evp_asn1.c | 185 --
src/lib/libcrypto/asn1/f_enum.c | 207 --
src/lib/libcrypto/asn1/f_int.c | 214 --
src/lib/libcrypto/asn1/f_string.c | 212 --
src/lib/libcrypto/asn1/i2d_pr.c | 84 -
src/lib/libcrypto/asn1/i2d_pu.c | 82 -
src/lib/libcrypto/asn1/n_pkey.c | 388 ----
src/lib/libcrypto/asn1/nsseq.c | 118 --
src/lib/libcrypto/asn1/p5_pbe.c | 157 --
src/lib/libcrypto/asn1/p5_pbev2.c | 282 ---
src/lib/libcrypto/asn1/p8_pkey.c | 127 --
src/lib/libcrypto/asn1/t_bitst.c | 99 -
src/lib/libcrypto/asn1/t_crl.c | 166 --
src/lib/libcrypto/asn1/t_pkey.c | 361 ----
src/lib/libcrypto/asn1/t_req.c | 254 ---
src/lib/libcrypto/asn1/t_spki.c | 116 --
src/lib/libcrypto/asn1/t_x509.c | 411 ----
src/lib/libcrypto/asn1/t_x509a.c | 110 --
src/lib/libcrypto/asn1/x_algor.c | 118 --
src/lib/libcrypto/asn1/x_attrib.c | 165 --
src/lib/libcrypto/asn1/x_crl.c | 348 ----
src/lib/libcrypto/asn1/x_exten.c | 139 --
src/lib/libcrypto/asn1/x_info.c | 114 --
src/lib/libcrypto/asn1/x_name.c | 281 ---
src/lib/libcrypto/asn1/x_pkey.c | 151 --
src/lib/libcrypto/asn1/x_pubkey.c | 366 ----
src/lib/libcrypto/asn1/x_req.c | 257 ---
src/lib/libcrypto/asn1/x_sig.c | 110 --
src/lib/libcrypto/asn1/x_spki.c | 166 --
src/lib/libcrypto/asn1/x_val.c | 109 -
src/lib/libcrypto/asn1/x_x509.c | 216 --
src/lib/libcrypto/asn1/x_x509a.c | 208 --
src/lib/libcrypto/bf/COPYRIGHT | 46 -
src/lib/libcrypto/bf/INSTALL | 14 -
src/lib/libcrypto/bf/README | 8 -
src/lib/libcrypto/bf/VERSION | 6 -
src/lib/libcrypto/bf/asm/bf-586.pl | 136 --
src/lib/libcrypto/bf/bf_cbc.c | 143 --
src/lib/libcrypto/bf/bf_cfb64.c | 121 --
src/lib/libcrypto/bf/bf_ecb.c | 96 -
src/lib/libcrypto/bf/bf_enc.c | 306 ---
src/lib/libcrypto/bf/bf_locl.h | 219 ---
src/lib/libcrypto/bf/bf_ofb64.c | 110 --
src/lib/libcrypto/bf/bf_pi.h | 325 ---
src/lib/libcrypto/bf/bf_skey.c | 116 --
src/lib/libcrypto/bf/blowfish.h | 125 --
src/lib/libcrypto/bio/b_dump.c | 152 --
src/lib/libcrypto/bio/b_print.c | 819 --------
src/lib/libcrypto/bio/b_sock.c | 722 -------
src/lib/libcrypto/bio/bf_buff.c | 511 -----
src/lib/libcrypto/bio/bf_lbuf.c | 397 ----
src/lib/libcrypto/bio/bf_nbio.c | 256 ---
src/lib/libcrypto/bio/bf_null.c | 184 --
src/lib/libcrypto/bio/bio.h | 687 -------
src/lib/libcrypto/bio/bio_cb.c | 133 --
src/lib/libcrypto/bio/bio_err.c | 150 --
src/lib/libcrypto/bio/bio_lib.c | 542 -----
src/lib/libcrypto/bio/bss_acpt.c | 467 -----
src/lib/libcrypto/bio/bss_bio.c | 857 --------
src/lib/libcrypto/bio/bss_conn.c | 651 ------
src/lib/libcrypto/bio/bss_fd.c | 62 -
src/lib/libcrypto/bio/bss_file.c | 310 ---
src/lib/libcrypto/bio/bss_log.c | 394 ----
src/lib/libcrypto/bio/bss_mem.c | 317 ---
src/lib/libcrypto/bio/bss_null.c | 150 --
src/lib/libcrypto/bio/bss_sock.c | 424 ----
src/lib/libcrypto/bn/asm/bn-586.pl | 384 ----
src/lib/libcrypto/bn/asm/co-586.pl | 286 ---
src/lib/libcrypto/bn/asm/pa-risc2.s | 1618 ---------------
src/lib/libcrypto/bn/asm/pa-risc2W.s | 1605 ---------------
src/lib/libcrypto/bn/asm/sparcv8.S | 1458 --------------
src/lib/libcrypto/bn/asm/sparcv8plus.S | 1535 ---------------
src/lib/libcrypto/bn/asm/x86.pl | 28 -
src/lib/libcrypto/bn/asm/x86/add.pl | 76 -
src/lib/libcrypto/bn/asm/x86/comba.pl | 277 ---
src/lib/libcrypto/bn/asm/x86/div.pl | 15 -
src/lib/libcrypto/bn/asm/x86/mul.pl | 77 -
src/lib/libcrypto/bn/asm/x86/mul_add.pl | 87 -
src/lib/libcrypto/bn/asm/x86/sqr.pl | 60 -
src/lib/libcrypto/bn/asm/x86/sub.pl | 76 -
src/lib/libcrypto/bn/bn.h | 520 -----
src/lib/libcrypto/bn/bn_add.c | 307 ---
src/lib/libcrypto/bn/bn_asm.c | 832 --------
src/lib/libcrypto/bn/bn_blind.c | 144 --
src/lib/libcrypto/bn/bn_ctx.c | 144 --
src/lib/libcrypto/bn/bn_div.c | 381 ----
src/lib/libcrypto/bn/bn_err.c | 124 --
src/lib/libcrypto/bn/bn_exp.c | 696 -------
src/lib/libcrypto/bn/bn_exp2.c | 300 ---
src/lib/libcrypto/bn/bn_gcd.c | 210 --
src/lib/libcrypto/bn/bn_lcl.h | 419 ----
src/lib/libcrypto/bn/bn_lib.c | 762 -------
src/lib/libcrypto/bn/bn_mont.c | 346 ----
src/lib/libcrypto/bn/bn_mpi.c | 129 --
src/lib/libcrypto/bn/bn_mul.c | 794 --------
src/lib/libcrypto/bn/bn_prime.c | 465 -----
src/lib/libcrypto/bn/bn_prime.h | 325 ---
src/lib/libcrypto/bn/bn_prime.pl | 117 --
src/lib/libcrypto/bn/bn_print.c | 332 ----
src/lib/libcrypto/bn/bn_rand.c | 223 ---
src/lib/libcrypto/bn/bn_recp.c | 220 ---
src/lib/libcrypto/bn/bn_shift.c | 205 --
src/lib/libcrypto/bn/bn_sqr.c | 288 ---
src/lib/libcrypto/bn/bn_word.c | 199 --
src/lib/libcrypto/buffer/buf_err.c | 95 -
src/lib/libcrypto/buffer/buffer.c | 144 --
src/lib/libcrypto/buffer/buffer.h | 98 -
src/lib/libcrypto/cast/asm/cast-586.pl | 176 --
src/lib/libcrypto/cast/c_cfb64.c | 122 --
src/lib/libcrypto/cast/c_ecb.c | 80 -
src/lib/libcrypto/cast/c_enc.c | 207 --
src/lib/libcrypto/cast/c_ofb64.c | 111 --
src/lib/libcrypto/cast/c_skey.c | 166 --
src/lib/libcrypto/cast/cast.h | 103 -
src/lib/libcrypto/cast/cast_lcl.h | 226 ---
src/lib/libcrypto/cast/cast_s.h | 585 ------
src/lib/libcrypto/comp/c_rle.c | 61 -
src/lib/libcrypto/comp/c_zlib.c | 133 --
src/lib/libcrypto/comp/comp.h | 61 -
src/lib/libcrypto/comp/comp_err.c | 92 -
src/lib/libcrypto/comp/comp_lib.c | 78 -
src/lib/libcrypto/conf/conf.h | 179 --
src/lib/libcrypto/conf/conf_api.c | 289 ---
src/lib/libcrypto/conf/conf_api.h | 87 -
src/lib/libcrypto/conf/conf_def.c | 703 -------
src/lib/libcrypto/conf/conf_def.h | 145 --
src/lib/libcrypto/conf/conf_err.c | 112 --
src/lib/libcrypto/conf/conf_lib.c | 392 ----
src/lib/libcrypto/conf/keysets.pl | 179 --
src/lib/libcrypto/conf/ssleay.cnf | 78 -
src/lib/libcrypto/cpt_err.c | 97 -
src/lib/libcrypto/cryptlib.c | 489 -----
src/lib/libcrypto/cryptlib.h | 96 -
src/lib/libcrypto/crypto.h | 403 ----
src/lib/libcrypto/cversion.c | 112 --
src/lib/libcrypto/des/COPYRIGHT | 50 -
src/lib/libcrypto/des/asm/crypt586.pl | 204 --
src/lib/libcrypto/des/asm/des-586.pl | 253 ---
src/lib/libcrypto/des/asm/desboth.pl | 79 -
src/lib/libcrypto/des/cbc_cksm.c | 97 -
src/lib/libcrypto/des/cbc_enc.c | 61 -
src/lib/libcrypto/des/cfb64ede.c | 141 --
src/lib/libcrypto/des/cfb64enc.c | 121 --
src/lib/libcrypto/des/cfb_enc.c | 165 --
src/lib/libcrypto/des/des.h | 266 ---
src/lib/libcrypto/des/des_enc.c | 406 ----
src/lib/libcrypto/des/des_locl.h | 412 ----
src/lib/libcrypto/des/ecb3_enc.c | 82 -
src/lib/libcrypto/des/ecb_enc.c | 122 --
src/lib/libcrypto/des/ede_cbcm_enc.c | 197 --
src/lib/libcrypto/des/enc_read.c | 228 ---
src/lib/libcrypto/des/enc_writ.c | 171 --
src/lib/libcrypto/des/fcrypt.c | 152 --
src/lib/libcrypto/des/fcrypt_b.c | 145 --
src/lib/libcrypto/des/ncbc_enc.c | 148 --
src/lib/libcrypto/des/ofb64ede.c | 124 --
src/lib/libcrypto/des/ofb64enc.c | 110 --
src/lib/libcrypto/des/ofb_enc.c | 134 --
src/lib/libcrypto/des/pcbc_enc.c | 122 --
src/lib/libcrypto/des/qud_cksm.c | 139 --
src/lib/libcrypto/des/rand_key.c | 73 -
src/lib/libcrypto/des/set_key.c | 402 ----
src/lib/libcrypto/des/spr.h | 204 --
src/lib/libcrypto/des/str2key.c | 155 --
src/lib/libcrypto/des/xcbc_enc.c | 194 --
src/lib/libcrypto/dh/dh.h | 213 --
src/lib/libcrypto/dh/dh_check.c | 120 --
src/lib/libcrypto/dh/dh_err.c | 99 -
src/lib/libcrypto/dh/dh_gen.c | 153 --
src/lib/libcrypto/dh/dh_key.c | 216 --
src/lib/libcrypto/dh/dh_lib.c | 237 ---
src/lib/libcrypto/doc/DH_generate_key.pod | 50 -
src/lib/libcrypto/doc/DH_generate_parameters.pod | 72 -
src/lib/libcrypto/doc/DH_get_ex_new_index.pod | 36 -
src/lib/libcrypto/doc/DH_new.pod | 40 -
src/lib/libcrypto/doc/DH_set_method.pod | 111 --
src/lib/libcrypto/doc/DH_size.pod | 33 -
src/lib/libcrypto/doc/DSA_SIG_new.pod | 39 -
src/lib/libcrypto/doc/DSA_do_sign.pod | 47 -
src/lib/libcrypto/doc/DSA_dup_DH.pod | 36 -
src/lib/libcrypto/doc/DSA_generate_key.pod | 33 -
src/lib/libcrypto/doc/DSA_generate_parameters.pod | 105 -
src/lib/libcrypto/doc/DSA_get_ex_new_index.pod | 36 -
src/lib/libcrypto/doc/DSA_new.pod | 41 -
src/lib/libcrypto/doc/DSA_set_method.pod | 118 --
src/lib/libcrypto/doc/DSA_sign.pod | 66 -
src/lib/libcrypto/doc/DSA_size.pod | 33 -
src/lib/libcrypto/doc/ERR_GET_LIB.pod | 51 -
src/lib/libcrypto/doc/ERR_clear_error.pod | 29 -
src/lib/libcrypto/doc/ERR_error_string.pod | 73 -
src/lib/libcrypto/doc/ERR_get_error.pod | 63 -
src/lib/libcrypto/doc/ERR_load_crypto_strings.pod | 46 -
src/lib/libcrypto/doc/ERR_load_strings.pod | 54 -
src/lib/libcrypto/doc/ERR_print_errors.pod | 51 -
src/lib/libcrypto/doc/ERR_put_error.pod | 44 -
src/lib/libcrypto/doc/ERR_remove_state.pod | 34 -
src/lib/libcrypto/doc/EVP_DigestInit.pod | 202 --
src/lib/libcrypto/doc/EVP_EncryptInit.pod | 359 ----
src/lib/libcrypto/doc/EVP_OpenInit.pod | 63 -
src/lib/libcrypto/doc/EVP_SealInit.pod | 76 -
src/lib/libcrypto/doc/EVP_SignInit.pod | 85 -
src/lib/libcrypto/doc/EVP_VerifyInit.pod | 72 -
src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod | 88 -
.../libcrypto/doc/OpenSSL_add_all_algorithms.pod | 66 -
src/lib/libcrypto/doc/RAND_add.pod | 77 -
src/lib/libcrypto/doc/RAND_bytes.pod | 46 -
src/lib/libcrypto/doc/RAND_cleanup.pod | 29 -
src/lib/libcrypto/doc/RAND_load_file.pod | 53 -
src/lib/libcrypto/doc/RAND_set_rand_method.pod | 59 -
src/lib/libcrypto/doc/RSA_blinding_on.pod | 43 -
src/lib/libcrypto/doc/RSA_check_key.pod | 39 -
src/lib/libcrypto/doc/RSA_generate_key.pod | 68 -
src/lib/libcrypto/doc/RSA_get_ex_new_index.pod | 120 --
src/lib/libcrypto/doc/RSA_new.pod | 39 -
.../libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod | 124 --
src/lib/libcrypto/doc/RSA_print.pod | 49 -
src/lib/libcrypto/doc/RSA_private_encrypt.pod | 70 -
src/lib/libcrypto/doc/RSA_public_encrypt.pod | 86 -
src/lib/libcrypto/doc/RSA_set_method.pod | 168 --
src/lib/libcrypto/doc/RSA_sign.pod | 62 -
.../libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod | 59 -
src/lib/libcrypto/doc/RSA_size.pod | 33 -
src/lib/libcrypto/doc/bn.pod | 149 --
src/lib/libcrypto/doc/d2i_DHparams.pod | 30 -
src/lib/libcrypto/doc/d2i_RSAPublicKey.pod | 39 -
src/lib/libcrypto/doc/dh.pod | 69 -
src/lib/libcrypto/doc/dsa.pod | 105 -
src/lib/libcrypto/doc/evp.pod | 37 -
src/lib/libcrypto/doc/lh_stats.pod | 60 -
src/lib/libcrypto/doc/rsa.pod | 117 --
src/lib/libcrypto/dsa/dsa.h | 257 ---
src/lib/libcrypto/dsa/dsa_asn1.c | 96 -
src/lib/libcrypto/dsa/dsa_err.c | 107 -
src/lib/libcrypto/dsa/dsa_gen.c | 294 ---
src/lib/libcrypto/dsa/dsa_key.c | 108 -
src/lib/libcrypto/dsa/dsa_lib.c | 296 ---
src/lib/libcrypto/dsa/dsa_ossl.c | 393 ----
src/lib/libcrypto/dsa/dsa_sign.c | 93 -
src/lib/libcrypto/dsa/dsa_vrf.c | 95 -
src/lib/libcrypto/dso/dso.h | 250 ---
src/lib/libcrypto/dso/dso_dlfcn.c | 276 ---
src/lib/libcrypto/dso/dso_err.c | 128 --
src/lib/libcrypto/dso/dso_lib.c | 306 ---
src/lib/libcrypto/dso/dso_null.c | 86 -
src/lib/libcrypto/dso/dso_openssl.c | 81 -
src/lib/libcrypto/engine/README | 278 ---
src/lib/libcrypto/engine/engine.h | 398 ----
src/lib/libcrypto/err/err.c | 801 --------
src/lib/libcrypto/err/err.h | 278 ---
src/lib/libcrypto/err/err_all.c | 126 --
src/lib/libcrypto/err/err_prn.c | 107 -
src/lib/libcrypto/err/openssl.ec | 74 -
src/lib/libcrypto/evp/bio_b64.c | 547 ------
src/lib/libcrypto/evp/bio_enc.c | 425 ----
src/lib/libcrypto/evp/bio_md.c | 261 ---
src/lib/libcrypto/evp/c_all.c | 67 -
src/lib/libcrypto/evp/digest.c | 92 -
src/lib/libcrypto/evp/e_bf.c | 80 -
src/lib/libcrypto/evp/e_cast.c | 82 -
src/lib/libcrypto/evp/e_des.c | 118 --
src/lib/libcrypto/evp/e_des3.c | 165 --
src/lib/libcrypto/evp/e_idea.c | 112 --
src/lib/libcrypto/evp/e_null.c | 101 -
src/lib/libcrypto/evp/e_rc2.c | 222 ---
src/lib/libcrypto/evp/e_rc4.c | 125 --
src/lib/libcrypto/evp/e_xcbc_d.c | 111 --
src/lib/libcrypto/evp/encode.c | 437 -----
src/lib/libcrypto/evp/evp.h | 851 --------
src/lib/libcrypto/evp/evp_enc.c | 341 ----
src/lib/libcrypto/evp/evp_err.c | 153 --
src/lib/libcrypto/evp/evp_key.c | 159 --
src/lib/libcrypto/evp/evp_lib.c | 142 --
src/lib/libcrypto/evp/evp_locl.h | 168 --
src/lib/libcrypto/evp/evp_pbe.c | 136 --
src/lib/libcrypto/evp/evp_pkey.c | 408 ----
src/lib/libcrypto/evp/m_dss.c | 83 -
src/lib/libcrypto/evp/m_dss1.c | 83 -
src/lib/libcrypto/evp/m_md4.c | 83 -
src/lib/libcrypto/evp/m_md5.c | 83 -
src/lib/libcrypto/evp/m_null.c | 88 -
src/lib/libcrypto/evp/m_ripemd.c | 84 -
src/lib/libcrypto/evp/m_sha1.c | 83 -
src/lib/libcrypto/evp/names.c | 123 --
src/lib/libcrypto/evp/p5_crpt.c | 149 --
src/lib/libcrypto/evp/p5_crpt2.c | 248 ---
src/lib/libcrypto/evp/p_dec.c | 87 -
src/lib/libcrypto/evp/p_enc.c | 86 -
src/lib/libcrypto/evp/p_lib.c | 333 ----
src/lib/libcrypto/evp/p_open.c | 123 --
src/lib/libcrypto/evp/p_seal.c | 112 --
src/lib/libcrypto/evp/p_sign.c | 112 --
src/lib/libcrypto/evp/p_verify.c | 99 -
src/lib/libcrypto/ex_data.c | 223 ---
src/lib/libcrypto/hmac/hmac.c | 152 --
src/lib/libcrypto/hmac/hmac.h | 100 -
src/lib/libcrypto/idea/idea.h | 99 -
src/lib/libcrypto/lhash/lh_stats.c | 274 ---
src/lib/libcrypto/lhash/lhash.c | 461 -----
src/lib/libcrypto/lhash/lhash.h | 149 --
src/lib/libcrypto/md32_common.h | 607 ------
src/lib/libcrypto/md4/md4.h | 114 --
src/lib/libcrypto/md4/md4_dgst.c | 285 ---
src/lib/libcrypto/md4/md4_locl.h | 154 --
src/lib/libcrypto/md4/md4_one.c | 95 -
src/lib/libcrypto/md5/asm/md5-586.pl | 306 ---
src/lib/libcrypto/md5/md5.h | 114 --
src/lib/libcrypto/md5/md5_dgst.c | 319 ---
src/lib/libcrypto/md5/md5_locl.h | 172 --
src/lib/libcrypto/md5/md5_one.c | 95 -
src/lib/libcrypto/mem_dbg.c | 756 -------
src/lib/libcrypto/objects/o_names.c | 266 ---
src/lib/libcrypto/objects/obj_dat.c | 657 -------
src/lib/libcrypto/objects/obj_dat.pl | 302 ---
src/lib/libcrypto/objects/obj_err.c | 99 -
src/lib/libcrypto/objects/obj_lib.c | 126 --
src/lib/libcrypto/objects/obj_mac.num | 392 ----
src/lib/libcrypto/objects/objects.README | 44 -
src/lib/libcrypto/objects/objects.h | 1038 ----------
src/lib/libcrypto/objects/objects.pl | 224 ---
src/lib/libcrypto/objects/objects.txt | 593 ------
src/lib/libcrypto/opensslv.h | 85 -
src/lib/libcrypto/pem/message | 16 -
src/lib/libcrypto/pem/pem.h | 667 -------
src/lib/libcrypto/pem/pem2.h | 68 -
src/lib/libcrypto/pem/pem_all.c | 203 --
src/lib/libcrypto/pem/pem_err.c | 131 --
src/lib/libcrypto/pem/pem_info.c | 364 ----
src/lib/libcrypto/pem/pem_lib.c | 963 ---------
src/lib/libcrypto/pem/pem_seal.c | 184 --
src/lib/libcrypto/pem/pem_sign.c | 102 -
src/lib/libcrypto/pem/pkcs7.lis | 22 -
src/lib/libcrypto/perlasm/cbc.pl | 342 ----
src/lib/libcrypto/perlasm/readme | 124 --
src/lib/libcrypto/perlasm/x86asm.pl | 118 --
src/lib/libcrypto/pkcs12/p12_add.c | 218 --
src/lib/libcrypto/pkcs12/p12_attr.c | 238 ---
src/lib/libcrypto/pkcs12/p12_crpt.c | 124 --
src/lib/libcrypto/pkcs12/p12_crt.c | 164 --
src/lib/libcrypto/pkcs12/p12_decr.c | 187 --
src/lib/libcrypto/pkcs12/p12_init.c | 98 -
src/lib/libcrypto/pkcs12/p12_key.c | 204 --
src/lib/libcrypto/pkcs12/p12_kiss.c | 285 ---
src/lib/libcrypto/pkcs12/p12_mutl.c | 170 --
src/lib/libcrypto/pkcs12/p12_npas.c | 217 --
src/lib/libcrypto/pkcs12/p12_utl.c | 122 --
src/lib/libcrypto/pkcs12/pk12err.c | 139 --
src/lib/libcrypto/pkcs12/pkcs12.h | 345 ----
src/lib/libcrypto/pkcs7/pk7_attr.c | 89 -
src/lib/libcrypto/pkcs7/pk7_doit.c | 946 ---------
src/lib/libcrypto/pkcs7/pk7_lib.c | 469 -----
src/lib/libcrypto/pkcs7/pk7_mime.c | 685 -------
src/lib/libcrypto/pkcs7/pk7_smime.c | 432 ----
src/lib/libcrypto/pkcs7/pkcs7.h | 505 -----
src/lib/libcrypto/pkcs7/pkcs7err.c | 161 --
src/lib/libcrypto/rand/rand.h | 134 --
src/lib/libcrypto/rand/rand_err.c | 94 -
src/lib/libcrypto/rand/rand_lib.c | 136 --
src/lib/libcrypto/rand/randfile.c | 275 ---
src/lib/libcrypto/rc2/rc2.h | 101 -
src/lib/libcrypto/rc2/rc2_cbc.c | 226 ---
src/lib/libcrypto/rc2/rc2_ecb.c | 88 -
src/lib/libcrypto/rc2/rc2_locl.h | 156 --
src/lib/libcrypto/rc2/rc2_skey.c | 138 --
src/lib/libcrypto/rc2/rc2cfb64.c | 122 --
src/lib/libcrypto/rc2/rc2ofb64.c | 111 --
src/lib/libcrypto/rc2/rrc2.doc | 219 ---
src/lib/libcrypto/rc2/version | 22 -
src/lib/libcrypto/rc4/asm/rc4-586.pl | 173 --
src/lib/libcrypto/rc4/rc4.h | 88 -
src/lib/libcrypto/rc4/rc4_enc.c | 315 ---
src/lib/libcrypto/rc4/rc4_locl.h | 4 -
src/lib/libcrypto/rc4/rc4_skey.c | 117 --
src/lib/libcrypto/ripemd/README | 15 -
src/lib/libcrypto/ripemd/asm/rmd-586.pl | 590 ------
src/lib/libcrypto/ripemd/ripemd.h | 101 -
src/lib/libcrypto/ripemd/rmd_dgst.c | 493 -----
src/lib/libcrypto/ripemd/rmd_locl.h | 160 --
src/lib/libcrypto/ripemd/rmd_one.c | 76 -
src/lib/libcrypto/ripemd/rmdconst.h | 399 ----
src/lib/libcrypto/rsa/rsa.h | 357 ----
src/lib/libcrypto/rsa/rsa_chk.c | 184 --
src/lib/libcrypto/rsa/rsa_eay.c | 579 ------
src/lib/libcrypto/rsa/rsa_err.c | 148 --
src/lib/libcrypto/rsa/rsa_gen.c | 197 --
src/lib/libcrypto/rsa/rsa_lib.c | 388 ----
src/lib/libcrypto/rsa/rsa_none.c | 98 -
src/lib/libcrypto/rsa/rsa_oaep.c | 168 --
src/lib/libcrypto/rsa/rsa_pk1.c | 224 ---
src/lib/libcrypto/rsa/rsa_saos.c | 144 --
src/lib/libcrypto/rsa/rsa_sign.c | 224 ---
src/lib/libcrypto/rsa/rsa_ssl.c | 154 --
src/lib/libcrypto/sha/asm/sha1-586.pl | 540 -----
src/lib/libcrypto/sha/sha.h | 119 --
src/lib/libcrypto/sha/sha1_one.c | 76 -
src/lib/libcrypto/sha/sha1dgst.c | 73 -
src/lib/libcrypto/sha/sha_locl.h | 471 -----
src/lib/libcrypto/stack/safestack.h | 1134 -----------
src/lib/libcrypto/stack/stack.c | 332 ----
src/lib/libcrypto/stack/stack.h | 107 -
src/lib/libcrypto/txt_db/txt_db.c | 383 ----
src/lib/libcrypto/txt_db/txt_db.h | 108 -
src/lib/libcrypto/util/mkerr.pl | 529 -----
src/lib/libcrypto/util/mkstack.pl | 124 --
src/lib/libcrypto/x509/by_dir.c | 351 ----
src/lib/libcrypto/x509/by_file.c | 298 ---
src/lib/libcrypto/x509/x509.h | 1294 ------------
src/lib/libcrypto/x509/x509_att.c | 326 ---
src/lib/libcrypto/x509/x509_cmp.c | 308 ---
src/lib/libcrypto/x509/x509_d2.c | 107 -
src/lib/libcrypto/x509/x509_def.c | 81 -
src/lib/libcrypto/x509/x509_err.c | 152 --
src/lib/libcrypto/x509/x509_ext.c | 191 --
src/lib/libcrypto/x509/x509_lu.c | 529 -----
src/lib/libcrypto/x509/x509_obj.c | 225 ---
src/lib/libcrypto/x509/x509_r2x.c | 110 --
src/lib/libcrypto/x509/x509_req.c | 278 ---
src/lib/libcrypto/x509/x509_set.c | 150 --
src/lib/libcrypto/x509/x509_trs.c | 267 ---
src/lib/libcrypto/x509/x509_txt.c | 150 --
src/lib/libcrypto/x509/x509_v3.c | 267 ---
src/lib/libcrypto/x509/x509_vfy.c | 920 ---------
src/lib/libcrypto/x509/x509_vfy.h | 390 ----
src/lib/libcrypto/x509/x509name.c | 383 ----
src/lib/libcrypto/x509/x509rset.c | 83 -
src/lib/libcrypto/x509/x509spki.c | 121 --
src/lib/libcrypto/x509/x509type.c | 114 --
src/lib/libcrypto/x509/x_all.c | 565 ------
src/lib/libcrypto/x509v3/ext_dat.h | 97 -
src/lib/libcrypto/x509v3/v3_akey.c | 249 ---
src/lib/libcrypto/x509v3/v3_alt.c | 401 ----
src/lib/libcrypto/x509v3/v3_bcons.c | 164 --
src/lib/libcrypto/x509v3/v3_bitst.c | 141 --
src/lib/libcrypto/x509v3/v3_conf.c | 390 ----
src/lib/libcrypto/x509v3/v3_cpols.c | 660 -------
src/lib/libcrypto/x509v3/v3_crld.c | 285 ---
src/lib/libcrypto/x509v3/v3_enum.c | 96 -
src/lib/libcrypto/x509v3/v3_extku.c | 150 --
src/lib/libcrypto/x509v3/v3_genn.c | 291 ---
src/lib/libcrypto/x509v3/v3_ia5.c | 113 --
src/lib/libcrypto/x509v3/v3_info.c | 236 ---
src/lib/libcrypto/x509v3/v3_int.c | 72 -
src/lib/libcrypto/x509v3/v3_lib.c | 225 ---
src/lib/libcrypto/x509v3/v3_pku.c | 151 --
src/lib/libcrypto/x509v3/v3_prn.c | 165 --
src/lib/libcrypto/x509v3/v3_purp.c | 535 -----
src/lib/libcrypto/x509v3/v3_skey.c | 149 --
src/lib/libcrypto/x509v3/v3_sxnet.c | 340 ----
src/lib/libcrypto/x509v3/v3_utl.c | 516 -----
src/lib/libcrypto/x509v3/v3err.c | 176 --
src/lib/libcrypto/x509v3/x509v3.h | 653 ------
src/lib/libssl/LICENSE | 127 --
src/lib/libssl/bio_ssl.c | 586 ------
src/lib/libssl/doc/openssl.cnf | 244 ---
src/lib/libssl/doc/openssl.txt | 1235 ------------
src/lib/libssl/doc/standards.txt | 121 --
src/lib/libssl/s23_clnt.c | 475 -----
src/lib/libssl/s23_lib.c | 236 ---
src/lib/libssl/s23_pkt.c | 117 --
src/lib/libssl/s23_srvr.c | 576 ------
src/lib/libssl/s3_both.c | 588 ------
src/lib/libssl/s3_clnt.c | 1741 ----------------
src/lib/libssl/s3_lib.c | 1379 -------------
src/lib/libssl/s3_pkt.c | 1204 ------------
src/lib/libssl/s3_srvr.c | 1777 -----------------
src/lib/libssl/shlib_version | 2 -
src/lib/libssl/ssl.h | 1566 ---------------
src/lib/libssl/ssl2.h | 269 ---
src/lib/libssl/ssl23.h | 83 -
src/lib/libssl/ssl3.h | 429 ----
src/lib/libssl/ssl_algs.c | 107 -
src/lib/libssl/ssl_asn1.c | 349 ----
src/lib/libssl/ssl_cert.c | 757 -------
src/lib/libssl/ssl_ciph.c | 1071 ----------
src/lib/libssl/ssl_err.c | 435 ----
src/lib/libssl/ssl_err2.c | 70 -
src/lib/libssl/ssl_lib.c | 2074 --------------------
src/lib/libssl/ssl_locl.h | 609 ------
src/lib/libssl/ssl_rsa.c | 815 --------
src/lib/libssl/ssl_sess.c | 681 -------
src/lib/libssl/ssl_stat.c | 454 -----
src/lib/libssl/ssl_txt.c | 174 --
src/lib/libssl/t1_clnt.c | 90 -
src/lib/libssl/t1_enc.c | 648 ------
src/lib/libssl/t1_lib.c | 149 --
src/lib/libssl/t1_meth.c | 88 -
src/lib/libssl/t1_srvr.c | 91 -
src/lib/libssl/test/CAss.cnf | 25 -
src/lib/libssl/test/CAssdh.cnf | 24 -
src/lib/libssl/test/CAssdsa.cnf | 23 -
src/lib/libssl/test/CAssrsa.cnf | 24 -
src/lib/libssl/test/Sssdsa.cnf | 27 -
src/lib/libssl/test/Sssrsa.cnf | 26 -
src/lib/libssl/test/Uss.cnf | 28 -
src/lib/libssl/test/VMSca-response.1 | 1 -
src/lib/libssl/test/VMSca-response.2 | 2 -
src/lib/libssl/test/bctest | 111 --
src/lib/libssl/test/methtest.c | 105 -
src/lib/libssl/test/pkcs7-1.pem | 15 -
src/lib/libssl/test/pkcs7.pem | 54 -
src/lib/libssl/test/r160test.c | 57 -
src/lib/libssl/test/tcrl | 81 -
src/lib/libssl/test/test.cnf | 88 -
src/lib/libssl/test/testca | 44 -
src/lib/libssl/test/testcrl.pem | 16 -
src/lib/libssl/test/testenc | 54 -
src/lib/libssl/test/testgen | 32 -
src/lib/libssl/test/testp7.pem | 46 -
src/lib/libssl/test/testreq2.pem | 7 -
src/lib/libssl/test/testrsa.pem | 9 -
src/lib/libssl/test/testsid.pem | 12 -
src/lib/libssl/test/testss | 90 -
src/lib/libssl/test/testssl | 81 -
src/lib/libssl/test/testx509.pem | 10 -
src/lib/libssl/test/times | 113 --
src/lib/libssl/test/tpkcs7 | 51 -
src/lib/libssl/test/tpkcs7d | 44 -
src/lib/libssl/test/treq | 81 -
src/lib/libssl/test/trsa | 81 -
src/lib/libssl/test/tsid | 81 -
src/lib/libssl/test/tx509 | 81 -
src/lib/libssl/test/v3-cert1.pem | 16 -
src/lib/libssl/test/v3-cert2.pem | 16 -
src/lib/libssl/tls1.h | 164 --
554 files changed, 134971 deletions(-)
delete mode 100644 src/lib/libcrypto/asn1/a_bitstr.c
delete mode 100644 src/lib/libcrypto/asn1/a_bool.c
delete mode 100644 src/lib/libcrypto/asn1/a_bytes.c
delete mode 100644 src/lib/libcrypto/asn1/a_d2i_fp.c
delete mode 100644 src/lib/libcrypto/asn1/a_digest.c
delete mode 100644 src/lib/libcrypto/asn1/a_dup.c
delete mode 100644 src/lib/libcrypto/asn1/a_enum.c
delete mode 100644 src/lib/libcrypto/asn1/a_i2d_fp.c
delete mode 100644 src/lib/libcrypto/asn1/a_int.c
delete mode 100644 src/lib/libcrypto/asn1/a_mbstr.c
delete mode 100644 src/lib/libcrypto/asn1/a_object.c
delete mode 100644 src/lib/libcrypto/asn1/a_octet.c
delete mode 100644 src/lib/libcrypto/asn1/a_print.c
delete mode 100644 src/lib/libcrypto/asn1/a_set.c
delete mode 100644 src/lib/libcrypto/asn1/a_sign.c
delete mode 100644 src/lib/libcrypto/asn1/a_strex.c
delete mode 100644 src/lib/libcrypto/asn1/a_strnid.c
delete mode 100644 src/lib/libcrypto/asn1/a_time.c
delete mode 100644 src/lib/libcrypto/asn1/a_type.c
delete mode 100644 src/lib/libcrypto/asn1/a_utf8.c
delete mode 100644 src/lib/libcrypto/asn1/a_verify.c
delete mode 100644 src/lib/libcrypto/asn1/asn1.h
delete mode 100644 src/lib/libcrypto/asn1/asn1_err.c
delete mode 100644 src/lib/libcrypto/asn1/asn1_lib.c
delete mode 100644 src/lib/libcrypto/asn1/asn1_mac.h
delete mode 100644 src/lib/libcrypto/asn1/asn1_par.c
delete mode 100644 src/lib/libcrypto/asn1/asn_pack.c
delete mode 100644 src/lib/libcrypto/asn1/charmap.h
delete mode 100644 src/lib/libcrypto/asn1/charmap.pl
delete mode 100644 src/lib/libcrypto/asn1/d2i_pr.c
delete mode 100644 src/lib/libcrypto/asn1/d2i_pu.c
delete mode 100644 src/lib/libcrypto/asn1/evp_asn1.c
delete mode 100644 src/lib/libcrypto/asn1/f_enum.c
delete mode 100644 src/lib/libcrypto/asn1/f_int.c
delete mode 100644 src/lib/libcrypto/asn1/f_string.c
delete mode 100644 src/lib/libcrypto/asn1/i2d_pr.c
delete mode 100644 src/lib/libcrypto/asn1/i2d_pu.c
delete mode 100644 src/lib/libcrypto/asn1/n_pkey.c
delete mode 100644 src/lib/libcrypto/asn1/nsseq.c
delete mode 100644 src/lib/libcrypto/asn1/p5_pbe.c
delete mode 100644 src/lib/libcrypto/asn1/p5_pbev2.c
delete mode 100644 src/lib/libcrypto/asn1/p8_pkey.c
delete mode 100644 src/lib/libcrypto/asn1/t_bitst.c
delete mode 100644 src/lib/libcrypto/asn1/t_crl.c
delete mode 100644 src/lib/libcrypto/asn1/t_pkey.c
delete mode 100644 src/lib/libcrypto/asn1/t_req.c
delete mode 100644 src/lib/libcrypto/asn1/t_spki.c
delete mode 100644 src/lib/libcrypto/asn1/t_x509.c
delete mode 100644 src/lib/libcrypto/asn1/t_x509a.c
delete mode 100644 src/lib/libcrypto/asn1/x_algor.c
delete mode 100644 src/lib/libcrypto/asn1/x_attrib.c
delete mode 100644 src/lib/libcrypto/asn1/x_crl.c
delete mode 100644 src/lib/libcrypto/asn1/x_exten.c
delete mode 100644 src/lib/libcrypto/asn1/x_info.c
delete mode 100644 src/lib/libcrypto/asn1/x_name.c
delete mode 100644 src/lib/libcrypto/asn1/x_pkey.c
delete mode 100644 src/lib/libcrypto/asn1/x_pubkey.c
delete mode 100644 src/lib/libcrypto/asn1/x_req.c
delete mode 100644 src/lib/libcrypto/asn1/x_sig.c
delete mode 100644 src/lib/libcrypto/asn1/x_spki.c
delete mode 100644 src/lib/libcrypto/asn1/x_val.c
delete mode 100644 src/lib/libcrypto/asn1/x_x509.c
delete mode 100644 src/lib/libcrypto/asn1/x_x509a.c
delete mode 100644 src/lib/libcrypto/bf/COPYRIGHT
delete mode 100644 src/lib/libcrypto/bf/INSTALL
delete mode 100644 src/lib/libcrypto/bf/README
delete mode 100644 src/lib/libcrypto/bf/VERSION
delete mode 100644 src/lib/libcrypto/bf/asm/bf-586.pl
delete mode 100644 src/lib/libcrypto/bf/bf_cbc.c
delete mode 100644 src/lib/libcrypto/bf/bf_cfb64.c
delete mode 100644 src/lib/libcrypto/bf/bf_ecb.c
delete mode 100644 src/lib/libcrypto/bf/bf_enc.c
delete mode 100644 src/lib/libcrypto/bf/bf_locl.h
delete mode 100644 src/lib/libcrypto/bf/bf_ofb64.c
delete mode 100644 src/lib/libcrypto/bf/bf_pi.h
delete mode 100644 src/lib/libcrypto/bf/bf_skey.c
delete mode 100644 src/lib/libcrypto/bf/blowfish.h
delete mode 100644 src/lib/libcrypto/bio/b_dump.c
delete mode 100644 src/lib/libcrypto/bio/b_print.c
delete mode 100644 src/lib/libcrypto/bio/b_sock.c
delete mode 100644 src/lib/libcrypto/bio/bf_buff.c
delete mode 100644 src/lib/libcrypto/bio/bf_lbuf.c
delete mode 100644 src/lib/libcrypto/bio/bf_nbio.c
delete mode 100644 src/lib/libcrypto/bio/bf_null.c
delete mode 100644 src/lib/libcrypto/bio/bio.h
delete mode 100644 src/lib/libcrypto/bio/bio_cb.c
delete mode 100644 src/lib/libcrypto/bio/bio_err.c
delete mode 100644 src/lib/libcrypto/bio/bio_lib.c
delete mode 100644 src/lib/libcrypto/bio/bss_acpt.c
delete mode 100644 src/lib/libcrypto/bio/bss_bio.c
delete mode 100644 src/lib/libcrypto/bio/bss_conn.c
delete mode 100644 src/lib/libcrypto/bio/bss_fd.c
delete mode 100644 src/lib/libcrypto/bio/bss_file.c
delete mode 100644 src/lib/libcrypto/bio/bss_log.c
delete mode 100644 src/lib/libcrypto/bio/bss_mem.c
delete mode 100644 src/lib/libcrypto/bio/bss_null.c
delete mode 100644 src/lib/libcrypto/bio/bss_sock.c
delete mode 100644 src/lib/libcrypto/bn/asm/bn-586.pl
delete mode 100644 src/lib/libcrypto/bn/asm/co-586.pl
delete mode 100644 src/lib/libcrypto/bn/asm/pa-risc2.s
delete mode 100644 src/lib/libcrypto/bn/asm/pa-risc2W.s
delete mode 100644 src/lib/libcrypto/bn/asm/sparcv8.S
delete mode 100644 src/lib/libcrypto/bn/asm/sparcv8plus.S
delete mode 100644 src/lib/libcrypto/bn/asm/x86.pl
delete mode 100644 src/lib/libcrypto/bn/asm/x86/add.pl
delete mode 100644 src/lib/libcrypto/bn/asm/x86/comba.pl
delete mode 100644 src/lib/libcrypto/bn/asm/x86/div.pl
delete mode 100644 src/lib/libcrypto/bn/asm/x86/mul.pl
delete mode 100644 src/lib/libcrypto/bn/asm/x86/mul_add.pl
delete mode 100644 src/lib/libcrypto/bn/asm/x86/sqr.pl
delete mode 100644 src/lib/libcrypto/bn/asm/x86/sub.pl
delete mode 100644 src/lib/libcrypto/bn/bn.h
delete mode 100644 src/lib/libcrypto/bn/bn_add.c
delete mode 100644 src/lib/libcrypto/bn/bn_asm.c
delete mode 100644 src/lib/libcrypto/bn/bn_blind.c
delete mode 100644 src/lib/libcrypto/bn/bn_ctx.c
delete mode 100644 src/lib/libcrypto/bn/bn_div.c
delete mode 100644 src/lib/libcrypto/bn/bn_err.c
delete mode 100644 src/lib/libcrypto/bn/bn_exp.c
delete mode 100644 src/lib/libcrypto/bn/bn_exp2.c
delete mode 100644 src/lib/libcrypto/bn/bn_gcd.c
delete mode 100644 src/lib/libcrypto/bn/bn_lcl.h
delete mode 100644 src/lib/libcrypto/bn/bn_lib.c
delete mode 100644 src/lib/libcrypto/bn/bn_mont.c
delete mode 100644 src/lib/libcrypto/bn/bn_mpi.c
delete mode 100644 src/lib/libcrypto/bn/bn_mul.c
delete mode 100644 src/lib/libcrypto/bn/bn_prime.c
delete mode 100644 src/lib/libcrypto/bn/bn_prime.h
delete mode 100644 src/lib/libcrypto/bn/bn_prime.pl
delete mode 100644 src/lib/libcrypto/bn/bn_print.c
delete mode 100644 src/lib/libcrypto/bn/bn_rand.c
delete mode 100644 src/lib/libcrypto/bn/bn_recp.c
delete mode 100644 src/lib/libcrypto/bn/bn_shift.c
delete mode 100644 src/lib/libcrypto/bn/bn_sqr.c
delete mode 100644 src/lib/libcrypto/bn/bn_word.c
delete mode 100644 src/lib/libcrypto/buffer/buf_err.c
delete mode 100644 src/lib/libcrypto/buffer/buffer.c
delete mode 100644 src/lib/libcrypto/buffer/buffer.h
delete mode 100644 src/lib/libcrypto/cast/asm/cast-586.pl
delete mode 100644 src/lib/libcrypto/cast/c_cfb64.c
delete mode 100644 src/lib/libcrypto/cast/c_ecb.c
delete mode 100644 src/lib/libcrypto/cast/c_enc.c
delete mode 100644 src/lib/libcrypto/cast/c_ofb64.c
delete mode 100644 src/lib/libcrypto/cast/c_skey.c
delete mode 100644 src/lib/libcrypto/cast/cast.h
delete mode 100644 src/lib/libcrypto/cast/cast_lcl.h
delete mode 100644 src/lib/libcrypto/cast/cast_s.h
delete mode 100644 src/lib/libcrypto/comp/c_rle.c
delete mode 100644 src/lib/libcrypto/comp/c_zlib.c
delete mode 100644 src/lib/libcrypto/comp/comp.h
delete mode 100644 src/lib/libcrypto/comp/comp_err.c
delete mode 100644 src/lib/libcrypto/comp/comp_lib.c
delete mode 100644 src/lib/libcrypto/conf/conf.h
delete mode 100644 src/lib/libcrypto/conf/conf_api.c
delete mode 100644 src/lib/libcrypto/conf/conf_api.h
delete mode 100644 src/lib/libcrypto/conf/conf_def.c
delete mode 100644 src/lib/libcrypto/conf/conf_def.h
delete mode 100644 src/lib/libcrypto/conf/conf_err.c
delete mode 100644 src/lib/libcrypto/conf/conf_lib.c
delete mode 100644 src/lib/libcrypto/conf/keysets.pl
delete mode 100644 src/lib/libcrypto/conf/ssleay.cnf
delete mode 100644 src/lib/libcrypto/cpt_err.c
delete mode 100644 src/lib/libcrypto/cryptlib.c
delete mode 100644 src/lib/libcrypto/cryptlib.h
delete mode 100644 src/lib/libcrypto/crypto.h
delete mode 100644 src/lib/libcrypto/cversion.c
delete mode 100644 src/lib/libcrypto/des/COPYRIGHT
delete mode 100644 src/lib/libcrypto/des/asm/crypt586.pl
delete mode 100644 src/lib/libcrypto/des/asm/des-586.pl
delete mode 100644 src/lib/libcrypto/des/asm/desboth.pl
delete mode 100644 src/lib/libcrypto/des/cbc_cksm.c
delete mode 100644 src/lib/libcrypto/des/cbc_enc.c
delete mode 100644 src/lib/libcrypto/des/cfb64ede.c
delete mode 100644 src/lib/libcrypto/des/cfb64enc.c
delete mode 100644 src/lib/libcrypto/des/cfb_enc.c
delete mode 100644 src/lib/libcrypto/des/des.h
delete mode 100644 src/lib/libcrypto/des/des_enc.c
delete mode 100644 src/lib/libcrypto/des/des_locl.h
delete mode 100644 src/lib/libcrypto/des/ecb3_enc.c
delete mode 100644 src/lib/libcrypto/des/ecb_enc.c
delete mode 100644 src/lib/libcrypto/des/ede_cbcm_enc.c
delete mode 100644 src/lib/libcrypto/des/enc_read.c
delete mode 100644 src/lib/libcrypto/des/enc_writ.c
delete mode 100644 src/lib/libcrypto/des/fcrypt.c
delete mode 100644 src/lib/libcrypto/des/fcrypt_b.c
delete mode 100644 src/lib/libcrypto/des/ncbc_enc.c
delete mode 100644 src/lib/libcrypto/des/ofb64ede.c
delete mode 100644 src/lib/libcrypto/des/ofb64enc.c
delete mode 100644 src/lib/libcrypto/des/ofb_enc.c
delete mode 100644 src/lib/libcrypto/des/pcbc_enc.c
delete mode 100644 src/lib/libcrypto/des/qud_cksm.c
delete mode 100644 src/lib/libcrypto/des/rand_key.c
delete mode 100644 src/lib/libcrypto/des/set_key.c
delete mode 100644 src/lib/libcrypto/des/spr.h
delete mode 100644 src/lib/libcrypto/des/str2key.c
delete mode 100644 src/lib/libcrypto/des/xcbc_enc.c
delete mode 100644 src/lib/libcrypto/dh/dh.h
delete mode 100644 src/lib/libcrypto/dh/dh_check.c
delete mode 100644 src/lib/libcrypto/dh/dh_err.c
delete mode 100644 src/lib/libcrypto/dh/dh_gen.c
delete mode 100644 src/lib/libcrypto/dh/dh_key.c
delete mode 100644 src/lib/libcrypto/dh/dh_lib.c
delete mode 100644 src/lib/libcrypto/doc/DH_generate_key.pod
delete mode 100644 src/lib/libcrypto/doc/DH_generate_parameters.pod
delete mode 100644 src/lib/libcrypto/doc/DH_get_ex_new_index.pod
delete mode 100644 src/lib/libcrypto/doc/DH_new.pod
delete mode 100644 src/lib/libcrypto/doc/DH_set_method.pod
delete mode 100644 src/lib/libcrypto/doc/DH_size.pod
delete mode 100644 src/lib/libcrypto/doc/DSA_SIG_new.pod
delete mode 100644 src/lib/libcrypto/doc/DSA_do_sign.pod
delete mode 100644 src/lib/libcrypto/doc/DSA_dup_DH.pod
delete mode 100644 src/lib/libcrypto/doc/DSA_generate_key.pod
delete mode 100644 src/lib/libcrypto/doc/DSA_generate_parameters.pod
delete mode 100644 src/lib/libcrypto/doc/DSA_get_ex_new_index.pod
delete mode 100644 src/lib/libcrypto/doc/DSA_new.pod
delete mode 100644 src/lib/libcrypto/doc/DSA_set_method.pod
delete mode 100644 src/lib/libcrypto/doc/DSA_sign.pod
delete mode 100644 src/lib/libcrypto/doc/DSA_size.pod
delete mode 100644 src/lib/libcrypto/doc/ERR_GET_LIB.pod
delete mode 100644 src/lib/libcrypto/doc/ERR_clear_error.pod
delete mode 100644 src/lib/libcrypto/doc/ERR_error_string.pod
delete mode 100644 src/lib/libcrypto/doc/ERR_get_error.pod
delete mode 100644 src/lib/libcrypto/doc/ERR_load_crypto_strings.pod
delete mode 100644 src/lib/libcrypto/doc/ERR_load_strings.pod
delete mode 100644 src/lib/libcrypto/doc/ERR_print_errors.pod
delete mode 100644 src/lib/libcrypto/doc/ERR_put_error.pod
delete mode 100644 src/lib/libcrypto/doc/ERR_remove_state.pod
delete mode 100644 src/lib/libcrypto/doc/EVP_DigestInit.pod
delete mode 100644 src/lib/libcrypto/doc/EVP_EncryptInit.pod
delete mode 100644 src/lib/libcrypto/doc/EVP_OpenInit.pod
delete mode 100644 src/lib/libcrypto/doc/EVP_SealInit.pod
delete mode 100644 src/lib/libcrypto/doc/EVP_SignInit.pod
delete mode 100644 src/lib/libcrypto/doc/EVP_VerifyInit.pod
delete mode 100644 src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod
delete mode 100644 src/lib/libcrypto/doc/OpenSSL_add_all_algorithms.pod
delete mode 100644 src/lib/libcrypto/doc/RAND_add.pod
delete mode 100644 src/lib/libcrypto/doc/RAND_bytes.pod
delete mode 100644 src/lib/libcrypto/doc/RAND_cleanup.pod
delete mode 100644 src/lib/libcrypto/doc/RAND_load_file.pod
delete mode 100644 src/lib/libcrypto/doc/RAND_set_rand_method.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_blinding_on.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_check_key.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_generate_key.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_get_ex_new_index.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_new.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_print.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_private_encrypt.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_public_encrypt.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_set_method.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_sign.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod
delete mode 100644 src/lib/libcrypto/doc/RSA_size.pod
delete mode 100644 src/lib/libcrypto/doc/bn.pod
delete mode 100644 src/lib/libcrypto/doc/d2i_DHparams.pod
delete mode 100644 src/lib/libcrypto/doc/d2i_RSAPublicKey.pod
delete mode 100644 src/lib/libcrypto/doc/dh.pod
delete mode 100644 src/lib/libcrypto/doc/dsa.pod
delete mode 100644 src/lib/libcrypto/doc/evp.pod
delete mode 100644 src/lib/libcrypto/doc/lh_stats.pod
delete mode 100644 src/lib/libcrypto/doc/rsa.pod
delete mode 100644 src/lib/libcrypto/dsa/dsa.h
delete mode 100644 src/lib/libcrypto/dsa/dsa_asn1.c
delete mode 100644 src/lib/libcrypto/dsa/dsa_err.c
delete mode 100644 src/lib/libcrypto/dsa/dsa_gen.c
delete mode 100644 src/lib/libcrypto/dsa/dsa_key.c
delete mode 100644 src/lib/libcrypto/dsa/dsa_lib.c
delete mode 100644 src/lib/libcrypto/dsa/dsa_ossl.c
delete mode 100644 src/lib/libcrypto/dsa/dsa_sign.c
delete mode 100644 src/lib/libcrypto/dsa/dsa_vrf.c
delete mode 100644 src/lib/libcrypto/dso/dso.h
delete mode 100644 src/lib/libcrypto/dso/dso_dlfcn.c
delete mode 100644 src/lib/libcrypto/dso/dso_err.c
delete mode 100644 src/lib/libcrypto/dso/dso_lib.c
delete mode 100644 src/lib/libcrypto/dso/dso_null.c
delete mode 100644 src/lib/libcrypto/dso/dso_openssl.c
delete mode 100644 src/lib/libcrypto/engine/README
delete mode 100644 src/lib/libcrypto/engine/engine.h
delete mode 100644 src/lib/libcrypto/err/err.c
delete mode 100644 src/lib/libcrypto/err/err.h
delete mode 100644 src/lib/libcrypto/err/err_all.c
delete mode 100644 src/lib/libcrypto/err/err_prn.c
delete mode 100644 src/lib/libcrypto/err/openssl.ec
delete mode 100644 src/lib/libcrypto/evp/bio_b64.c
delete mode 100644 src/lib/libcrypto/evp/bio_enc.c
delete mode 100644 src/lib/libcrypto/evp/bio_md.c
delete mode 100644 src/lib/libcrypto/evp/c_all.c
delete mode 100644 src/lib/libcrypto/evp/digest.c
delete mode 100644 src/lib/libcrypto/evp/e_bf.c
delete mode 100644 src/lib/libcrypto/evp/e_cast.c
delete mode 100644 src/lib/libcrypto/evp/e_des.c
delete mode 100644 src/lib/libcrypto/evp/e_des3.c
delete mode 100644 src/lib/libcrypto/evp/e_idea.c
delete mode 100644 src/lib/libcrypto/evp/e_null.c
delete mode 100644 src/lib/libcrypto/evp/e_rc2.c
delete mode 100644 src/lib/libcrypto/evp/e_rc4.c
delete mode 100644 src/lib/libcrypto/evp/e_xcbc_d.c
delete mode 100644 src/lib/libcrypto/evp/encode.c
delete mode 100644 src/lib/libcrypto/evp/evp.h
delete mode 100644 src/lib/libcrypto/evp/evp_enc.c
delete mode 100644 src/lib/libcrypto/evp/evp_err.c
delete mode 100644 src/lib/libcrypto/evp/evp_key.c
delete mode 100644 src/lib/libcrypto/evp/evp_lib.c
delete mode 100644 src/lib/libcrypto/evp/evp_locl.h
delete mode 100644 src/lib/libcrypto/evp/evp_pbe.c
delete mode 100644 src/lib/libcrypto/evp/evp_pkey.c
delete mode 100644 src/lib/libcrypto/evp/m_dss.c
delete mode 100644 src/lib/libcrypto/evp/m_dss1.c
delete mode 100644 src/lib/libcrypto/evp/m_md4.c
delete mode 100644 src/lib/libcrypto/evp/m_md5.c
delete mode 100644 src/lib/libcrypto/evp/m_null.c
delete mode 100644 src/lib/libcrypto/evp/m_ripemd.c
delete mode 100644 src/lib/libcrypto/evp/m_sha1.c
delete mode 100644 src/lib/libcrypto/evp/names.c
delete mode 100644 src/lib/libcrypto/evp/p5_crpt.c
delete mode 100644 src/lib/libcrypto/evp/p5_crpt2.c
delete mode 100644 src/lib/libcrypto/evp/p_dec.c
delete mode 100644 src/lib/libcrypto/evp/p_enc.c
delete mode 100644 src/lib/libcrypto/evp/p_lib.c
delete mode 100644 src/lib/libcrypto/evp/p_open.c
delete mode 100644 src/lib/libcrypto/evp/p_seal.c
delete mode 100644 src/lib/libcrypto/evp/p_sign.c
delete mode 100644 src/lib/libcrypto/evp/p_verify.c
delete mode 100644 src/lib/libcrypto/ex_data.c
delete mode 100644 src/lib/libcrypto/hmac/hmac.c
delete mode 100644 src/lib/libcrypto/hmac/hmac.h
delete mode 100644 src/lib/libcrypto/idea/idea.h
delete mode 100644 src/lib/libcrypto/lhash/lh_stats.c
delete mode 100644 src/lib/libcrypto/lhash/lhash.c
delete mode 100644 src/lib/libcrypto/lhash/lhash.h
delete mode 100644 src/lib/libcrypto/md32_common.h
delete mode 100644 src/lib/libcrypto/md4/md4.h
delete mode 100644 src/lib/libcrypto/md4/md4_dgst.c
delete mode 100644 src/lib/libcrypto/md4/md4_locl.h
delete mode 100644 src/lib/libcrypto/md4/md4_one.c
delete mode 100644 src/lib/libcrypto/md5/asm/md5-586.pl
delete mode 100644 src/lib/libcrypto/md5/md5.h
delete mode 100644 src/lib/libcrypto/md5/md5_dgst.c
delete mode 100644 src/lib/libcrypto/md5/md5_locl.h
delete mode 100644 src/lib/libcrypto/md5/md5_one.c
delete mode 100644 src/lib/libcrypto/mem_dbg.c
delete mode 100644 src/lib/libcrypto/objects/o_names.c
delete mode 100644 src/lib/libcrypto/objects/obj_dat.c
delete mode 100644 src/lib/libcrypto/objects/obj_dat.pl
delete mode 100644 src/lib/libcrypto/objects/obj_err.c
delete mode 100644 src/lib/libcrypto/objects/obj_lib.c
delete mode 100644 src/lib/libcrypto/objects/obj_mac.num
delete mode 100644 src/lib/libcrypto/objects/objects.README
delete mode 100644 src/lib/libcrypto/objects/objects.h
delete mode 100644 src/lib/libcrypto/objects/objects.pl
delete mode 100644 src/lib/libcrypto/objects/objects.txt
delete mode 100644 src/lib/libcrypto/opensslv.h
delete mode 100644 src/lib/libcrypto/pem/message
delete mode 100644 src/lib/libcrypto/pem/pem.h
delete mode 100644 src/lib/libcrypto/pem/pem2.h
delete mode 100644 src/lib/libcrypto/pem/pem_all.c
delete mode 100644 src/lib/libcrypto/pem/pem_err.c
delete mode 100644 src/lib/libcrypto/pem/pem_info.c
delete mode 100644 src/lib/libcrypto/pem/pem_lib.c
delete mode 100644 src/lib/libcrypto/pem/pem_seal.c
delete mode 100644 src/lib/libcrypto/pem/pem_sign.c
delete mode 100644 src/lib/libcrypto/pem/pkcs7.lis
delete mode 100644 src/lib/libcrypto/perlasm/cbc.pl
delete mode 100644 src/lib/libcrypto/perlasm/readme
delete mode 100644 src/lib/libcrypto/perlasm/x86asm.pl
delete mode 100644 src/lib/libcrypto/pkcs12/p12_add.c
delete mode 100644 src/lib/libcrypto/pkcs12/p12_attr.c
delete mode 100644 src/lib/libcrypto/pkcs12/p12_crpt.c
delete mode 100644 src/lib/libcrypto/pkcs12/p12_crt.c
delete mode 100644 src/lib/libcrypto/pkcs12/p12_decr.c
delete mode 100644 src/lib/libcrypto/pkcs12/p12_init.c
delete mode 100644 src/lib/libcrypto/pkcs12/p12_key.c
delete mode 100644 src/lib/libcrypto/pkcs12/p12_kiss.c
delete mode 100644 src/lib/libcrypto/pkcs12/p12_mutl.c
delete mode 100644 src/lib/libcrypto/pkcs12/p12_npas.c
delete mode 100644 src/lib/libcrypto/pkcs12/p12_utl.c
delete mode 100644 src/lib/libcrypto/pkcs12/pk12err.c
delete mode 100644 src/lib/libcrypto/pkcs12/pkcs12.h
delete mode 100644 src/lib/libcrypto/pkcs7/pk7_attr.c
delete mode 100644 src/lib/libcrypto/pkcs7/pk7_doit.c
delete mode 100644 src/lib/libcrypto/pkcs7/pk7_lib.c
delete mode 100644 src/lib/libcrypto/pkcs7/pk7_mime.c
delete mode 100644 src/lib/libcrypto/pkcs7/pk7_smime.c
delete mode 100644 src/lib/libcrypto/pkcs7/pkcs7.h
delete mode 100644 src/lib/libcrypto/pkcs7/pkcs7err.c
delete mode 100644 src/lib/libcrypto/rand/rand.h
delete mode 100644 src/lib/libcrypto/rand/rand_err.c
delete mode 100644 src/lib/libcrypto/rand/rand_lib.c
delete mode 100644 src/lib/libcrypto/rand/randfile.c
delete mode 100644 src/lib/libcrypto/rc2/rc2.h
delete mode 100644 src/lib/libcrypto/rc2/rc2_cbc.c
delete mode 100644 src/lib/libcrypto/rc2/rc2_ecb.c
delete mode 100644 src/lib/libcrypto/rc2/rc2_locl.h
delete mode 100644 src/lib/libcrypto/rc2/rc2_skey.c
delete mode 100644 src/lib/libcrypto/rc2/rc2cfb64.c
delete mode 100644 src/lib/libcrypto/rc2/rc2ofb64.c
delete mode 100644 src/lib/libcrypto/rc2/rrc2.doc
delete mode 100644 src/lib/libcrypto/rc2/version
delete mode 100644 src/lib/libcrypto/rc4/asm/rc4-586.pl
delete mode 100644 src/lib/libcrypto/rc4/rc4.h
delete mode 100644 src/lib/libcrypto/rc4/rc4_enc.c
delete mode 100644 src/lib/libcrypto/rc4/rc4_locl.h
delete mode 100644 src/lib/libcrypto/rc4/rc4_skey.c
delete mode 100644 src/lib/libcrypto/ripemd/README
delete mode 100644 src/lib/libcrypto/ripemd/asm/rmd-586.pl
delete mode 100644 src/lib/libcrypto/ripemd/ripemd.h
delete mode 100644 src/lib/libcrypto/ripemd/rmd_dgst.c
delete mode 100644 src/lib/libcrypto/ripemd/rmd_locl.h
delete mode 100644 src/lib/libcrypto/ripemd/rmd_one.c
delete mode 100644 src/lib/libcrypto/ripemd/rmdconst.h
delete mode 100644 src/lib/libcrypto/rsa/rsa.h
delete mode 100644 src/lib/libcrypto/rsa/rsa_chk.c
delete mode 100644 src/lib/libcrypto/rsa/rsa_eay.c
delete mode 100644 src/lib/libcrypto/rsa/rsa_err.c
delete mode 100644 src/lib/libcrypto/rsa/rsa_gen.c
delete mode 100644 src/lib/libcrypto/rsa/rsa_lib.c
delete mode 100644 src/lib/libcrypto/rsa/rsa_none.c
delete mode 100644 src/lib/libcrypto/rsa/rsa_oaep.c
delete mode 100644 src/lib/libcrypto/rsa/rsa_pk1.c
delete mode 100644 src/lib/libcrypto/rsa/rsa_saos.c
delete mode 100644 src/lib/libcrypto/rsa/rsa_sign.c
delete mode 100644 src/lib/libcrypto/rsa/rsa_ssl.c
delete mode 100644 src/lib/libcrypto/sha/asm/sha1-586.pl
delete mode 100644 src/lib/libcrypto/sha/sha.h
delete mode 100644 src/lib/libcrypto/sha/sha1_one.c
delete mode 100644 src/lib/libcrypto/sha/sha1dgst.c
delete mode 100644 src/lib/libcrypto/sha/sha_locl.h
delete mode 100644 src/lib/libcrypto/stack/safestack.h
delete mode 100644 src/lib/libcrypto/stack/stack.c
delete mode 100644 src/lib/libcrypto/stack/stack.h
delete mode 100644 src/lib/libcrypto/txt_db/txt_db.c
delete mode 100644 src/lib/libcrypto/txt_db/txt_db.h
delete mode 100644 src/lib/libcrypto/util/mkerr.pl
delete mode 100644 src/lib/libcrypto/util/mkstack.pl
delete mode 100644 src/lib/libcrypto/x509/by_dir.c
delete mode 100644 src/lib/libcrypto/x509/by_file.c
delete mode 100644 src/lib/libcrypto/x509/x509.h
delete mode 100644 src/lib/libcrypto/x509/x509_att.c
delete mode 100644 src/lib/libcrypto/x509/x509_cmp.c
delete mode 100644 src/lib/libcrypto/x509/x509_d2.c
delete mode 100644 src/lib/libcrypto/x509/x509_def.c
delete mode 100644 src/lib/libcrypto/x509/x509_err.c
delete mode 100644 src/lib/libcrypto/x509/x509_ext.c
delete mode 100644 src/lib/libcrypto/x509/x509_lu.c
delete mode 100644 src/lib/libcrypto/x509/x509_obj.c
delete mode 100644 src/lib/libcrypto/x509/x509_r2x.c
delete mode 100644 src/lib/libcrypto/x509/x509_req.c
delete mode 100644 src/lib/libcrypto/x509/x509_set.c
delete mode 100644 src/lib/libcrypto/x509/x509_trs.c
delete mode 100644 src/lib/libcrypto/x509/x509_txt.c
delete mode 100644 src/lib/libcrypto/x509/x509_v3.c
delete mode 100644 src/lib/libcrypto/x509/x509_vfy.c
delete mode 100644 src/lib/libcrypto/x509/x509_vfy.h
delete mode 100644 src/lib/libcrypto/x509/x509name.c
delete mode 100644 src/lib/libcrypto/x509/x509rset.c
delete mode 100644 src/lib/libcrypto/x509/x509spki.c
delete mode 100644 src/lib/libcrypto/x509/x509type.c
delete mode 100644 src/lib/libcrypto/x509/x_all.c
delete mode 100644 src/lib/libcrypto/x509v3/ext_dat.h
delete mode 100644 src/lib/libcrypto/x509v3/v3_akey.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_alt.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_bcons.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_bitst.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_conf.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_cpols.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_crld.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_enum.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_extku.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_genn.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_ia5.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_info.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_int.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_lib.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_pku.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_prn.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_purp.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_skey.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_sxnet.c
delete mode 100644 src/lib/libcrypto/x509v3/v3_utl.c
delete mode 100644 src/lib/libcrypto/x509v3/v3err.c
delete mode 100644 src/lib/libcrypto/x509v3/x509v3.h
delete mode 100644 src/lib/libssl/LICENSE
delete mode 100644 src/lib/libssl/bio_ssl.c
delete mode 100644 src/lib/libssl/doc/openssl.cnf
delete mode 100644 src/lib/libssl/doc/openssl.txt
delete mode 100644 src/lib/libssl/doc/standards.txt
delete mode 100644 src/lib/libssl/s23_clnt.c
delete mode 100644 src/lib/libssl/s23_lib.c
delete mode 100644 src/lib/libssl/s23_pkt.c
delete mode 100644 src/lib/libssl/s23_srvr.c
delete mode 100644 src/lib/libssl/s3_both.c
delete mode 100644 src/lib/libssl/s3_clnt.c
delete mode 100644 src/lib/libssl/s3_lib.c
delete mode 100644 src/lib/libssl/s3_pkt.c
delete mode 100644 src/lib/libssl/s3_srvr.c
delete mode 100644 src/lib/libssl/shlib_version
delete mode 100644 src/lib/libssl/ssl.h
delete mode 100644 src/lib/libssl/ssl2.h
delete mode 100644 src/lib/libssl/ssl23.h
delete mode 100644 src/lib/libssl/ssl3.h
delete mode 100644 src/lib/libssl/ssl_algs.c
delete mode 100644 src/lib/libssl/ssl_asn1.c
delete mode 100644 src/lib/libssl/ssl_cert.c
delete mode 100644 src/lib/libssl/ssl_ciph.c
delete mode 100644 src/lib/libssl/ssl_err.c
delete mode 100644 src/lib/libssl/ssl_err2.c
delete mode 100644 src/lib/libssl/ssl_lib.c
delete mode 100644 src/lib/libssl/ssl_locl.h
delete mode 100644 src/lib/libssl/ssl_rsa.c
delete mode 100644 src/lib/libssl/ssl_sess.c
delete mode 100644 src/lib/libssl/ssl_stat.c
delete mode 100644 src/lib/libssl/ssl_txt.c
delete mode 100644 src/lib/libssl/t1_clnt.c
delete mode 100644 src/lib/libssl/t1_enc.c
delete mode 100644 src/lib/libssl/t1_lib.c
delete mode 100644 src/lib/libssl/t1_meth.c
delete mode 100644 src/lib/libssl/t1_srvr.c
delete mode 100644 src/lib/libssl/test/CAss.cnf
delete mode 100644 src/lib/libssl/test/CAssdh.cnf
delete mode 100644 src/lib/libssl/test/CAssdsa.cnf
delete mode 100644 src/lib/libssl/test/CAssrsa.cnf
delete mode 100644 src/lib/libssl/test/Sssdsa.cnf
delete mode 100644 src/lib/libssl/test/Sssrsa.cnf
delete mode 100644 src/lib/libssl/test/Uss.cnf
delete mode 100644 src/lib/libssl/test/VMSca-response.1
delete mode 100644 src/lib/libssl/test/VMSca-response.2
delete mode 100644 src/lib/libssl/test/bctest
delete mode 100644 src/lib/libssl/test/methtest.c
delete mode 100644 src/lib/libssl/test/pkcs7-1.pem
delete mode 100644 src/lib/libssl/test/pkcs7.pem
delete mode 100644 src/lib/libssl/test/r160test.c
delete mode 100644 src/lib/libssl/test/tcrl
delete mode 100644 src/lib/libssl/test/test.cnf
delete mode 100644 src/lib/libssl/test/testca
delete mode 100644 src/lib/libssl/test/testcrl.pem
delete mode 100644 src/lib/libssl/test/testenc
delete mode 100644 src/lib/libssl/test/testgen
delete mode 100644 src/lib/libssl/test/testp7.pem
delete mode 100644 src/lib/libssl/test/testreq2.pem
delete mode 100644 src/lib/libssl/test/testrsa.pem
delete mode 100644 src/lib/libssl/test/testsid.pem
delete mode 100644 src/lib/libssl/test/testss
delete mode 100644 src/lib/libssl/test/testssl
delete mode 100644 src/lib/libssl/test/testx509.pem
delete mode 100644 src/lib/libssl/test/times
delete mode 100644 src/lib/libssl/test/tpkcs7
delete mode 100644 src/lib/libssl/test/tpkcs7d
delete mode 100644 src/lib/libssl/test/treq
delete mode 100644 src/lib/libssl/test/trsa
delete mode 100644 src/lib/libssl/test/tsid
delete mode 100644 src/lib/libssl/test/tx509
delete mode 100644 src/lib/libssl/test/v3-cert1.pem
delete mode 100644 src/lib/libssl/test/v3-cert2.pem
delete mode 100644 src/lib/libssl/tls1.h
diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c
deleted file mode 100644
index 7013a407ad..0000000000
--- a/src/lib/libcrypto/asn1/a_bitstr.c
+++ /dev/null
@@ -1,259 +0,0 @@
-/* crypto/asn1/a_bitstr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_BIT_STRING *ASN1_BIT_STRING_new(void)
-{ return M_ASN1_BIT_STRING_new(); }
-
-void ASN1_BIT_STRING_free(ASN1_BIT_STRING *x)
-{ M_ASN1_BIT_STRING_free(x); }
-
-int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
-{ return M_ASN1_BIT_STRING_set(x, d, len); }
-
-int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
-{
- int len, ret;
- len = i2c_ASN1_BIT_STRING(a, NULL);
- ret=ASN1_object_size(0,len,V_ASN1_BIT_STRING);
- if(pp) {
- ASN1_put_object(pp,0,len,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
- i2c_ASN1_BIT_STRING(a, pp);
- }
- return ret;
-}
-
-int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
- {
- int ret,j,bits,len;
- unsigned char *p,*d;
-
- if (a == NULL) return(0);
-
- len=a->length;
- ret=1+len;
- if (pp == NULL) return(ret);
-
- if (len > 0)
- {
- if (a->flags & ASN1_STRING_FLAG_BITS_LEFT)
- {
- bits=(int)a->flags&0x07;
- }
- else
- {
- for ( ; len > 0; len--)
- {
- if (a->data[len-1]) break;
- }
- j=a->data[len-1];
- if (j & 0x01) bits=0;
- else if (j & 0x02) bits=1;
- else if (j & 0x04) bits=2;
- else if (j & 0x08) bits=3;
- else if (j & 0x10) bits=4;
- else if (j & 0x20) bits=5;
- else if (j & 0x40) bits=6;
- else if (j & 0x80) bits=7;
- else bits=0; /* should not happen */
- }
- }
- else
- bits=0;
- p= *pp;
-
- *(p++)=(unsigned char)bits;
- d=a->data;
- memcpy(p,d,len);
- p+=len;
- if (len > 0) p[-1]&=(0xff<<bits);
- *pp=p;
- return(ret);
- }
-
-
-/* Convert DER encoded ASN1 BIT_STRING to ASN1_BIT_STRING structure */
-ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp,
- long length)
-{
- unsigned char *p;
- long len;
- int i;
- int inf,tag,xclass;
- ASN1_BIT_STRING *ret;
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_BIT_STRING)
- {
- i=ASN1_R_EXPECTING_A_BIT_STRING;
- goto err;
- }
- if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
- ret = c2i_ASN1_BIT_STRING(a, &p, len);
- if(ret) *pp = p;
- return ret;
-err:
- ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
- return(NULL);
-
-}
-
-ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp,
- long len)
- {
- ASN1_BIT_STRING *ret=NULL;
- unsigned char *p,*s;
- int i;
-
- if ((a == NULL) || ((*a) == NULL))
- {
- if ((ret=M_ASN1_BIT_STRING_new()) == NULL) return(NULL);
- }
- else
- ret=(*a);
-
- p= *pp;
- i= *(p++);
- /* We do this to preserve the settings. If we modify
- * the settings, via the _set_bit function, we will recalculate
- * on output */
- ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
- ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
-
- if (len-- > 1) /* using one because of the bits left byte */
- {
- s=(unsigned char *)OPENSSL_malloc((int)len);
- if (s == NULL)
- {
- i=ERR_R_MALLOC_FAILURE;
- goto err;
- }
- memcpy(s,p,(int)len);
- s[len-1]&=(0xff<<i);
- p+=len;
- }
- else
- s=NULL;
-
- ret->length=(int)len;
- if (ret->data != NULL) OPENSSL_free(ret->data);
- ret->data=s;
- ret->type=V_ASN1_BIT_STRING;
- if (a != NULL) (*a)=ret;
- *pp=p;
- return(ret);
-err:
- ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- M_ASN1_BIT_STRING_free(ret);
- return(NULL);
- }
-
-/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
- */
-int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
- {
- int w,v,iv;
- unsigned char *c;
-
- w=n/8;
- v=1<<(7-(n&0x07));
- iv= ~v;
-
- a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */
-
- if (a == NULL) return(0);
- if ((a->length < (w+1)) || (a->data == NULL))
- {
- if (!value) return(1); /* Don't need to set */
- if (a->data == NULL)
- c=(unsigned char *)OPENSSL_malloc(w+1);
- else
- c=(unsigned char *)OPENSSL_realloc(a->data,w+1);
- if (c == NULL) return(0);
- if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length);
- a->data=c;
- a->length=w+1;
- }
- a->data[w]=((a->data[w])&iv)|v;
- while ((a->length > 0) && (a->data[a->length-1] == 0))
- a->length--;
- return(1);
- }
-
-int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
- {
- int w,v;
-
- w=n/8;
- v=1<<(7-(n&0x07));
- if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL))
- return(0);
- return((a->data[w]&v) != 0);
- }
-
diff --git a/src/lib/libcrypto/asn1/a_bool.c b/src/lib/libcrypto/asn1/a_bool.c
deleted file mode 100644
index 18fa61840b..0000000000
--- a/src/lib/libcrypto/asn1/a_bool.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* crypto/asn1/a_bool.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-int i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
- {
- int r;
- unsigned char *p;
-
- r=ASN1_object_size(0,1,V_ASN1_BOOLEAN);
- if (pp == NULL) return(r);
- p= *pp;
-
- ASN1_put_object(&p,0,1,V_ASN1_BOOLEAN,V_ASN1_UNIVERSAL);
- *(p++)= (unsigned char)a;
- *pp=p;
- return(r);
- }
-
-int d2i_ASN1_BOOLEAN(int *a, unsigned char **pp, long length)
- {
- int ret= -1;
- unsigned char *p;
- long len;
- int inf,tag,xclass;
- int i=0;
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_BOOLEAN)
- {
- i=ASN1_R_EXPECTING_A_BOOLEAN;
- goto err;
- }
-
- if (len != 1)
- {
- i=ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
- goto err;
- }
- ret= (int)*(p++);
- if (a != NULL) (*a)=ret;
- *pp=p;
- return(ret);
-err:
- ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i);
- return(ret);
- }
diff --git a/src/lib/libcrypto/asn1/a_bytes.c b/src/lib/libcrypto/asn1/a_bytes.c
deleted file mode 100644
index 3a0c0c7835..0000000000
--- a/src/lib/libcrypto/asn1/a_bytes.c
+++ /dev/null
@@ -1,323 +0,0 @@
-/* crypto/asn1/a_bytes.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-
-static unsigned long tag2bit[32]={
-0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */
-B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */
-B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */
-B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */
-0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,
-B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0,
-0,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,
-B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN,
- };
-
-static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c);
-/* type is a 'bitmap' of acceptable string types.
- */
-ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp,
- long length, int type)
- {
- ASN1_STRING *ret=NULL;
- unsigned char *p,*s;
- long len;
- int inf,tag,xclass;
- int i=0;
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80) goto err;
-
- if (tag >= 32)
- {
- i=ASN1_R_TAG_VALUE_TOO_HIGH;;
- goto err;
- }
- if (!(tag2bit[tag] & type))
- {
- i=ASN1_R_WRONG_TYPE;
- goto err;
- }
-
- /* If a bit-string, exit early */
- if (tag == V_ASN1_BIT_STRING)
- return(d2i_ASN1_BIT_STRING(a,pp,length));
-
- if ((a == NULL) || ((*a) == NULL))
- {
- if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
- }
- else
- ret=(*a);
-
- if (len != 0)
- {
- s=(unsigned char *)OPENSSL_malloc((int)len+1);
- if (s == NULL)
- {
- i=ERR_R_MALLOC_FAILURE;
- goto err;
- }
- memcpy(s,p,(int)len);
- s[len]='\0';
- p+=len;
- }
- else
- s=NULL;
-
- if (ret->data != NULL) OPENSSL_free(ret->data);
- ret->length=(int)len;
- ret->data=s;
- ret->type=tag;
- if (a != NULL) (*a)=ret;
- *pp=p;
- return(ret);
-err:
- ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- ASN1_STRING_free(ret);
- return(NULL);
- }
-
-int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
- {
- int ret,r,constructed;
- unsigned char *p;
-
- if (a == NULL) return(0);
-
- if (tag == V_ASN1_BIT_STRING)
- return(i2d_ASN1_BIT_STRING(a,pp));
-
- ret=a->length;
- r=ASN1_object_size(0,ret,tag);
- if (pp == NULL) return(r);
- p= *pp;
-
- if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
- constructed=1;
- else
- constructed=0;
- ASN1_put_object(&p,constructed,ret,tag,xclass);
- memcpy(p,a->data,a->length);
- p+=a->length;
- *pp= p;
- return(r);
- }
-
-ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length,
- int Ptag, int Pclass)
- {
- ASN1_STRING *ret=NULL;
- unsigned char *p,*s;
- long len;
- int inf,tag,xclass;
- int i=0;
-
- if ((a == NULL) || ((*a) == NULL))
- {
- if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
- }
- else
- ret=(*a);
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != Ptag)
- {
- i=ASN1_R_WRONG_TAG;
- goto err;
- }
-
- if (inf & V_ASN1_CONSTRUCTED)
- {
- ASN1_CTX c;
-
- c.pp=pp;
- c.p=p;
- c.inf=inf;
- c.slen=len;
- c.tag=Ptag;
- c.xclass=Pclass;
- c.max=(length == 0)?0:(p+length);
- if (!asn1_collate_primitive(ret,&c))
- goto err;
- else
- {
- p=c.p;
- }
- }
- else
- {
- if (len != 0)
- {
- if ((ret->length < len) || (ret->data == NULL))
- {
- if (ret->data != NULL) OPENSSL_free(ret->data);
- s=(unsigned char *)OPENSSL_malloc((int)len + 1);
- if (s == NULL)
- {
- i=ERR_R_MALLOC_FAILURE;
- goto err;
- }
- }
- else
- s=ret->data;
- memcpy(s,p,(int)len);
- s[len] = '\0';
- p+=len;
- }
- else
- {
- s=NULL;
- if (ret->data != NULL) OPENSSL_free(ret->data);
- }
-
- ret->length=(int)len;
- ret->data=s;
- ret->type=Ptag;
- }
-
- if (a != NULL) (*a)=ret;
- *pp=p;
- return(ret);
-err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- ASN1_STRING_free(ret);
- ASN1err(ASN1_F_D2I_ASN1_BYTES,i);
- return(NULL);
- }
-
-
-/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse
- * them into the one structure that is then returned */
-/* There have been a few bug fixes for this function from
- * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
-static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c)
- {
- ASN1_STRING *os=NULL;
- BUF_MEM b;
- int num;
-
- b.length=0;
- b.max=0;
- b.data=NULL;
-
- if (a == NULL)
- {
- c->error=ERR_R_PASSED_NULL_PARAMETER;
- goto err;
- }
-
- num=0;
- for (;;)
- {
- if (c->inf & 1)
- {
- c->eos=ASN1_check_infinite_end(&c->p,
- (long)(c->max-c->p));
- if (c->eos) break;
- }
- else
- {
- if (c->slen <= 0) break;
- }
-
- c->q=c->p;
- if (d2i_ASN1_bytes(&os,&c->p,c->max-c->p,c->tag,c->xclass)
- == NULL)
- {
- c->error=ERR_R_ASN1_LIB;
- goto err;
- }
-
- if (!BUF_MEM_grow(&b,num+os->length))
- {
- c->error=ERR_R_BUF_LIB;
- goto err;
- }
- memcpy(&(b.data[num]),os->data,os->length);
- if (!(c->inf & 1))
- c->slen-=(c->p-c->q);
- num+=os->length;
- }
-
- if (!asn1_Finish(c)) goto err;
-
- a->length=num;
- if (a->data != NULL) OPENSSL_free(a->data);
- a->data=(unsigned char *)b.data;
- if (os != NULL) ASN1_STRING_free(os);
- return(1);
-err:
- ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE,c->error);
- if (os != NULL) ASN1_STRING_free(os);
- if (b.data != NULL) OPENSSL_free(b.data);
- return(0);
- }
-
diff --git a/src/lib/libcrypto/asn1/a_d2i_fp.c b/src/lib/libcrypto/asn1/a_d2i_fp.c
deleted file mode 100644
index a49d1cb289..0000000000
--- a/src/lib/libcrypto/asn1/a_d2i_fp.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/* crypto/asn1/a_d2i_fp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1_mac.h>
-
-#define HEADER_SIZE 8
-
-#ifndef NO_FP_API
-char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in,
- unsigned char **x)
- {
- BIO *b;
- char *ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB);
- return(NULL);
- }
- BIO_set_fp(b,in,BIO_NOCLOSE);
- ret=ASN1_d2i_bio(xnew,d2i,b,x);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-char *ASN1_d2i_bio(char *(*xnew)(), char *(*d2i)(), BIO *in,
- unsigned char **x)
- {
- BUF_MEM *b;
- unsigned char *p;
- int i;
- char *ret=NULL;
- ASN1_CTX c;
- int want=HEADER_SIZE;
- int eos=0;
- int off=0;
- int len=0;
-
- b=BUF_MEM_new();
- if (b == NULL)
- {
- ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
-
- ERR_clear_error();
- for (;;)
- {
- if (want >= (len-off))
- {
- want-=(len-off);
-
- if (!BUF_MEM_grow(b,len+want))
- {
- ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- i=BIO_read(in,&(b->data[len]),want);
- if ((i < 0) && ((len-off) == 0))
- {
- ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
- goto err;
- }
- if (i > 0)
- len+=i;
- }
- /* else data already loaded */
-
- p=(unsigned char *)&(b->data[off]);
- c.p=p;
- c.inf=ASN1_get_object(&(c.p),&(c.slen),&(c.tag),&(c.xclass),
- len-off);
- if (c.inf & 0x80)
- {
- unsigned long e;
-
- e=ERR_GET_REASON(ERR_peek_error());
- if (e != ASN1_R_TOO_LONG)
- goto err;
- else
- ERR_get_error(); /* clear error */
- }
- i=c.p-p;/* header length */
- off+=i; /* end of data */
-
- if (c.inf & 1)
- {
- /* no data body so go round again */
- eos++;
- want=HEADER_SIZE;
- }
- else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC))
- {
- /* eos value, so go back and read another header */
- eos--;
- if (eos <= 0)
- break;
- else
- want=HEADER_SIZE;
- }
- else
- {
- /* suck in c.slen bytes of data */
- want=(int)c.slen;
- if (want > (len-off))
- {
- want-=(len-off);
- if (!BUF_MEM_grow(b,len+want))
- {
- ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- i=BIO_read(in,&(b->data[len]),want);
- if (i <= 0)
- {
- ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
- goto err;
- }
- len+=i;
- }
- off+=(int)c.slen;
- if (eos <= 0)
- {
- break;
- }
- else
- want=HEADER_SIZE;
- }
- }
-
- p=(unsigned char *)b->data;
- ret=d2i(x,&p,off);
-err:
- if (b != NULL) BUF_MEM_free(b);
- return(ret);
- }
diff --git a/src/lib/libcrypto/asn1/a_digest.c b/src/lib/libcrypto/asn1/a_digest.c
deleted file mode 100644
index 8257b8639e..0000000000
--- a/src/lib/libcrypto/asn1/a_digest.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/* crypto/asn1/a_digest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include "cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#include <openssl/evp.h>
-#include <openssl/buffer.h>
-#include <openssl/x509.h>
-
-int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
- unsigned char *md, unsigned int *len)
- {
- EVP_MD_CTX ctx;
- int i;
- unsigned char *str,*p;
-
- i=i2d(data,NULL);
- if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) return(0);
- p=str;
- i2d(data,&p);
-
- EVP_DigestInit(&ctx,type);
- EVP_DigestUpdate(&ctx,str,i);
- EVP_DigestFinal(&ctx,md,len);
- OPENSSL_free(str);
- return(1);
- }
-
diff --git a/src/lib/libcrypto/asn1/a_dup.c b/src/lib/libcrypto/asn1/a_dup.c
deleted file mode 100644
index c3bda58a5d..0000000000
--- a/src/lib/libcrypto/asn1/a_dup.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/asn1/a_dup.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-
-#define READ_CHUNK 2048
-
-char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x)
- {
- unsigned char *b,*p;
- long i;
- char *ret;
-
- if (x == NULL) return(NULL);
-
- i=(long)i2d(x,NULL);
- b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
- if (b == NULL)
- { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
- p= b;
- i=i2d(x,&p);
- p= b;
- ret=d2i(NULL,&p,i);
- OPENSSL_free(b);
- return(ret);
- }
diff --git a/src/lib/libcrypto/asn1/a_enum.c b/src/lib/libcrypto/asn1/a_enum.c
deleted file mode 100644
index 1428d1df7a..0000000000
--- a/src/lib/libcrypto/asn1/a_enum.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/* crypto/asn1/a_enum.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-/*
- * Code for ENUMERATED type: identical to INTEGER apart from a different tag.
- * for comments on encoding see a_int.c
- */
-
-ASN1_ENUMERATED *ASN1_ENUMERATED_new(void)
-{ return M_ASN1_ENUMERATED_new(); }
-
-void ASN1_ENUMERATED_free(ASN1_ENUMERATED *x)
-{ M_ASN1_ENUMERATED_free(x); }
-
-
-int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **pp)
-{
- int len, ret;
- if(!a) return 0;
- len = i2c_ASN1_INTEGER(a, NULL);
- ret=ASN1_object_size(0,len,V_ASN1_ENUMERATED);
- if(pp) {
- ASN1_put_object(pp,0,len,V_ASN1_ENUMERATED,V_ASN1_UNIVERSAL);
- i2c_ASN1_INTEGER(a, pp);
- }
- return ret;
-}
-
-ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, unsigned char **pp,
- long length)
-{
- unsigned char *p;
- long len;
- int i;
- int inf,tag,xclass;
- ASN1_ENUMERATED *ret;
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_ENUMERATED)
- {
- i=ASN1_R_EXPECTING_AN_ENUMERATED;
- goto err;
- }
- ret = c2i_ASN1_INTEGER(a, &p, len);
- if(ret) {
- ret->type = (V_ASN1_NEG & ret->type) | V_ASN1_ENUMERATED;
- *pp = p;
- }
- return ret;
-err:
- ASN1err(ASN1_F_D2I_ASN1_ENUMERATED,i);
- return(NULL);
-
-}
-
-int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
- {
- int i,j,k;
- unsigned char buf[sizeof(long)+1];
- long d;
-
- a->type=V_ASN1_ENUMERATED;
- if (a->length < (sizeof(long)+1))
- {
- if (a->data != NULL)
- OPENSSL_free(a->data);
- if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
- memset((char *)a->data,0,sizeof(long)+1);
- }
- if (a->data == NULL)
- {
- ASN1err(ASN1_F_ASN1_ENUMERATED_SET,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- d=v;
- if (d < 0)
- {
- d= -d;
- a->type=V_ASN1_NEG_ENUMERATED;
- }
-
- for (i=0; i<sizeof(long); i++)
- {
- if (d == 0) break;
- buf[i]=(int)d&0xff;
- d>>=8;
- }
- j=0;
- for (k=i-1; k >=0; k--)
- a->data[j++]=buf[k];
- a->length=j;
- return(1);
- }
-
-long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
- {
- int neg=0,i;
- long r=0;
-
- if (a == NULL) return(0L);
- i=a->type;
- if (i == V_ASN1_NEG_ENUMERATED)
- neg=1;
- else if (i != V_ASN1_ENUMERATED)
- return(0);
-
- if (a->length > sizeof(long))
- {
- /* hmm... a bit ugly */
- return(0xffffffffL);
- }
- if (a->data == NULL)
- return(0);
-
- for (i=0; i<a->length; i++)
- {
- r<<=8;
- r|=(unsigned char)a->data[i];
- }
- if (neg) r= -r;
- return(r);
- }
-
-ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
- {
- ASN1_ENUMERATED *ret;
- int len,j;
-
- if (ai == NULL)
- ret=M_ASN1_ENUMERATED_new();
- else
- ret=ai;
- if (ret == NULL)
- {
- ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR);
- goto err;
- }
- if(bn->neg) ret->type = V_ASN1_NEG_ENUMERATED;
- else ret->type=V_ASN1_ENUMERATED;
- j=BN_num_bits(bn);
- len=((j == 0)?0:((j/8)+1));
- ret->data=(unsigned char *)OPENSSL_malloc(len+4);
- ret->length=BN_bn2bin(bn,ret->data);
- return(ret);
-err:
- if (ret != ai) M_ASN1_ENUMERATED_free(ret);
- return(NULL);
- }
-
-BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
- {
- BIGNUM *ret;
-
- if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
- ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB);
- else if(ai->type == V_ASN1_NEG_ENUMERATED) ret->neg = 1;
- return(ret);
- }
diff --git a/src/lib/libcrypto/asn1/a_i2d_fp.c b/src/lib/libcrypto/asn1/a_i2d_fp.c
deleted file mode 100644
index aee29a7790..0000000000
--- a/src/lib/libcrypto/asn1/a_i2d_fp.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* crypto/asn1/a_i2d_fp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_FP_API
-int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,out,BIO_NOCLOSE);
- ret=ASN1_i2d_bio(i2d,b,x);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x)
- {
- char *b;
- unsigned char *p;
- int i,j=0,n,ret=1;
-
- n=i2d(x,NULL);
- b=(char *)OPENSSL_malloc(n);
- if (b == NULL)
- {
- ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
- return(0);
- }
-
- p=(unsigned char *)b;
- i2d(x,&p);
-
- for (;;)
- {
- i=BIO_write(out,&(b[j]),n);
- if (i == n) break;
- if (i <= 0)
- {
- ret=0;
- break;
- }
- j+=i;
- n-=i;
- }
- OPENSSL_free(b);
- return(ret);
- }
diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c
deleted file mode 100644
index 6f0413f885..0000000000
--- a/src/lib/libcrypto/asn1/a_int.c
+++ /dev/null
@@ -1,473 +0,0 @@
-/* crypto/asn1/a_int.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_INTEGER *ASN1_INTEGER_new(void)
-{ return M_ASN1_INTEGER_new();}
-
-void ASN1_INTEGER_free(ASN1_INTEGER *x)
-{ M_ASN1_INTEGER_free(x);}
-
-ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
-{ return M_ASN1_INTEGER_dup(x);}
-
-int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y)
-{ return M_ASN1_INTEGER_cmp(x,y);}
-
-/* Output ASN1 INTEGER including tag+length */
-
-int i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
-{
- int len, ret;
- if(!a) return 0;
- len = i2c_ASN1_INTEGER(a, NULL);
- ret=ASN1_object_size(0,len,V_ASN1_INTEGER);
- if(pp) {
- ASN1_put_object(pp,0,len,V_ASN1_INTEGER,V_ASN1_UNIVERSAL);
- i2c_ASN1_INTEGER(a, pp);
- }
- return ret;
-}
-
-/*
- * This converts an ASN1 INTEGER into its content encoding.
- * The internal representation is an ASN1_STRING whose data is a big endian
- * representation of the value, ignoring the sign. The sign is determined by
- * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative.
- *
- * Positive integers are no problem: they are almost the same as the DER
- * encoding, except if the first byte is >= 0x80 we need to add a zero pad.
- *
- * Negative integers are a bit trickier...
- * The DER representation of negative integers is in 2s complement form.
- * The internal form is converted by complementing each octet and finally
- * adding one to the result. This can be done less messily with a little trick.
- * If the internal form has trailing zeroes then they will become FF by the
- * complement and 0 by the add one (due to carry) so just copy as many trailing
- * zeros to the destination as there are in the source. The carry will add one
- * to the last none zero octet: so complement this octet and add one and finally
- * complement any left over until you get to the start of the string.
- *
- * Padding is a little trickier too. If the first bytes is > 0x80 then we pad
- * with 0xff. However if the first byte is 0x80 and one of the following bytes
- * is non-zero we pad with 0xff. The reason for this distinction is that 0x80
- * followed by optional zeros isn't padded.
- */
-
-int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
- {
- int pad=0,ret,i,neg;
- unsigned char *p,*n,pb=0;
-
- if ((a == NULL) || (a->data == NULL)) return(0);
- neg=a->type & V_ASN1_NEG;
- if (a->length == 0)
- ret=1;
- else
- {
- ret=a->length;
- i=a->data[0];
- if (!neg && (i > 127)) {
- pad=1;
- pb=0;
- } else if(neg) {
- if(i>128) {
- pad=1;
- pb=0xFF;
- } else if(i == 128) {
- /*
- * Special case: if any other bytes non zero we pad:
- * otherwise we don't.
- */
- for(i = 1; i < a->length; i++) if(a->data[i]) {
- pad=1;
- pb=0xFF;
- break;
- }
- }
- }
- ret+=pad;
- }
- if (pp == NULL) return(ret);
- p= *pp;
-
- if (pad) *(p++)=pb;
- if (a->length == 0) *(p++)=0;
- else if (!neg) memcpy(p,a->data,(unsigned int)a->length);
- else {
- /* Begin at the end of the encoding */
- n=a->data + a->length - 1;
- p += a->length - 1;
- i = a->length;
- /* Copy zeros to destination as long as source is zero */
- while(!*n) {
- *(p--) = 0;
- n--;
- i--;
- }
- /* Complement and increment next octet */
- *(p--) = ((*(n--)) ^ 0xff) + 1;
- i--;
- /* Complement any octets left */
- for(;i > 0; i--) *(p--) = *(n--) ^ 0xff;
- }
-
- *pp+=ret;
- return(ret);
- }
-
-/* Convert DER encoded ASN1 INTEGER to ASN1_INTEGER structure */
-ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
- long length)
-{
- unsigned char *p;
- long len;
- int i;
- int inf,tag,xclass;
- ASN1_INTEGER *ret;
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_INTEGER)
- {
- i=ASN1_R_EXPECTING_AN_INTEGER;
- goto err;
- }
- ret = c2i_ASN1_INTEGER(a, &p, len);
- if(ret) *pp = p;
- return ret;
-err:
- ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
- return(NULL);
-
-}
-
-
-/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
-
-ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
- long len)
- {
- ASN1_INTEGER *ret=NULL;
- unsigned char *p,*to,*s, *pend;
- int i;
-
- if ((a == NULL) || ((*a) == NULL))
- {
- if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
- ret->type=V_ASN1_INTEGER;
- }
- else
- ret=(*a);
-
- p= *pp;
- pend = p + len;
-
- /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
- * signifies a missing NULL parameter. */
- s=(unsigned char *)OPENSSL_malloc((int)len+1);
- if (s == NULL)
- {
- i=ERR_R_MALLOC_FAILURE;
- goto err;
- }
- to=s;
- if(!len) {
- /* Strictly speaking this is an illegal INTEGER but we
- * tolerate it.
- */
- ret->type=V_ASN1_INTEGER;
- } else if (*p & 0x80) /* a negative number */
- {
- ret->type=V_ASN1_NEG_INTEGER;
- if ((*p == 0xff) && (len != 1)) {
- p++;
- len--;
- }
- i = len;
- p += i - 1;
- to += i - 1;
- while((!*p) && i) {
- *(to--) = 0;
- i--;
- p--;
- }
- /* Special case: if all zeros then the number will be of
- * the form FF followed by n zero bytes: this corresponds to
- * 1 followed by n zero bytes. We've already written n zeros
- * so we just append an extra one and set the first byte to
- * a 1. This is treated separately because it is the only case
- * where the number of bytes is larger than len.
- */
- if(!i) {
- *s = 1;
- s[len] = 0;
- len++;
- } else {
- *(to--) = (*(p--) ^ 0xff) + 1;
- i--;
- for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
- }
- } else {
- ret->type=V_ASN1_INTEGER;
- if ((*p == 0) && (len != 1))
- {
- p++;
- len--;
- }
- memcpy(s,p,(int)len);
- }
-
- if (ret->data != NULL) OPENSSL_free(ret->data);
- ret->data=s;
- ret->length=(int)len;
- if (a != NULL) (*a)=ret;
- *pp=pend;
- return(ret);
-err:
- ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- M_ASN1_INTEGER_free(ret);
- return(NULL);
- }
-
-
-/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of
- * ASN1 integers: some broken software can encode a positive INTEGER
- * with its MSB set as negative (it doesn't add a padding zero).
- */
-
-ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp,
- long length)
- {
- ASN1_INTEGER *ret=NULL;
- unsigned char *p,*to,*s;
- long len;
- int inf,tag,xclass;
- int i;
-
- if ((a == NULL) || ((*a) == NULL))
- {
- if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
- ret->type=V_ASN1_INTEGER;
- }
- else
- ret=(*a);
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_INTEGER)
- {
- i=ASN1_R_EXPECTING_AN_INTEGER;
- goto err;
- }
-
- /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
- * signifies a missing NULL parameter. */
- s=(unsigned char *)OPENSSL_malloc((int)len+1);
- if (s == NULL)
- {
- i=ERR_R_MALLOC_FAILURE;
- goto err;
- }
- to=s;
- ret->type=V_ASN1_INTEGER;
- if(len) {
- if ((*p == 0) && (len != 1))
- {
- p++;
- len--;
- }
- memcpy(s,p,(int)len);
- p+=len;
- }
-
- if (ret->data != NULL) OPENSSL_free(ret->data);
- ret->data=s;
- ret->length=(int)len;
- if (a != NULL) (*a)=ret;
- *pp=p;
- return(ret);
-err:
- ASN1err(ASN1_F_D2I_ASN1_UINTEGER,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- M_ASN1_INTEGER_free(ret);
- return(NULL);
- }
-
-int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
- {
- int i,j,k;
- unsigned char buf[sizeof(long)+1];
- long d;
-
- a->type=V_ASN1_INTEGER;
- if (a->length < (sizeof(long)+1))
- {
- if (a->data != NULL)
- OPENSSL_free(a->data);
- if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
- memset((char *)a->data,0,sizeof(long)+1);
- }
- if (a->data == NULL)
- {
- ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- d=v;
- if (d < 0)
- {
- d= -d;
- a->type=V_ASN1_NEG_INTEGER;
- }
-
- for (i=0; i<sizeof(long); i++)
- {
- if (d == 0) break;
- buf[i]=(int)d&0xff;
- d>>=8;
- }
- j=0;
- for (k=i-1; k >=0; k--)
- a->data[j++]=buf[k];
- a->length=j;
- return(1);
- }
-
-long ASN1_INTEGER_get(ASN1_INTEGER *a)
- {
- int neg=0,i;
- long r=0;
-
- if (a == NULL) return(0L);
- i=a->type;
- if (i == V_ASN1_NEG_INTEGER)
- neg=1;
- else if (i != V_ASN1_INTEGER)
- return(0);
-
- if (a->length > sizeof(long))
- {
- /* hmm... a bit ugly */
- return(0xffffffffL);
- }
- if (a->data == NULL)
- return(0);
-
- for (i=0; i<a->length; i++)
- {
- r<<=8;
- r|=(unsigned char)a->data[i];
- }
- if (neg) r= -r;
- return(r);
- }
-
-ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
- {
- ASN1_INTEGER *ret;
- int len,j;
-
- if (ai == NULL)
- ret=M_ASN1_INTEGER_new();
- else
- ret=ai;
- if (ret == NULL)
- {
- ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
- goto err;
- }
- if(bn->neg) ret->type = V_ASN1_NEG_INTEGER;
- else ret->type=V_ASN1_INTEGER;
- j=BN_num_bits(bn);
- len=((j == 0)?0:((j/8)+1));
- ret->data=(unsigned char *)OPENSSL_malloc(len+4);
- ret->length=BN_bn2bin(bn,ret->data);
- return(ret);
-err:
- if (ret != ai) M_ASN1_INTEGER_free(ret);
- return(NULL);
- }
-
-BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn)
- {
- BIGNUM *ret;
-
- if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
- ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
- else if(ai->type == V_ASN1_NEG_INTEGER) ret->neg = 1;
- return(ret);
- }
-
-IMPLEMENT_STACK_OF(ASN1_INTEGER)
-IMPLEMENT_ASN1_SET_OF(ASN1_INTEGER)
diff --git a/src/lib/libcrypto/asn1/a_mbstr.c b/src/lib/libcrypto/asn1/a_mbstr.c
deleted file mode 100644
index 5d981c6553..0000000000
--- a/src/lib/libcrypto/asn1/a_mbstr.c
+++ /dev/null
@@ -1,400 +0,0 @@
-/* a_mbstr.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-static int traverse_string(const unsigned char *p, int len, int inform,
- int (*rfunc)(unsigned long value, void *in), void *arg);
-static int in_utf8(unsigned long value, void *arg);
-static int out_utf8(unsigned long value, void *arg);
-static int type_str(unsigned long value, void *arg);
-static int cpy_asc(unsigned long value, void *arg);
-static int cpy_bmp(unsigned long value, void *arg);
-static int cpy_univ(unsigned long value, void *arg);
-static int cpy_utf8(unsigned long value, void *arg);
-static int is_printable(unsigned long value);
-
-/* These functions take a string in UTF8, ASCII or multibyte form and
- * a mask of permissible ASN1 string types. It then works out the minimal
- * type (using the order Printable < IA5 < T61 < BMP < Universal < UTF8)
- * and creates a string of the correct type with the supplied data.
- * Yes this is horrible: it has to be :-(
- * The 'ncopy' form checks minimum and maximum size limits too.
- */
-
-int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
- int inform, unsigned long mask)
-{
- return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
-}
-
-int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
- int inform, unsigned long mask,
- long minsize, long maxsize)
-{
- int str_type;
- int ret;
- char free_out;
- int outform, outlen;
- ASN1_STRING *dest;
- unsigned char *p;
- int nchar;
- char strbuf[32];
- int (*cpyfunc)(unsigned long,void *) = NULL;
- if(len == -1) len = strlen((const char *)in);
- if(!mask) mask = DIRSTRING_TYPE;
-
- /* First do a string check and work out the number of characters */
- switch(inform) {
-
- case MBSTRING_BMP:
- if(len & 1) {
- ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
- ASN1_R_INVALID_BMPSTRING_LENGTH);
- return -1;
- }
- nchar = len >> 1;
- break;
-
- case MBSTRING_UNIV:
- if(len & 3) {
- ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
- ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
- return -1;
- }
- nchar = len >> 2;
- break;
-
- case MBSTRING_UTF8:
- nchar = 0;
- /* This counts the characters and does utf8 syntax checking */
- ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
- if(ret < 0) {
- ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
- ASN1_R_INVALID_UTF8STRING);
- return -1;
- }
- break;
-
- case MBSTRING_ASC:
- nchar = len;
- break;
-
- default:
- ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_UNKNOWN_FORMAT);
- return -1;
- }
-
- if((minsize > 0) && (nchar < minsize)) {
- ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT);
- sprintf(strbuf, "%ld", minsize);
- ERR_add_error_data(2, "minsize=", strbuf);
- return -1;
- }
-
- if((maxsize > 0) && (nchar > maxsize)) {
- ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG);
- sprintf(strbuf, "%ld", maxsize);
- ERR_add_error_data(2, "maxsize=", strbuf);
- return -1;
- }
-
- /* Now work out minimal type (if any) */
- if(traverse_string(in, len, inform, type_str, &mask) < 0) {
- ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_ILLEGAL_CHARACTERS);
- return -1;
- }
-
-
- /* Now work out output format and string type */
- outform = MBSTRING_ASC;
- if(mask & B_ASN1_PRINTABLESTRING) str_type = V_ASN1_PRINTABLESTRING;
- else if(mask & B_ASN1_IA5STRING) str_type = V_ASN1_IA5STRING;
- else if(mask & B_ASN1_T61STRING) str_type = V_ASN1_T61STRING;
- else if(mask & B_ASN1_BMPSTRING) {
- str_type = V_ASN1_BMPSTRING;
- outform = MBSTRING_BMP;
- } else if(mask & B_ASN1_UNIVERSALSTRING) {
- str_type = V_ASN1_UNIVERSALSTRING;
- outform = MBSTRING_UNIV;
- } else {
- str_type = V_ASN1_UTF8STRING;
- outform = MBSTRING_UTF8;
- }
- if(!out) return str_type;
- if(*out) {
- free_out = 0;
- dest = *out;
- if(dest->data) {
- dest->length = 0;
- OPENSSL_free(dest->data);
- dest->data = NULL;
- }
- dest->type = str_type;
- } else {
- free_out = 1;
- dest = ASN1_STRING_type_new(str_type);
- if(!dest) {
- ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
- ERR_R_MALLOC_FAILURE);
- return -1;
- }
- *out = dest;
- }
- /* If both the same type just copy across */
- if(inform == outform) {
- if(!ASN1_STRING_set(dest, in, len)) {
- ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE);
- return -1;
- }
- return str_type;
- }
-
- /* Work out how much space the destination will need */
- switch(outform) {
- case MBSTRING_ASC:
- outlen = nchar;
- cpyfunc = cpy_asc;
- break;
-
- case MBSTRING_BMP:
- outlen = nchar << 1;
- cpyfunc = cpy_bmp;
- break;
-
- case MBSTRING_UNIV:
- outlen = nchar << 2;
- cpyfunc = cpy_univ;
- break;
-
- case MBSTRING_UTF8:
- outlen = 0;
- traverse_string(in, len, inform, out_utf8, &outlen);
- cpyfunc = cpy_utf8;
- break;
- }
- if(!(p = OPENSSL_malloc(outlen + 1))) {
- if(free_out) ASN1_STRING_free(dest);
- ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE);
- return -1;
- }
- dest->length = outlen;
- dest->data = p;
- p[outlen] = 0;
- traverse_string(in, len, inform, cpyfunc, &p);
- return str_type;
-}
-
-/* This function traverses a string and passes the value of each character
- * to an optional function along with a void * argument.
- */
-
-static int traverse_string(const unsigned char *p, int len, int inform,
- int (*rfunc)(unsigned long value, void *in), void *arg)
-{
- unsigned long value;
- int ret;
- while(len) {
- if(inform == MBSTRING_ASC) {
- value = *p++;
- len--;
- } else if(inform == MBSTRING_BMP) {
- value = *p++ << 8;
- value |= *p++;
- len -= 2;
- } else if(inform == MBSTRING_UNIV) {
- value = ((unsigned long)*p++) << 24;
- value |= ((unsigned long)*p++) << 16;
- value |= *p++ << 8;
- value |= *p++;
- len -= 4;
- } else {
- ret = UTF8_getc(p, len, &value);
- if(ret < 0) return -1;
- len -= ret;
- p += ret;
- }
- if(rfunc) {
- ret = rfunc(value, arg);
- if(ret <= 0) return ret;
- }
- }
- return 1;
-}
-
-/* Various utility functions for traverse_string */
-
-/* Just count number of characters */
-
-static int in_utf8(unsigned long value, void *arg)
-{
- int *nchar;
- nchar = arg;
- (*nchar)++;
- return 1;
-}
-
-/* Determine size of output as a UTF8 String */
-
-static int out_utf8(unsigned long value, void *arg)
-{
- long *outlen;
- outlen = arg;
- *outlen += UTF8_putc(NULL, -1, value);
- return 1;
-}
-
-/* Determine the "type" of a string: check each character against a
- * supplied "mask".
- */
-
-static int type_str(unsigned long value, void *arg)
-{
- unsigned long types;
- types = *((unsigned long *)arg);
- if((types & B_ASN1_PRINTABLESTRING) && !is_printable(value))
- types &= ~B_ASN1_PRINTABLESTRING;
- if((types & B_ASN1_IA5STRING) && (value > 127))
- types &= ~B_ASN1_IA5STRING;
- if((types & B_ASN1_T61STRING) && (value > 0xff))
- types &= ~B_ASN1_T61STRING;
- if((types & B_ASN1_BMPSTRING) && (value > 0xffff))
- types &= ~B_ASN1_BMPSTRING;
- if(!types) return -1;
- *((unsigned long *)arg) = types;
- return 1;
-}
-
-/* Copy one byte per character ASCII like strings */
-
-static int cpy_asc(unsigned long value, void *arg)
-{
- unsigned char **p, *q;
- p = arg;
- q = *p;
- *q = (unsigned char) value;
- (*p)++;
- return 1;
-}
-
-/* Copy two byte per character BMPStrings */
-
-static int cpy_bmp(unsigned long value, void *arg)
-{
- unsigned char **p, *q;
- p = arg;
- q = *p;
- *q++ = (unsigned char) ((value >> 8) & 0xff);
- *q = (unsigned char) (value & 0xff);
- *p += 2;
- return 1;
-}
-
-/* Copy four byte per character UniversalStrings */
-
-static int cpy_univ(unsigned long value, void *arg)
-{
- unsigned char **p, *q;
- p = arg;
- q = *p;
- *q++ = (unsigned char) ((value >> 24) & 0xff);
- *q++ = (unsigned char) ((value >> 16) & 0xff);
- *q++ = (unsigned char) ((value >> 8) & 0xff);
- *q = (unsigned char) (value & 0xff);
- *p += 4;
- return 1;
-}
-
-/* Copy to a UTF8String */
-
-static int cpy_utf8(unsigned long value, void *arg)
-{
- unsigned char **p;
- int ret;
- p = arg;
- /* We already know there is enough room so pass 0xff as the length */
- ret = UTF8_putc(*p, 0xff, value);
- *p += ret;
- return 1;
-}
-
-/* Return 1 if the character is permitted in a PrintableString */
-static int is_printable(unsigned long value)
-{
- int ch;
- if(value > 0x7f) return 0;
- ch = (int) value;
- /* Note: we can't use 'isalnum' because certain accented
- * characters may count as alphanumeric in some environments.
- */
-#ifndef CHARSET_EBCDIC
- if((ch >= 'a') && (ch <= 'z')) return 1;
- if((ch >= 'A') && (ch <= 'Z')) return 1;
- if((ch >= '0') && (ch <= '9')) return 1;
- if ((ch == ' ') || strchr("'()+,-./:=?", ch)) return 1;
-#else /*CHARSET_EBCDIC*/
- if((ch >= os_toascii['a']) && (ch <= os_toascii['z'])) return 1;
- if((ch >= os_toascii['A']) && (ch <= os_toascii['Z'])) return 1;
- if((ch >= os_toascii['0']) && (ch <= os_toascii['9'])) return 1;
- if ((ch == os_toascii[' ']) || strchr("'()+,-./:=?", os_toebcdic[ch])) return 1;
-#endif /*CHARSET_EBCDIC*/
- return 0;
-}
diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c
deleted file mode 100644
index 20caa2d3bd..0000000000
--- a/src/lib/libcrypto/asn1/a_object.c
+++ /dev/null
@@ -1,320 +0,0 @@
-/* crypto/asn1/a_object.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-
-int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
- {
- unsigned char *p;
- int objsize;
-
- if ((a == NULL) || (a->data == NULL)) return(0);
-
- objsize = ASN1_object_size(0,a->length,V_ASN1_OBJECT);
- if (pp == NULL) return objsize;
-
- p= *pp;
- ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
- memcpy(p,a->data,a->length);
- p+=a->length;
-
- *pp=p;
- return(objsize);
- }
-
-int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
- {
- int i,first,len=0,c;
- char tmp[24];
- const char *p;
- unsigned long l;
-
- if (num == 0)
- return(0);
- else if (num == -1)
- num=strlen(buf);
-
- p=buf;
- c= *(p++);
- num--;
- if ((c >= '0') && (c <= '2'))
- {
- first=(c-'0')*40;
- }
- else
- {
- ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE);
- goto err;
- }
-
- if (num <= 0)
- {
- ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER);
- goto err;
- }
- c= *(p++);
- num--;
- for (;;)
- {
- if (num <= 0) break;
- if ((c != '.') && (c != ' '))
- {
- ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR);
- goto err;
- }
- l=0;
- for (;;)
- {
- if (num <= 0) break;
- num--;
- c= *(p++);
- if ((c == ' ') || (c == '.'))
- break;
- if ((c < '0') || (c > '9'))
- {
- ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
- goto err;
- }
- l=l*10L+(long)(c-'0');
- }
- if (len == 0)
- {
- if ((first < 2) && (l >= 40))
- {
- ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
- goto err;
- }
- l+=(long)first;
- }
- i=0;
- for (;;)
- {
- tmp[i++]=(unsigned char)l&0x7f;
- l>>=7L;
- if (l == 0L) break;
- }
- if (out != NULL)
- {
- if (len+i > olen)
- {
- ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL);
- goto err;
- }
- while (--i > 0)
- out[len++]=tmp[i]|0x80;
- out[len++]=tmp[0];
- }
- else
- len+=i;
- }
- return(len);
-err:
- return(0);
- }
-
-int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
-{
- return OBJ_obj2txt(buf, buf_len, a, 0);
-}
-
-int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
- {
- char buf[80];
- int i;
-
- if ((a == NULL) || (a->data == NULL))
- return(BIO_write(bp,"NULL",4));
- i=i2t_ASN1_OBJECT(buf,80,a);
- if (i > 80) i=80;
- BIO_write(bp,buf,i);
- return(i);
- }
-
-ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp,
- long length)
-{
- unsigned char *p;
- long len;
- int tag,xclass;
- int inf,i;
- ASN1_OBJECT *ret = NULL;
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_OBJECT)
- {
- i=ASN1_R_EXPECTING_AN_OBJECT;
- goto err;
- }
- ret = c2i_ASN1_OBJECT(a, &p, len);
- if(ret) *pp = p;
- return ret;
-err:
- ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- ASN1_OBJECT_free(ret);
- return(NULL);
-}
-ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp,
- long len)
- {
- ASN1_OBJECT *ret=NULL;
- unsigned char *p;
- int i;
-
- /* only the ASN1_OBJECTs from the 'table' will have values
- * for ->sn or ->ln */
- if ((a == NULL) || ((*a) == NULL) ||
- !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
- {
- if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
- }
- else ret=(*a);
-
- p= *pp;
- if ((ret->data == NULL) || (ret->length < len))
- {
- if (ret->data != NULL) OPENSSL_free(ret->data);
- ret->data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1);
- ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
- if (ret->data == NULL)
- { i=ERR_R_MALLOC_FAILURE; goto err; }
- }
- memcpy(ret->data,p,(int)len);
- ret->length=(int)len;
- ret->sn=NULL;
- ret->ln=NULL;
- /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
- p+=len;
-
- if (a != NULL) (*a)=ret;
- *pp=p;
- return(ret);
-err:
- ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- ASN1_OBJECT_free(ret);
- return(NULL);
- }
-
-ASN1_OBJECT *ASN1_OBJECT_new(void)
- {
- ASN1_OBJECT *ret;
-
- ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
- if (ret == NULL)
- {
- ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- ret->length=0;
- ret->data=NULL;
- ret->nid=0;
- ret->sn=NULL;
- ret->ln=NULL;
- ret->flags=ASN1_OBJECT_FLAG_DYNAMIC;
- return(ret);
- }
-
-void ASN1_OBJECT_free(ASN1_OBJECT *a)
- {
- if (a == NULL) return;
- if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS)
- {
-#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */
- if (a->sn != NULL) OPENSSL_free((void *)a->sn);
- if (a->ln != NULL) OPENSSL_free((void *)a->ln);
-#endif
- a->sn=a->ln=NULL;
- }
- if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA)
- {
- if (a->data != NULL) OPENSSL_free(a->data);
- a->data=NULL;
- a->length=0;
- }
- if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
- OPENSSL_free(a);
- }
-
-ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
- char *sn, char *ln)
- {
- ASN1_OBJECT o;
-
- o.sn=sn;
- o.ln=ln;
- o.data=data;
- o.nid=nid;
- o.length=len;
- o.flags=ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
- ASN1_OBJECT_FLAG_DYNAMIC_DATA;
- return(OBJ_dup(&o));
- }
-
-IMPLEMENT_STACK_OF(ASN1_OBJECT)
-IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT)
diff --git a/src/lib/libcrypto/asn1/a_octet.c b/src/lib/libcrypto/asn1/a_octet.c
deleted file mode 100644
index 2586f4327d..0000000000
--- a/src/lib/libcrypto/asn1/a_octet.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/asn1/a_octet.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_OCTET_STRING *ASN1_OCTET_STRING_new(void)
-{ return M_ASN1_OCTET_STRING_new(); }
-
-void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *x)
-{ M_ASN1_OCTET_STRING_free(x); }
-
-ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x)
-{ return M_ASN1_OCTET_STRING_dup(x); }
-
-int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b)
-{ return M_ASN1_OCTET_STRING_cmp(a, b); }
-
-int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len)
-{ return M_ASN1_OCTET_STRING_set(x, d, len); }
-
-int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **pp)
-{ return M_i2d_ASN1_OCTET_STRING(a, pp); }
-
-ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
- unsigned char **pp, long length)
- {
- ASN1_OCTET_STRING *ret=NULL;
-
- ret=(ASN1_OCTET_STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
- pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL);
- if (ret == NULL)
- {
- ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ERR_R_NESTED_ASN1_ERROR);
- return(NULL);
- }
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/asn1/a_print.c b/src/lib/libcrypto/asn1/a_print.c
deleted file mode 100644
index b7bd2bd18a..0000000000
--- a/src/lib/libcrypto/asn1/a_print.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/* crypto/asn1/a_print.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_IA5STRING *ASN1_IA5STRING_new(void)
-{ return M_ASN1_IA5STRING_new();}
-
-void ASN1_IA5STRING_free(ASN1_IA5STRING *x)
-{ M_ASN1_IA5STRING_free(x);}
-
-int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a, unsigned char **pp)
- { return(M_i2d_ASN1_IA5STRING(a,pp)); }
-
-ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, unsigned char **pp,
- long l)
- { return(M_d2i_ASN1_IA5STRING(a,pp,l)); }
-
-ASN1_T61STRING *ASN1_T61STRING_new(void)
-{ return M_ASN1_T61STRING_new();}
-
-void ASN1_T61STRING_free(ASN1_T61STRING *x)
-{ M_ASN1_T61STRING_free(x);}
-
-ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, unsigned char **pp,
- long l)
- { return(M_d2i_ASN1_T61STRING(a,pp,l)); }
-
-ASN1_PRINTABLESTRING *ASN1_PRINTABLESTRING_new(void)
-{ return M_ASN1_PRINTABLESTRING_new();}
-
-void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *x)
-{ M_ASN1_PRINTABLESTRING_free(x);}
-
-ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
- unsigned char **pp, long l)
- { return(M_d2i_ASN1_PRINTABLESTRING(a,pp,
- l)); }
-
-int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp)
- { return(M_i2d_ASN1_PRINTABLESTRING(a,pp)); }
-
-int i2d_ASN1_PRINTABLE(ASN1_STRING *a, unsigned char **pp)
- { return(M_i2d_ASN1_PRINTABLE(a,pp)); }
-
-ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, unsigned char **pp,
- long l)
- { return(M_d2i_ASN1_PRINTABLE(a,pp,l)); }
-
-int ASN1_PRINTABLE_type(unsigned char *s, int len)
- {
- int c;
- int ia5=0;
- int t61=0;
-
- if (len <= 0) len= -1;
- if (s == NULL) return(V_ASN1_PRINTABLESTRING);
-
- while ((*s) && (len-- != 0))
- {
- c= *(s++);
-#ifndef CHARSET_EBCDIC
- if (!( ((c >= 'a') && (c <= 'z')) ||
- ((c >= 'A') && (c <= 'Z')) ||
- (c == ' ') ||
- ((c >= '0') && (c <= '9')) ||
- (c == ' ') || (c == '\'') ||
- (c == '(') || (c == ')') ||
- (c == '+') || (c == ',') ||
- (c == '-') || (c == '.') ||
- (c == '/') || (c == ':') ||
- (c == '=') || (c == '?')))
- ia5=1;
- if (c&0x80)
- t61=1;
-#else
- if (!isalnum(c) && (c != ' ') &&
- strchr("'()+,-./:=?", c) == NULL)
- ia5=1;
- if (os_toascii[c] & 0x80)
- t61=1;
-#endif
- }
- if (t61) return(V_ASN1_T61STRING);
- if (ia5) return(V_ASN1_IA5STRING);
- return(V_ASN1_PRINTABLESTRING);
- }
-
-int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
- {
- int i;
- unsigned char *p;
-
- if (s->type != V_ASN1_UNIVERSALSTRING) return(0);
- if ((s->length%4) != 0) return(0);
- p=s->data;
- for (i=0; i<s->length; i+=4)
- {
- if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
- break;
- else
- p+=4;
- }
- if (i < s->length) return(0);
- p=s->data;
- for (i=3; i<s->length; i+=4)
- {
- *(p++)=s->data[i];
- }
- *(p)='\0';
- s->length/=4;
- s->type=ASN1_PRINTABLE_type(s->data,s->length);
- return(1);
- }
-
-ASN1_STRING *DIRECTORYSTRING_new(void)
-{ return M_DIRECTORYSTRING_new();}
-
-void DIRECTORYSTRING_free(ASN1_STRING *x)
-{ M_DIRECTORYSTRING_free(x);}
-
-int i2d_DIRECTORYSTRING(ASN1_STRING *a, unsigned char **pp)
- { return(M_i2d_DIRECTORYSTRING(a,pp)); }
-
-ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp,
- long l)
- { return(M_d2i_DIRECTORYSTRING(a,pp,l)); }
-
-ASN1_STRING *DISPLAYTEXT_new(void)
-{ return M_DISPLAYTEXT_new();}
-
-void DISPLAYTEXT_free(ASN1_STRING *x)
-{ M_DISPLAYTEXT_free(x);}
-
-int i2d_DISPLAYTEXT(ASN1_STRING *a, unsigned char **pp)
- { return(M_i2d_DISPLAYTEXT(a,pp)); }
-
-ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp,
- long l)
- { return(M_d2i_DISPLAYTEXT(a,pp,l)); }
diff --git a/src/lib/libcrypto/asn1/a_set.c b/src/lib/libcrypto/asn1/a_set.c
deleted file mode 100644
index caf5a1419c..0000000000
--- a/src/lib/libcrypto/asn1/a_set.c
+++ /dev/null
@@ -1,217 +0,0 @@
-/* crypto/asn1/a_set.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-
-typedef struct
- {
- unsigned char *pbData;
- int cbData;
- } MYBLOB;
-
-/* SetBlobCmp
- * This function compares two elements of SET_OF block
- */
-static int SetBlobCmp(const void *elem1, const void *elem2 )
- {
- const MYBLOB *b1 = (const MYBLOB *)elem1;
- const MYBLOB *b2 = (const MYBLOB *)elem2;
- int r;
-
- r = memcmp(b1->pbData, b2->pbData,
- b1->cbData < b2->cbData ? b1->cbData : b2->cbData);
- if(r != 0)
- return r;
- return b1->cbData-b2->cbData;
- }
-
-/* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */
-int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
- int ex_class, int is_set)
- {
- int ret=0,r;
- int i;
- unsigned char *p;
- unsigned char *pStart, *pTempMem;
- MYBLOB *rgSetBlob;
- int totSize;
-
- if (a == NULL) return(0);
- for (i=sk_num(a)-1; i>=0; i--)
- ret+=func(sk_value(a,i),NULL);
- r=ASN1_object_size(1,ret,ex_tag);
- if (pp == NULL) return(r);
-
- p= *pp;
- ASN1_put_object(&p,1,ret,ex_tag,ex_class);
-
-/* Modified by gp@nsj.co.jp */
- /* And then again by Ben */
- /* And again by Steve */
-
- if(!is_set || (sk_num(a) < 2))
- {
- for (i=0; i<sk_num(a); i++)
- func(sk_value(a,i),&p);
-
- *pp=p;
- return(r);
- }
-
- pStart = p; /* Catch the beg of Setblobs*/
- rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)); /* In this array
-we will store the SET blobs */
-
- for (i=0; i<sk_num(a); i++)
- {
- rgSetBlob[i].pbData = p; /* catch each set encode blob */
- func(sk_value(a,i),&p);
- rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
-SetBlob
-*/
- }
- *pp=p;
- totSize = p - pStart; /* This is the total size of all set blobs */
-
- /* Now we have to sort the blobs. I am using a simple algo.
- *Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
- qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
- pTempMem = OPENSSL_malloc(totSize);
-
-/* Copy to temp mem */
- p = pTempMem;
- for(i=0; i<sk_num(a); ++i)
- {
- memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
- p += rgSetBlob[i].cbData;
- }
-
-/* Copy back to user mem*/
- memcpy(pStart, pTempMem, totSize);
- OPENSSL_free(pTempMem);
- OPENSSL_free(rgSetBlob);
-
- return(r);
- }
-
-STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
- char *(*func)(), void (*free_func)(void *), int ex_tag, int ex_class)
- {
- ASN1_CTX c;
- STACK *ret=NULL;
-
- if ((a == NULL) || ((*a) == NULL))
- { if ((ret=sk_new_null()) == NULL) goto err; }
- else
- ret=(*a);
-
- c.p= *pp;
- c.max=(length == 0)?0:(c.p+length);
-
- c.inf=ASN1_get_object(&c.p,&c.slen,&c.tag,&c.xclass,c.max-c.p);
- if (c.inf & 0x80) goto err;
- if (ex_class != c.xclass)
- {
- ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_CLASS);
- goto err;
- }
- if (ex_tag != c.tag)
- {
- ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_TAG);
- goto err;
- }
- if ((c.slen+c.p) > c.max)
- {
- ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_LENGTH_ERROR);
- goto err;
- }
- /* check for infinite constructed - it can be as long
- * as the amount of data passed to us */
- if (c.inf == (V_ASN1_CONSTRUCTED+1))
- c.slen=length+ *pp-c.p;
- c.max=c.p+c.slen;
-
- while (c.p < c.max)
- {
- char *s;
-
- if (M_ASN1_D2I_end_sequence()) break;
- if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
- {
- ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT);
- asn1_add_error(*pp,(int)(c.q- *pp));
- goto err;
- }
- if (!sk_push(ret,s)) goto err;
- }
- if (a != NULL) (*a)=ret;
- *pp=c.p;
- return(ret);
-err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- {
- if (free_func != NULL)
- sk_pop_free(ret,free_func);
- else
- sk_free(ret);
- }
- return(NULL);
- }
-
diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c
deleted file mode 100644
index 4c651706d2..0000000000
--- a/src/lib/libcrypto/asn1/a_sign.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* crypto/asn1/a_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include "cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-
-int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
- ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
- const EVP_MD *type)
- {
- EVP_MD_CTX ctx;
- unsigned char *p,*buf_in=NULL,*buf_out=NULL;
- int i,inl=0,outl=0,outll=0;
- X509_ALGOR *a;
-
- for (i=0; i<2; i++)
- {
- if (i == 0)
- a=algor1;
- else
- a=algor2;
- if (a == NULL) continue;
- if ( (a->parameter == NULL) ||
- (a->parameter->type != V_ASN1_NULL))
- {
- ASN1_TYPE_free(a->parameter);
- if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err;
- a->parameter->type=V_ASN1_NULL;
- }
- ASN1_OBJECT_free(a->algorithm);
- a->algorithm=OBJ_nid2obj(type->pkey_type);
- if (a->algorithm == NULL)
- {
- ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE);
- goto err;
- }
- if (a->algorithm->length == 0)
- {
- ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
- goto err;
- }
- }
- inl=i2d(data,NULL);
- buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl);
- outll=outl=EVP_PKEY_size(pkey);
- buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl);
- if ((buf_in == NULL) || (buf_out == NULL))
- {
- outl=0;
- ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- p=buf_in;
-
- i2d(data,&p);
- EVP_SignInit(&ctx,type);
- EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
- if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
- (unsigned int *)&outl,pkey))
- {
- outl=0;
- ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB);
- goto err;
- }
- if (signature->data != NULL) OPENSSL_free(signature->data);
- signature->data=buf_out;
- buf_out=NULL;
- signature->length=outl;
- /* In the interests of compatibility, I'll make sure that
- * the bit string has a 'not-used bits' value of 0
- */
- signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
- signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
-err:
- memset(&ctx,0,sizeof(ctx));
- if (buf_in != NULL)
- { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); }
- if (buf_out != NULL)
- { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); }
- return(outl);
- }
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c
deleted file mode 100644
index 569b811998..0000000000
--- a/src/lib/libcrypto/asn1/a_strex.c
+++ /dev/null
@@ -1,533 +0,0 @@
-/* a_strex.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-
-#include "charmap.h"
-
-/* ASN1_STRING_print_ex() and X509_NAME_print_ex().
- * Enhanced string and name printing routines handling
- * multibyte characters, RFC2253 and a host of other
- * options.
- */
-
-
-#define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
-
-
-/* Three IO functions for sending data to memory, a BIO and
- * and a FILE pointer.
- */
-
-int send_mem_chars(void *arg, const void *buf, int len)
-{
- unsigned char **out = arg;
- if(!out) return 1;
- memcpy(*out, buf, len);
- *out += len;
- return 1;
-}
-
-int send_bio_chars(void *arg, const void *buf, int len)
-{
- if(!arg) return 1;
- if(BIO_write(arg, buf, len) != len) return 0;
- return 1;
-}
-
-int send_fp_chars(void *arg, const void *buf, int len)
-{
- if(!arg) return 1;
- if(fwrite(buf, 1, len, arg) != (unsigned int)len) return 0;
- return 1;
-}
-
-typedef int char_io(void *arg, const void *buf, int len);
-
-/* This function handles display of
- * strings, one character at a time.
- * It is passed an unsigned long for each
- * character because it could come from 2 or even
- * 4 byte forms.
- */
-
-static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, char_io *io_ch, void *arg)
-{
- unsigned char chflgs, chtmp;
- char tmphex[11];
- if(c > 0xffff) {
- BIO_snprintf(tmphex, 11, "\\W%08lX", c);
- if(!io_ch(arg, tmphex, 10)) return -1;
- return 10;
- }
- if(c > 0xff) {
- BIO_snprintf(tmphex, 11, "\\U%04lX", c);
- if(!io_ch(arg, tmphex, 6)) return -1;
- return 6;
- }
- chtmp = (unsigned char)c;
- if(chtmp > 0x7f) chflgs = flags & ASN1_STRFLGS_ESC_MSB;
- else chflgs = char_type[chtmp] & flags;
- if(chflgs & CHARTYPE_BS_ESC) {
- /* If we don't escape with quotes, signal we need quotes */
- if(chflgs & ASN1_STRFLGS_ESC_QUOTE) {
- if(do_quotes) *do_quotes = 1;
- if(!io_ch(arg, &chtmp, 1)) return -1;
- return 1;
- }
- if(!io_ch(arg, "\\", 1)) return -1;
- if(!io_ch(arg, &chtmp, 1)) return -1;
- return 2;
- }
- if(chflgs & (ASN1_STRFLGS_ESC_CTRL|ASN1_STRFLGS_ESC_MSB)) {
- BIO_snprintf(tmphex, 11, "\\%02X", chtmp);
- if(!io_ch(arg, tmphex, 3)) return -1;
- return 3;
- }
- if(!io_ch(arg, &chtmp, 1)) return -1;
- return 1;
-}
-
-#define BUF_TYPE_WIDTH_MASK 0x7
-#define BUF_TYPE_CONVUTF8 0x8
-
-/* This function sends each character in a buffer to
- * do_esc_char(). It interprets the content formats
- * and converts to or from UTF8 as appropriate.
- */
-
-static int do_buf(unsigned char *buf, int buflen,
- int type, unsigned char flags, char *quotes, char_io *io_ch, void *arg)
-{
- int i, outlen, len;
- unsigned char orflags, *p, *q;
- unsigned long c;
- p = buf;
- q = buf + buflen;
- outlen = 0;
- while(p != q) {
- if(p == buf) orflags = CHARTYPE_FIRST_ESC_2253;
- else orflags = 0;
- switch(type & BUF_TYPE_WIDTH_MASK) {
- case 4:
- c = ((unsigned long)*p++) << 24;
- c |= ((unsigned long)*p++) << 16;
- c |= ((unsigned long)*p++) << 8;
- c |= *p++;
- break;
-
- case 2:
- c = ((unsigned long)*p++) << 8;
- c |= *p++;
- break;
-
- case 1:
- c = *p++;
- break;
-
- case 0:
- i = UTF8_getc(p, buflen, &c);
- if(i < 0) return -1; /* Invalid UTF8String */
- p += i;
- break;
- }
- if (p == q) orflags = CHARTYPE_LAST_ESC_2253;
- if(type & BUF_TYPE_CONVUTF8) {
- unsigned char utfbuf[6];
- int utflen;
- utflen = UTF8_putc(utfbuf, 6, c);
- for(i = 0; i < utflen; i++) {
- /* We don't need to worry about setting orflags correctly
- * because if utflen==1 its value will be correct anyway
- * otherwise each character will be > 0x7f and so the
- * character will never be escaped on first and last.
- */
- len = do_esc_char(utfbuf[i], (unsigned char)(flags | orflags), quotes, io_ch, arg);
- if(len < 0) return -1;
- outlen += len;
- }
- } else {
- len = do_esc_char(c, (unsigned char)(flags | orflags), quotes, io_ch, arg);
- if(len < 0) return -1;
- outlen += len;
- }
- }
- return outlen;
-}
-
-/* This function hex dumps a buffer of characters */
-
-static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen)
-{
- const static char hexdig[] = "0123456789ABCDEF";
- unsigned char *p, *q;
- char hextmp[2];
- if(arg) {
- p = buf;
- q = buf + buflen;
- while(p != q) {
- hextmp[0] = hexdig[*p >> 4];
- hextmp[1] = hexdig[*p & 0xf];
- if(!io_ch(arg, hextmp, 2)) return -1;
- p++;
- }
- }
- return buflen << 1;
-}
-
-/* "dump" a string. This is done when the type is unknown,
- * or the flags request it. We can either dump the content
- * octets or the entire DER encoding. This uses the RFC2253
- * #01234 format.
- */
-
-int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING *str)
-{
- /* Placing the ASN1_STRING in a temp ASN1_TYPE allows
- * the DER encoding to readily obtained
- */
- ASN1_TYPE t;
- unsigned char *der_buf, *p;
- int outlen, der_len;
-
- if(!io_ch(arg, "#", 1)) return -1;
- /* If we don't dump DER encoding just dump content octets */
- if(!(lflags & ASN1_STRFLGS_DUMP_DER)) {
- outlen = do_hex_dump(io_ch, arg, str->data, str->length);
- if(outlen < 0) return -1;
- return outlen + 1;
- }
- t.type = str->type;
- t.value.ptr = (char *)str;
- der_len = i2d_ASN1_TYPE(&t, NULL);
- der_buf = OPENSSL_malloc(der_len);
- if(!der_buf) return -1;
- p = der_buf;
- i2d_ASN1_TYPE(&t, &p);
- outlen = do_hex_dump(io_ch, arg, der_buf, der_len);
- OPENSSL_free(der_buf);
- if(outlen < 0) return -1;
- return outlen + 1;
-}
-
-/* Lookup table to convert tags to character widths,
- * 0 = UTF8 encoded, -1 is used for non string types
- * otherwise it is the number of bytes per character
- */
-
-const static char tag2nbyte[] = {
- -1, -1, -1, -1, -1, /* 0-4 */
- -1, -1, -1, -1, -1, /* 5-9 */
- -1, -1, 0, -1, /* 10-13 */
- -1, -1, -1, -1, /* 15-17 */
- -1, 1, 1, /* 18-20 */
- -1, 1, -1,-1, /* 21-24 */
- -1, 1, -1, /* 25-27 */
- 4, -1, 2 /* 28-30 */
-};
-
-#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
- ASN1_STRFLGS_ESC_QUOTE | \
- ASN1_STRFLGS_ESC_CTRL | \
- ASN1_STRFLGS_ESC_MSB)
-
-/* This is the main function, print out an
- * ASN1_STRING taking note of various escape
- * and display options. Returns number of
- * characters written or -1 if an error
- * occurred.
- */
-
-static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STRING *str)
-{
- int outlen, len;
- int type;
- char quotes;
- unsigned char flags;
- quotes = 0;
- /* Keep a copy of escape flags */
- flags = (unsigned char)(lflags & ESC_FLAGS);
-
- type = str->type;
-
- outlen = 0;
-
-
- if(lflags & ASN1_STRFLGS_SHOW_TYPE) {
- const char *tagname;
- tagname = ASN1_tag2str(type);
- outlen += strlen(tagname);
- if(!io_ch(arg, tagname, outlen) || !io_ch(arg, ":", 1)) return -1;
- outlen++;
- }
-
- /* Decide what to do with type, either dump content or display it */
-
- /* Dump everything */
- if(lflags & ASN1_STRFLGS_DUMP_ALL) type = -1;
- /* Ignore the string type */
- else if(lflags & ASN1_STRFLGS_IGNORE_TYPE) type = 1;
- else {
- /* Else determine width based on type */
- if((type > 0) && (type < 31)) type = tag2nbyte[type];
- else type = -1;
- if((type == -1) && !(lflags & ASN1_STRFLGS_DUMP_UNKNOWN)) type = 1;
- }
-
- if(type == -1) {
- len = do_dump(lflags, io_ch, arg, str);
- if(len < 0) return -1;
- outlen += len;
- return outlen;
- }
-
- if(lflags & ASN1_STRFLGS_UTF8_CONVERT) {
- /* Note: if string is UTF8 and we want
- * to convert to UTF8 then we just interpret
- * it as 1 byte per character to avoid converting
- * twice.
- */
- if(!type) type = 1;
- else type |= BUF_TYPE_CONVUTF8;
- }
-
- len = do_buf(str->data, str->length, type, flags, "es, io_ch, NULL);
- if(outlen < 0) return -1;
- outlen += len;
- if(quotes) outlen += 2;
- if(!arg) return outlen;
- if(quotes && !io_ch(arg, "\"", 1)) return -1;
- do_buf(str->data, str->length, type, flags, NULL, io_ch, arg);
- if(quotes && !io_ch(arg, "\"", 1)) return -1;
- return outlen;
-}
-
-/* Used for line indenting: print 'indent' spaces */
-
-static int do_indent(char_io *io_ch, void *arg, int indent)
-{
- int i;
- for(i = 0; i < indent; i++)
- if(!io_ch(arg, " ", 1)) return 0;
- return 1;
-}
-
-
-static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
- int indent, unsigned long flags)
-{
- int i, prev = -1, orflags, cnt;
- int fn_opt, fn_nid;
- ASN1_OBJECT *fn;
- ASN1_STRING *val;
- X509_NAME_ENTRY *ent;
- char objtmp[80];
- const char *objbuf;
- int outlen, len;
- char *sep_dn, *sep_mv, *sep_eq;
- int sep_dn_len, sep_mv_len, sep_eq_len;
- if(indent < 0) indent = 0;
- outlen = indent;
- if(!do_indent(io_ch, arg, indent)) return -1;
- switch (flags & XN_FLAG_SEP_MASK)
- {
- case XN_FLAG_SEP_MULTILINE:
- sep_dn = "\n";
- sep_dn_len = 1;
- sep_mv = " + ";
- sep_mv_len = 3;
- break;
-
- case XN_FLAG_SEP_COMMA_PLUS:
- sep_dn = ",";
- sep_dn_len = 1;
- sep_mv = "+";
- sep_mv_len = 1;
- indent = 0;
- break;
-
- case XN_FLAG_SEP_CPLUS_SPC:
- sep_dn = ", ";
- sep_dn_len = 2;
- sep_mv = " + ";
- sep_mv_len = 3;
- indent = 0;
- break;
-
- case XN_FLAG_SEP_SPLUS_SPC:
- sep_dn = "; ";
- sep_dn_len = 2;
- sep_mv = " + ";
- sep_mv_len = 3;
- indent = 0;
- break;
-
- default:
- return -1;
- }
-
- if(flags & XN_FLAG_SPC_EQ) {
- sep_eq = " = ";
- sep_eq_len = 3;
- } else {
- sep_eq = "=";
- sep_eq_len = 1;
- }
-
- fn_opt = flags & XN_FLAG_FN_MASK;
-
- cnt = X509_NAME_entry_count(n);
- for(i = 0; i < cnt; i++) {
- if(flags & XN_FLAG_DN_REV)
- ent = X509_NAME_get_entry(n, cnt - i - 1);
- else ent = X509_NAME_get_entry(n, i);
- if(prev != -1) {
- if(prev == ent->set) {
- if(!io_ch(arg, sep_mv, sep_mv_len)) return -1;
- outlen += sep_mv_len;
- } else {
- if(!io_ch(arg, sep_dn, sep_dn_len)) return -1;
- outlen += sep_dn_len;
- if(!do_indent(io_ch, arg, indent)) return -1;
- outlen += indent;
- }
- }
- prev = ent->set;
- fn = X509_NAME_ENTRY_get_object(ent);
- val = X509_NAME_ENTRY_get_data(ent);
- fn_nid = OBJ_obj2nid(fn);
- if(fn_opt != XN_FLAG_FN_NONE) {
- int objlen;
- if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) {
- OBJ_obj2txt(objtmp, 80, fn, 1);
- objbuf = objtmp;
- } else {
- if(fn_opt == XN_FLAG_FN_SN)
- objbuf = OBJ_nid2sn(fn_nid);
- else if(fn_opt == XN_FLAG_FN_LN)
- objbuf = OBJ_nid2ln(fn_nid);
- else objbuf = "";
- }
- objlen = strlen(objbuf);
- if(!io_ch(arg, objbuf, objlen)) return -1;
- if(!io_ch(arg, sep_eq, sep_eq_len)) return -1;
- outlen += objlen + sep_eq_len;
- }
- /* If the field name is unknown then fix up the DER dump
- * flag. We might want to limit this further so it will
- * DER dump on anything other than a few 'standard' fields.
- */
- if((fn_nid == NID_undef) && (flags & XN_FLAG_DUMP_UNKNOWN_FIELDS))
- orflags = ASN1_STRFLGS_DUMP_ALL;
- else orflags = 0;
-
- len = do_print_ex(io_ch, arg, flags | orflags, val);
- if(len < 0) return -1;
- outlen += len;
- }
- return outlen;
-}
-
-/* Wrappers round the main functions */
-
-int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
-{
- return do_name_ex(send_bio_chars, out, nm, indent, flags);
-}
-
-
-int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
-{
- return do_name_ex(send_fp_chars, fp, nm, indent, flags);
-}
-
-int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags)
-{
- return do_print_ex(send_bio_chars, out, flags, str);
-}
-
-
-int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags)
-{
- return do_print_ex(send_fp_chars, fp, flags, str);
-}
-
-/* Utility function: convert any string type to UTF8, returns number of bytes
- * in output string or a negative error code
- */
-
-int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
-{
- ASN1_STRING stmp, *str = &stmp;
- int mbflag, type, ret;
- if(!*out || !in) return -1;
- type = in->type;
- if((type < 0) || (type > 30)) return -1;
- mbflag = tag2nbyte[type];
- if(mbflag == -1) return -1;
- mbflag |= MBSTRING_FLAG;
- stmp.data = NULL;
- ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING);
- if(ret < 0) return ret;
- if(out) *out = stmp.data;
- return stmp.length;
-}
diff --git a/src/lib/libcrypto/asn1/a_strnid.c b/src/lib/libcrypto/asn1/a_strnid.c
deleted file mode 100644
index 732e68fe46..0000000000
--- a/src/lib/libcrypto/asn1/a_strnid.c
+++ /dev/null
@@ -1,250 +0,0 @@
-/* a_strnid.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-
-
-static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;
-static void st_free(ASN1_STRING_TABLE *tbl);
-static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
- const ASN1_STRING_TABLE * const *b);
-static int table_cmp(const void *a, const void *b);
-
-
-/* This is the global mask for the mbstring functions: this is use to
- * mask out certain types (such as BMPString and UTF8String) because
- * certain software (e.g. Netscape) has problems with them.
- */
-
-static unsigned long global_mask = 0xFFFFFFFFL;
-
-void ASN1_STRING_set_default_mask(unsigned long mask)
-{
- global_mask = mask;
-}
-
-unsigned long ASN1_STRING_get_default_mask(void)
-{
- return global_mask;
-}
-
-/* This function sets the default to various "flavours" of configuration.
- * based on an ASCII string. Currently this is:
- * MASK:XXXX : a numerical mask value.
- * nobmp : Don't use BMPStrings (just Printable, T61).
- * pkix : PKIX recommendation in RFC2459.
- * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004).
- * default: the default value, Printable, T61, BMP.
- */
-
-int ASN1_STRING_set_default_mask_asc(char *p)
-{
- unsigned long mask;
- char *end;
- if(!strncmp(p, "MASK:", 5)) {
- if(!p[5]) return 0;
- mask = strtoul(p + 5, &end, 0);
- if(*end) return 0;
- } else if(!strcmp(p, "nombstr"))
- mask = ~(B_ASN1_BMPSTRING|B_ASN1_UTF8STRING);
- else if(!strcmp(p, "pkix"))
- mask = ~B_ASN1_T61STRING;
- else if(!strcmp(p, "utf8only")) mask = B_ASN1_UTF8STRING;
- else if(!strcmp(p, "default"))
- mask = 0xFFFFFFFFL;
- else return 0;
- ASN1_STRING_set_default_mask(mask);
- return 1;
-}
-
-/* The following function generates an ASN1_STRING based on limits in a table.
- * Frequently the types and length of an ASN1_STRING are restricted by a
- * corresponding OID. For example certificates and certificate requests.
- */
-
-ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in,
- int inlen, int inform, int nid)
-{
- ASN1_STRING_TABLE *tbl;
- ASN1_STRING *str = NULL;
- unsigned long mask;
- int ret;
- if(!out) out = &str;
- tbl = ASN1_STRING_TABLE_get(nid);
- if(tbl) {
- mask = tbl->mask;
- if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask;
- ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
- tbl->minsize, tbl->maxsize);
- } else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask);
- if(ret <= 0) return NULL;
- return *out;
-}
-
-/* Now the tables and helper functions for the string table:
- */
-
-/* size limits: this stuff is taken straight from RFC2459 */
-
-#define ub_name 32768
-#define ub_common_name 64
-#define ub_locality_name 128
-#define ub_state_name 128
-#define ub_organization_name 64
-#define ub_organization_unit_name 64
-#define ub_title 64
-#define ub_email_address 128
-
-/* This table must be kept in NID order */
-
-static ASN1_STRING_TABLE tbl_standard[] = {
-{NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0},
-{NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
-{NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0},
-{NID_stateOrProvinceName, 1, ub_state_name, DIRSTRING_TYPE, 0},
-{NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0},
-{NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE, 0},
-{NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING, STABLE_NO_MASK},
-{NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0},
-{NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0},
-{NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0},
-{NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0},
-{NID_surname, 1, ub_name, DIRSTRING_TYPE, 0},
-{NID_initials, 1, ub_name, DIRSTRING_TYPE, 0},
-{NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
-{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}
-};
-
-static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
- const ASN1_STRING_TABLE * const *b)
-{
- return (*a)->nid - (*b)->nid;
-}
-
-static int table_cmp(const void *a, const void *b)
-{
- const ASN1_STRING_TABLE *sa = a, *sb = b;
- return sa->nid - sb->nid;
-}
-
-ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
-{
- int idx;
- ASN1_STRING_TABLE *ttmp;
- ASN1_STRING_TABLE fnd;
- fnd.nid = nid;
- ttmp = (ASN1_STRING_TABLE *) OBJ_bsearch((char *)&fnd,
- (char *)tbl_standard,
- sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE),
- sizeof(ASN1_STRING_TABLE), table_cmp);
- if(ttmp) return ttmp;
- if(!stable) return NULL;
- idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
- if(idx < 0) return NULL;
- return sk_ASN1_STRING_TABLE_value(stable, idx);
-}
-
-int ASN1_STRING_TABLE_add(int nid,
- long minsize, long maxsize, unsigned long mask,
- unsigned long flags)
-{
- ASN1_STRING_TABLE *tmp;
- char new_nid = 0;
- flags &= ~STABLE_FLAGS_MALLOC;
- if(!stable) stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp);
- if(!stable) {
- ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if(!(tmp = ASN1_STRING_TABLE_get(nid))) {
- tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE));
- if(!tmp) {
- ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- tmp->flags = flags | STABLE_FLAGS_MALLOC;
- tmp->nid = nid;
- new_nid = 1;
- } else tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags;
- if(minsize != -1) tmp->minsize = minsize;
- if(maxsize != -1) tmp->maxsize = maxsize;
- tmp->mask = mask;
- if(new_nid) sk_ASN1_STRING_TABLE_push(stable, tmp);
- return 1;
-}
-
-void ASN1_STRING_TABLE_cleanup(void)
-{
- STACK_OF(ASN1_STRING_TABLE) *tmp;
- tmp = stable;
- if(!tmp) return;
- stable = NULL;
- sk_ASN1_STRING_TABLE_pop_free(tmp, st_free);
-}
-
-static void st_free(ASN1_STRING_TABLE *tbl)
-{
- if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl);
-}
-
-IMPLEMENT_STACK_OF(ASN1_STRING_TABLE)
diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c
deleted file mode 100644
index 8c0ddee4ac..0000000000
--- a/src/lib/libcrypto/asn1/a_time.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* crypto/asn1/a_time.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-/* This is an implementation of the ASN1 Time structure which is:
- * Time ::= CHOICE {
- * utcTime UTCTime,
- * generalTime GeneralizedTime }
- * written by Steve Henson.
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_TIME *ASN1_TIME_new(void)
-{ return M_ASN1_TIME_new(); }
-
-void ASN1_TIME_free(ASN1_TIME *x)
-{ M_ASN1_TIME_free(x); }
-
-int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
- {
-#ifdef CHARSET_EBCDIC
- /* KLUDGE! We convert to ascii before writing DER */
- char tmp[24];
- ASN1_STRING tmpstr;
-
- if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) {
- int len;
-
- tmpstr = *(ASN1_STRING *)a;
- len = tmpstr.length;
- ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
- tmpstr.data = tmp;
- a = (ASN1_GENERALIZEDTIME *) &tmpstr;
- }
-#endif
- if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME)
- return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
- a->type ,V_ASN1_UNIVERSAL));
- ASN1err(ASN1_F_I2D_ASN1_TIME,ASN1_R_EXPECTING_A_TIME);
- return -1;
- }
-
-
-ASN1_TIME *d2i_ASN1_TIME(ASN1_TIME **a, unsigned char **pp, long length)
- {
- unsigned char tag;
- tag = **pp & ~V_ASN1_CONSTRUCTED;
- if(tag == (V_ASN1_UTCTIME|V_ASN1_UNIVERSAL))
- return d2i_ASN1_UTCTIME(a, pp, length);
- if(tag == (V_ASN1_GENERALIZEDTIME|V_ASN1_UNIVERSAL))
- return d2i_ASN1_GENERALIZEDTIME(a, pp, length);
- ASN1err(ASN1_F_D2I_ASN1_TIME,ASN1_R_EXPECTING_A_TIME);
- return(NULL);
- }
-
-
-ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
- {
- struct tm *ts;
-#if defined(THREADS) && !defined(WIN32) && !defined(__CYGWIN32__)
- struct tm data;
-
- gmtime_r(&t,&data);
- ts=&data; /* should return &data, but doesn't on some systems, so we don't even look at the return value */
-#else
- ts=gmtime(&t);
-#endif
- if((ts->tm_year >= 50) && (ts->tm_year < 150))
- return ASN1_UTCTIME_set(s, t);
- return ASN1_GENERALIZEDTIME_set(s,t);
- }
diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c
deleted file mode 100644
index e72a6b29e0..0000000000
--- a/src/lib/libcrypto/asn1/a_type.c
+++ /dev/null
@@ -1,352 +0,0 @@
-/* crypto/asn1/a_type.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-
-static void ASN1_TYPE_component_free(ASN1_TYPE *a);
-int i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp)
- {
- int r=0;
-
- if (a == NULL) return(0);
-
- switch (a->type)
- {
- case V_ASN1_NULL:
- if (pp != NULL)
- ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
- r=2;
- break;
- case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
- r=i2d_ASN1_INTEGER(a->value.integer,pp);
- break;
- case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
- r=i2d_ASN1_ENUMERATED(a->value.enumerated,pp);
- break;
- case V_ASN1_BIT_STRING:
- r=i2d_ASN1_BIT_STRING(a->value.bit_string,pp);
- break;
- case V_ASN1_OCTET_STRING:
- r=i2d_ASN1_OCTET_STRING(a->value.octet_string,pp);
- break;
- case V_ASN1_OBJECT:
- r=i2d_ASN1_OBJECT(a->value.object,pp);
- break;
- case V_ASN1_PRINTABLESTRING:
- r=M_i2d_ASN1_PRINTABLESTRING(a->value.printablestring,pp);
- break;
- case V_ASN1_T61STRING:
- r=M_i2d_ASN1_T61STRING(a->value.t61string,pp);
- break;
- case V_ASN1_IA5STRING:
- r=M_i2d_ASN1_IA5STRING(a->value.ia5string,pp);
- break;
- case V_ASN1_GENERALSTRING:
- r=M_i2d_ASN1_GENERALSTRING(a->value.generalstring,pp);
- break;
- case V_ASN1_UNIVERSALSTRING:
- r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp);
- break;
- case V_ASN1_UTF8STRING:
- r=M_i2d_ASN1_UTF8STRING(a->value.utf8string,pp);
- break;
- case V_ASN1_VISIBLESTRING:
- r=M_i2d_ASN1_VISIBLESTRING(a->value.visiblestring,pp);
- break;
- case V_ASN1_BMPSTRING:
- r=M_i2d_ASN1_BMPSTRING(a->value.bmpstring,pp);
- break;
- case V_ASN1_UTCTIME:
- r=i2d_ASN1_UTCTIME(a->value.utctime,pp);
- break;
- case V_ASN1_GENERALIZEDTIME:
- r=i2d_ASN1_GENERALIZEDTIME(a->value.generalizedtime,pp);
- break;
- case V_ASN1_SET:
- case V_ASN1_SEQUENCE:
- case V_ASN1_OTHER:
- default:
- if (a->value.set == NULL)
- r=0;
- else
- {
- r=a->value.set->length;
- if (pp != NULL)
- {
- memcpy(*pp,a->value.set->data,r);
- *pp+=r;
- }
- }
- break;
- }
- return(r);
- }
-
-ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
- {
- ASN1_TYPE *ret=NULL;
- unsigned char *q,*p,*max;
- int inf,tag,xclass;
- long len;
-
- if ((a == NULL) || ((*a) == NULL))
- {
- if ((ret=ASN1_TYPE_new()) == NULL) goto err;
- }
- else
- ret=(*a);
-
- p= *pp;
- q=p;
- max=(p+length);
-
- inf=ASN1_get_object(&q,&len,&tag,&xclass,length);
- if (inf & 0x80) goto err;
- /* If not universal tag we've no idea what it is */
- if(xclass != V_ASN1_UNIVERSAL) tag = V_ASN1_OTHER;
-
- ASN1_TYPE_component_free(ret);
-
- switch (tag)
- {
- case V_ASN1_NULL:
- p=q;
- ret->value.ptr=NULL;
- break;
- case V_ASN1_INTEGER:
- if ((ret->value.integer=
- d2i_ASN1_INTEGER(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_ENUMERATED:
- if ((ret->value.enumerated=
- d2i_ASN1_ENUMERATED(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_BIT_STRING:
- if ((ret->value.bit_string=
- d2i_ASN1_BIT_STRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_OCTET_STRING:
- if ((ret->value.octet_string=
- d2i_ASN1_OCTET_STRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_VISIBLESTRING:
- if ((ret->value.visiblestring=
- d2i_ASN1_VISIBLESTRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_UTF8STRING:
- if ((ret->value.utf8string=
- d2i_ASN1_UTF8STRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_OBJECT:
- if ((ret->value.object=
- d2i_ASN1_OBJECT(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_PRINTABLESTRING:
- if ((ret->value.printablestring=
- d2i_ASN1_PRINTABLESTRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_T61STRING:
- if ((ret->value.t61string=
- M_d2i_ASN1_T61STRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_IA5STRING:
- if ((ret->value.ia5string=
- M_d2i_ASN1_IA5STRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_GENERALSTRING:
- if ((ret->value.generalstring=
- M_d2i_ASN1_GENERALSTRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_UNIVERSALSTRING:
- if ((ret->value.universalstring=
- M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_BMPSTRING:
- if ((ret->value.bmpstring=
- M_d2i_ASN1_BMPSTRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_UTCTIME:
- if ((ret->value.utctime=
- d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_GENERALIZEDTIME:
- if ((ret->value.generalizedtime=
- d2i_ASN1_GENERALIZEDTIME(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_SET:
- case V_ASN1_SEQUENCE:
- case V_ASN1_OTHER:
- default:
- /* Sets and sequences are left complete */
- if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err;
- ret->value.set->type=tag;
- len+=(q-p);
- if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err;
- p+=len;
- break;
- }
-
- ret->type=tag;
- if (a != NULL) (*a)=ret;
- *pp=p;
- return(ret);
-err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_TYPE_free(ret);
- return(NULL);
- }
-
-ASN1_TYPE *ASN1_TYPE_new(void)
- {
- ASN1_TYPE *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,ASN1_TYPE);
- ret->type= -1;
- ret->value.ptr=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_ASN1_TYPE_NEW);
- }
-
-void ASN1_TYPE_free(ASN1_TYPE *a)
- {
- if (a == NULL) return;
- ASN1_TYPE_component_free(a);
- OPENSSL_free(a);
- }
-
-int ASN1_TYPE_get(ASN1_TYPE *a)
- {
- if (a->value.ptr != NULL)
- return(a->type);
- else
- return(0);
- }
-
-void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
- {
- if (a->value.ptr != NULL)
- ASN1_TYPE_component_free(a);
- a->type=type;
- a->value.ptr=value;
- }
-
-static void ASN1_TYPE_component_free(ASN1_TYPE *a)
- {
- if (a == NULL) return;
-
- if (a->value.ptr != NULL)
- {
- switch (a->type)
- {
- case V_ASN1_OBJECT:
- ASN1_OBJECT_free(a->value.object);
- break;
- case V_ASN1_NULL:
- break;
- case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
- case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
- case V_ASN1_BIT_STRING:
- case V_ASN1_OCTET_STRING:
- case V_ASN1_SEQUENCE:
- case V_ASN1_SET:
- case V_ASN1_NUMERICSTRING:
- case V_ASN1_PRINTABLESTRING:
- case V_ASN1_T61STRING:
- case V_ASN1_VIDEOTEXSTRING:
- case V_ASN1_IA5STRING:
- case V_ASN1_UTCTIME:
- case V_ASN1_GENERALIZEDTIME:
- case V_ASN1_GRAPHICSTRING:
- case V_ASN1_VISIBLESTRING:
- case V_ASN1_GENERALSTRING:
- case V_ASN1_UNIVERSALSTRING:
- case V_ASN1_BMPSTRING:
- case V_ASN1_UTF8STRING:
- case V_ASN1_OTHER:
- default:
- ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
- break;
- }
- a->type=0;
- a->value.ptr=NULL;
- }
- }
-
-IMPLEMENT_STACK_OF(ASN1_TYPE)
-IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
diff --git a/src/lib/libcrypto/asn1/a_utf8.c b/src/lib/libcrypto/asn1/a_utf8.c
deleted file mode 100644
index 854278f136..0000000000
--- a/src/lib/libcrypto/asn1/a_utf8.c
+++ /dev/null
@@ -1,238 +0,0 @@
-/* crypto/asn1/a_utf8.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_UTF8STRING *ASN1_UTF8STRING_new(void)
-{ return M_ASN1_UTF8STRING_new();}
-
-void ASN1_UTF8STRING_free(ASN1_UTF8STRING *x)
-{ M_ASN1_UTF8STRING_free(x);}
-
-int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **pp)
- {
- return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
- V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL));
- }
-
-ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, unsigned char **pp,
- long length)
- {
- ASN1_UTF8STRING *ret=NULL;
-
- ret=(ASN1_UTF8STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
- pp,length,V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL);
- if (ret == NULL)
- {
- ASN1err(ASN1_F_D2I_ASN1_UTF8STRING,ERR_R_NESTED_ASN1_ERROR);
- return(NULL);
- }
- return(ret);
- }
-
-
-/* UTF8 utilities */
-
-/* This parses a UTF8 string one character at a time. It is passed a pointer
- * to the string and the length of the string. It sets 'value' to the value of
- * the current character. It returns the number of characters read or a
- * negative error code:
- * -1 = string too short
- * -2 = illegal character
- * -3 = subsequent characters not of the form 10xxxxxx
- * -4 = character encoded incorrectly (not minimal length).
- */
-
-int UTF8_getc(const unsigned char *str, int len, unsigned long *val)
-{
- const unsigned char *p;
- unsigned long value;
- int ret;
- if(len <= 0) return 0;
- p = str;
-
- /* Check syntax and work out the encoded value (if correct) */
- if((*p & 0x80) == 0) {
- value = *p++ & 0x7f;
- ret = 1;
- } else if((*p & 0xe0) == 0xc0) {
- if(len < 2) return -1;
- if((p[1] & 0xc0) != 0x80) return -3;
- value = (*p++ & 0x1f) << 6;
- value |= *p++ & 0x3f;
- if(value < 0x80) return -4;
- ret = 2;
- } else if((*p & 0xf0) == 0xe0) {
- if(len < 3) return -1;
- if( ((p[1] & 0xc0) != 0x80)
- || ((p[2] & 0xc0) != 0x80) ) return -3;
- value = (*p++ & 0xf) << 12;
- value |= (*p++ & 0x3f) << 6;
- value |= *p++ & 0x3f;
- if(value < 0x800) return -4;
- ret = 3;
- } else if((*p & 0xf8) == 0xf0) {
- if(len < 4) return -1;
- if( ((p[1] & 0xc0) != 0x80)
- || ((p[2] & 0xc0) != 0x80)
- || ((p[3] & 0xc0) != 0x80) ) return -3;
- value = ((unsigned long)(*p++ & 0x7)) << 18;
- value |= (*p++ & 0x3f) << 12;
- value |= (*p++ & 0x3f) << 6;
- value |= *p++ & 0x3f;
- if(value < 0x10000) return -4;
- ret = 4;
- } else if((*p & 0xfc) == 0xf8) {
- if(len < 5) return -1;
- if( ((p[1] & 0xc0) != 0x80)
- || ((p[2] & 0xc0) != 0x80)
- || ((p[3] & 0xc0) != 0x80)
- || ((p[4] & 0xc0) != 0x80) ) return -3;
- value = ((unsigned long)(*p++ & 0x3)) << 24;
- value |= ((unsigned long)(*p++ & 0x3f)) << 18;
- value |= ((unsigned long)(*p++ & 0x3f)) << 12;
- value |= (*p++ & 0x3f) << 6;
- value |= *p++ & 0x3f;
- if(value < 0x200000) return -4;
- ret = 5;
- } else if((*p & 0xfe) == 0xfc) {
- if(len < 6) return -1;
- if( ((p[1] & 0xc0) != 0x80)
- || ((p[2] & 0xc0) != 0x80)
- || ((p[3] & 0xc0) != 0x80)
- || ((p[4] & 0xc0) != 0x80)
- || ((p[5] & 0xc0) != 0x80) ) return -3;
- value = ((unsigned long)(*p++ & 0x1)) << 30;
- value |= ((unsigned long)(*p++ & 0x3f)) << 24;
- value |= ((unsigned long)(*p++ & 0x3f)) << 18;
- value |= ((unsigned long)(*p++ & 0x3f)) << 12;
- value |= (*p++ & 0x3f) << 6;
- value |= *p++ & 0x3f;
- if(value < 0x4000000) return -4;
- ret = 6;
- } else return -2;
- *val = value;
- return ret;
-}
-
-/* This takes a character 'value' and writes the UTF8 encoded value in
- * 'str' where 'str' is a buffer containing 'len' characters. Returns
- * the number of characters written or -1 if 'len' is too small. 'str' can
- * be set to NULL in which case it just returns the number of characters.
- * It will need at most 6 characters.
- */
-
-int UTF8_putc(unsigned char *str, int len, unsigned long value)
-{
- if(!str) len = 6; /* Maximum we will need */
- else if(len <= 0) return -1;
- if(value < 0x80) {
- if(str) *str = (unsigned char)value;
- return 1;
- }
- if(value < 0x800) {
- if(len < 2) return -1;
- if(str) {
- *str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0);
- *str = (unsigned char)((value & 0x3f) | 0x80);
- }
- return 2;
- }
- if(value < 0x10000) {
- if(len < 3) return -1;
- if(str) {
- *str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0);
- *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
- *str = (unsigned char)((value & 0x3f) | 0x80);
- }
- return 3;
- }
- if(value < 0x200000) {
- if(len < 4) return -1;
- if(str) {
- *str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0);
- *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
- *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
- *str = (unsigned char)((value & 0x3f) | 0x80);
- }
- return 4;
- }
- if(value < 0x4000000) {
- if(len < 5) return -1;
- if(str) {
- *str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8);
- *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
- *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
- *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
- *str = (unsigned char)((value & 0x3f) | 0x80);
- }
- return 5;
- }
- if(len < 6) return -1;
- if(str) {
- *str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc);
- *str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80);
- *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
- *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
- *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
- *str = (unsigned char)((value & 0x3f) | 0x80);
- }
- return 6;
-}
diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c
deleted file mode 100644
index 2a11927e5c..0000000000
--- a/src/lib/libcrypto/asn1/a_verify.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/asn1/a_verify.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include "cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature,
- char *data, EVP_PKEY *pkey)
- {
- EVP_MD_CTX ctx;
- const EVP_MD *type;
- unsigned char *p,*buf_in=NULL;
- int ret= -1,i,inl;
-
- i=OBJ_obj2nid(a->algorithm);
- type=EVP_get_digestbyname(OBJ_nid2sn(i));
- if (type == NULL)
- {
- ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
- goto err;
- }
-
- inl=i2d(data,NULL);
- buf_in=OPENSSL_malloc((unsigned int)inl);
- if (buf_in == NULL)
- {
- ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- p=buf_in;
-
- i2d(data,&p);
- EVP_VerifyInit(&ctx,type);
- EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
-
- memset(buf_in,0,(unsigned int)inl);
- OPENSSL_free(buf_in);
-
- if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
- (unsigned int)signature->length,pkey) <= 0)
- {
- ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
- ret=0;
- goto err;
- }
- /* we don't need to zero the 'ctx' because we just checked
- * public information */
- /* memset(&ctx,0,sizeof(ctx)); */
- ret=1;
-err:
- return(ret);
- }
diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h
deleted file mode 100644
index 6f956b1963..0000000000
--- a/src/lib/libcrypto/asn1/asn1.h
+++ /dev/null
@@ -1,1151 +0,0 @@
-/* crypto/asn1/asn1.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ASN1_H
-#define HEADER_ASN1_H
-
-#include <time.h>
-#ifndef NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/bn.h>
-#include <openssl/stack.h>
-#include <openssl/safestack.h>
-
-#include <openssl/symhacks.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define V_ASN1_UNIVERSAL 0x00
-#define V_ASN1_APPLICATION 0x40
-#define V_ASN1_CONTEXT_SPECIFIC 0x80
-#define V_ASN1_PRIVATE 0xc0
-
-#define V_ASN1_CONSTRUCTED 0x20
-#define V_ASN1_PRIMITIVE_TAG 0x1f
-#define V_ASN1_PRIMATIVE_TAG 0x1f
-
-#define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */
-#define V_ASN1_OTHER -3 /* used in ASN1_TYPE */
-
-#define V_ASN1_NEG 0x100 /* negative flag */
-
-#define V_ASN1_UNDEF -1
-#define V_ASN1_EOC 0
-#define V_ASN1_BOOLEAN 1 /**/
-#define V_ASN1_INTEGER 2
-#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
-#define V_ASN1_BIT_STRING 3
-#define V_ASN1_OCTET_STRING 4
-#define V_ASN1_NULL 5
-#define V_ASN1_OBJECT 6
-#define V_ASN1_OBJECT_DESCRIPTOR 7
-#define V_ASN1_EXTERNAL 8
-#define V_ASN1_REAL 9
-#define V_ASN1_ENUMERATED 10
-#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
-#define V_ASN1_UTF8STRING 12
-#define V_ASN1_SEQUENCE 16
-#define V_ASN1_SET 17
-#define V_ASN1_NUMERICSTRING 18 /**/
-#define V_ASN1_PRINTABLESTRING 19
-#define V_ASN1_T61STRING 20
-#define V_ASN1_TELETEXSTRING 20 /* alias */
-#define V_ASN1_VIDEOTEXSTRING 21 /**/
-#define V_ASN1_IA5STRING 22
-#define V_ASN1_UTCTIME 23
-#define V_ASN1_GENERALIZEDTIME 24 /**/
-#define V_ASN1_GRAPHICSTRING 25 /**/
-#define V_ASN1_ISO64STRING 26 /**/
-#define V_ASN1_VISIBLESTRING 26 /* alias */
-#define V_ASN1_GENERALSTRING 27 /**/
-#define V_ASN1_UNIVERSALSTRING 28 /**/
-#define V_ASN1_BMPSTRING 30
-
-/* For use with d2i_ASN1_type_bytes() */
-#define B_ASN1_NUMERICSTRING 0x0001
-#define B_ASN1_PRINTABLESTRING 0x0002
-#define B_ASN1_T61STRING 0x0004
-#define B_ASN1_TELETEXSTRING 0x0008
-#define B_ASN1_VIDEOTEXSTRING 0x0008
-#define B_ASN1_IA5STRING 0x0010
-#define B_ASN1_GRAPHICSTRING 0x0020
-#define B_ASN1_ISO64STRING 0x0040
-#define B_ASN1_VISIBLESTRING 0x0040
-#define B_ASN1_GENERALSTRING 0x0080
-#define B_ASN1_UNIVERSALSTRING 0x0100
-#define B_ASN1_OCTET_STRING 0x0200
-#define B_ASN1_BIT_STRING 0x0400
-#define B_ASN1_BMPSTRING 0x0800
-#define B_ASN1_UNKNOWN 0x1000
-#define B_ASN1_UTF8STRING 0x2000
-
-/* For use with ASN1_mbstring_copy() */
-#define MBSTRING_FLAG 0x1000
-#define MBSTRING_ASC (MBSTRING_FLAG|1)
-#define MBSTRING_BMP (MBSTRING_FLAG|2)
-#define MBSTRING_UNIV (MBSTRING_FLAG|3)
-#define MBSTRING_UTF8 (MBSTRING_FLAG|4)
-
-struct X509_algor_st;
-
-#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */
-#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */
-
-typedef struct asn1_ctx_st
- {
- unsigned char *p;/* work char pointer */
- int eos; /* end of sequence read for indefinite encoding */
- int error; /* error code to use when returning an error */
- int inf; /* constructed if 0x20, indefinite is 0x21 */
- int tag; /* tag from last 'get object' */
- int xclass; /* class from last 'get object' */
- long slen; /* length of last 'get object' */
- unsigned char *max; /* largest value of p allowed */
- unsigned char *q;/* temporary variable */
- unsigned char **pp;/* variable */
- int line; /* used in error processing */
- } ASN1_CTX;
-
-/* These are used internally in the ASN1_OBJECT to keep track of
- * whether the names and data need to be free()ed */
-#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */
-#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */
-#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */
-#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */
-typedef struct asn1_object_st
- {
- const char *sn,*ln;
- int nid;
- int length;
- unsigned char *data;
- int flags; /* Should we free this one */
- } ASN1_OBJECT;
-
-#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
-/* This is the base type that holds just about everything :-) */
-typedef struct asn1_string_st
- {
- int length;
- int type;
- unsigned char *data;
- /* The value of the following field depends on the type being
- * held. It is mostly being used for BIT_STRING so if the
- * input data has a non-zero 'unused bits' value, it will be
- * handled correctly */
- long flags;
- } ASN1_STRING;
-
-#define STABLE_FLAGS_MALLOC 0x01
-#define STABLE_NO_MASK 0x02
-#define DIRSTRING_TYPE \
- (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
-#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
-
-typedef struct asn1_string_table_st {
- int nid;
- long minsize;
- long maxsize;
- unsigned long mask;
- unsigned long flags;
-} ASN1_STRING_TABLE;
-
-DECLARE_STACK_OF(ASN1_STRING_TABLE)
-
-/* size limits: this stuff is taken straight from RFC2459 */
-
-#define ub_name 32768
-#define ub_common_name 64
-#define ub_locality_name 128
-#define ub_state_name 128
-#define ub_organization_name 64
-#define ub_organization_unit_name 64
-#define ub_title 64
-#define ub_email_address 128
-
-#ifdef NO_ASN1_TYPEDEFS
-#define ASN1_INTEGER ASN1_STRING
-#define ASN1_ENUMERATED ASN1_STRING
-#define ASN1_BIT_STRING ASN1_STRING
-#define ASN1_OCTET_STRING ASN1_STRING
-#define ASN1_PRINTABLESTRING ASN1_STRING
-#define ASN1_T61STRING ASN1_STRING
-#define ASN1_IA5STRING ASN1_STRING
-#define ASN1_UTCTIME ASN1_STRING
-#define ASN1_GENERALIZEDTIME ASN1_STRING
-#define ASN1_TIME ASN1_STRING
-#define ASN1_GENERALSTRING ASN1_STRING
-#define ASN1_UNIVERSALSTRING ASN1_STRING
-#define ASN1_BMPSTRING ASN1_STRING
-#define ASN1_VISIBLESTRING ASN1_STRING
-#define ASN1_UTF8STRING ASN1_STRING
-#define ASN1_BOOLEAN int
-#else
-typedef struct asn1_string_st ASN1_INTEGER;
-typedef struct asn1_string_st ASN1_ENUMERATED;
-typedef struct asn1_string_st ASN1_BIT_STRING;
-typedef struct asn1_string_st ASN1_OCTET_STRING;
-typedef struct asn1_string_st ASN1_PRINTABLESTRING;
-typedef struct asn1_string_st ASN1_T61STRING;
-typedef struct asn1_string_st ASN1_IA5STRING;
-typedef struct asn1_string_st ASN1_GENERALSTRING;
-typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
-typedef struct asn1_string_st ASN1_BMPSTRING;
-typedef struct asn1_string_st ASN1_UTCTIME;
-typedef struct asn1_string_st ASN1_TIME;
-typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
-typedef struct asn1_string_st ASN1_VISIBLESTRING;
-typedef struct asn1_string_st ASN1_UTF8STRING;
-typedef int ASN1_BOOLEAN;
-#endif
-
-typedef int ASN1_NULL;
-
-/* Parameters used by ASN1_STRING_print_ex() */
-
-/* These determine which characters to escape:
- * RFC2253 special characters, control characters and
- * MSB set characters
- */
-
-#define ASN1_STRFLGS_ESC_2253 1
-#define ASN1_STRFLGS_ESC_CTRL 2
-#define ASN1_STRFLGS_ESC_MSB 4
-
-
-/* This flag determines how we do escaping: normally
- * RC2253 backslash only, set this to use backslash and
- * quote.
- */
-
-#define ASN1_STRFLGS_ESC_QUOTE 8
-
-
-/* These three flags are internal use only. */
-
-/* Character is a valid PrintableString character */
-#define CHARTYPE_PRINTABLESTRING 0x10
-/* Character needs escaping if it is the first character */
-#define CHARTYPE_FIRST_ESC_2253 0x20
-/* Character needs escaping if it is the last character */
-#define CHARTYPE_LAST_ESC_2253 0x40
-
-/* NB the internal flags are safely reused below by flags
- * handled at the top level.
- */
-
-/* If this is set we convert all character strings
- * to UTF8 first
- */
-
-#define ASN1_STRFLGS_UTF8_CONVERT 0x10
-
-/* If this is set we don't attempt to interpret content:
- * just assume all strings are 1 byte per character. This
- * will produce some pretty odd looking output!
- */
-
-#define ASN1_STRFLGS_IGNORE_TYPE 0x20
-
-/* If this is set we include the string type in the output */
-#define ASN1_STRFLGS_SHOW_TYPE 0x40
-
-/* This determines which strings to display and which to
- * 'dump' (hex dump of content octets or DER encoding). We can
- * only dump non character strings or everything. If we
- * don't dump 'unknown' they are interpreted as character
- * strings with 1 octet per character and are subject to
- * the usual escaping options.
- */
-
-#define ASN1_STRFLGS_DUMP_ALL 0x80
-#define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
-
-/* These determine what 'dumping' does, we can dump the
- * content octets or the DER encoding: both use the
- * RFC2253 #XXXXX notation.
- */
-
-#define ASN1_STRFLGS_DUMP_DER 0x200
-
-/* All the string flags consistent with RFC2253,
- * escaping control characters isn't essential in
- * RFC2253 but it is advisable anyway.
- */
-
-#define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
- ASN1_STRFLGS_ESC_CTRL | \
- ASN1_STRFLGS_ESC_MSB | \
- ASN1_STRFLGS_UTF8_CONVERT | \
- ASN1_STRFLGS_DUMP_UNKNOWN | \
- ASN1_STRFLGS_DUMP_DER)
-
-DECLARE_STACK_OF(ASN1_INTEGER)
-DECLARE_ASN1_SET_OF(ASN1_INTEGER)
-
-typedef struct asn1_type_st
- {
- int type;
- union {
- char *ptr;
- ASN1_BOOLEAN boolean;
- ASN1_STRING * asn1_string;
- ASN1_OBJECT * object;
- ASN1_INTEGER * integer;
- ASN1_ENUMERATED * enumerated;
- ASN1_BIT_STRING * bit_string;
- ASN1_OCTET_STRING * octet_string;
- ASN1_PRINTABLESTRING * printablestring;
- ASN1_T61STRING * t61string;
- ASN1_IA5STRING * ia5string;
- ASN1_GENERALSTRING * generalstring;
- ASN1_BMPSTRING * bmpstring;
- ASN1_UNIVERSALSTRING * universalstring;
- ASN1_UTCTIME * utctime;
- ASN1_GENERALIZEDTIME * generalizedtime;
- ASN1_VISIBLESTRING * visiblestring;
- ASN1_UTF8STRING * utf8string;
- /* set and sequence are left complete and still
- * contain the set or sequence bytes */
- ASN1_STRING * set;
- ASN1_STRING * sequence;
- } value;
- } ASN1_TYPE;
-
-DECLARE_STACK_OF(ASN1_TYPE)
-DECLARE_ASN1_SET_OF(ASN1_TYPE)
-
-typedef struct asn1_method_st
- {
- int (*i2d)();
- char *(*d2i)();
- char *(*create)();
- void (*destroy)();
- } ASN1_METHOD;
-
-/* This is used when parsing some Netscape objects */
-typedef struct asn1_header_st
- {
- ASN1_OCTET_STRING *header;
- char *data;
- ASN1_METHOD *meth;
- } ASN1_HEADER;
-
-/* This is used to contain a list of bit names */
-typedef struct BIT_STRING_BITNAME_st {
- int bitnum;
- const char *lname;
- const char *sname;
-} BIT_STRING_BITNAME;
-
-
-#define M_ASN1_STRING_length(x) ((x)->length)
-#define M_ASN1_STRING_length_set(x, n) ((x)->length = (n))
-#define M_ASN1_STRING_type(x) ((x)->type)
-#define M_ASN1_STRING_data(x) ((x)->data)
-
-/* Macros for string operations */
-#define M_ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\
- ASN1_STRING_type_new(V_ASN1_BIT_STRING)
-#define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
- ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
- (ASN1_STRING *)a,(ASN1_STRING *)b)
-#define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
-
-#define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\
- ASN1_STRING_type_new(V_ASN1_INTEGER)
-#define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
- (ASN1_STRING *)a,(ASN1_STRING *)b)
-
-#define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\
- ASN1_STRING_type_new(V_ASN1_ENUMERATED)
-#define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\
- (ASN1_STRING *)a,(ASN1_STRING *)b)
-
-#define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\
- ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
-#define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
- ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
- (ASN1_STRING *)a,(ASN1_STRING *)b)
-#define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
-#define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b)
-#define M_i2d_ASN1_OCTET_STRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
- V_ASN1_UNIVERSAL)
-
-#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
-#define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
- pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
- d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
- B_ASN1_PRINTABLESTRING| \
- B_ASN1_T61STRING| \
- B_ASN1_IA5STRING| \
- B_ASN1_BIT_STRING| \
- B_ASN1_UNIVERSALSTRING|\
- B_ASN1_BMPSTRING|\
- B_ASN1_UTF8STRING|\
- B_ASN1_UNKNOWN)
-
-#define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
-#define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
- pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_DIRECTORYSTRING(a,pp,l) \
- d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
- B_ASN1_PRINTABLESTRING| \
- B_ASN1_TELETEXSTRING|\
- B_ASN1_BMPSTRING|\
- B_ASN1_UNIVERSALSTRING|\
- B_ASN1_UTF8STRING)
-
-#define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
-#define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
- pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_DISPLAYTEXT(a,pp,l) \
- d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
- B_ASN1_VISIBLESTRING| \
- B_ASN1_BMPSTRING|\
- B_ASN1_UTF8STRING)
-
-#define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
- ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
-#define M_ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \
- (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
-
-#define M_ASN1_T61STRING_new() (ASN1_T61STRING *)\
- ASN1_STRING_type_new(V_ASN1_T61STRING)
-#define M_ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_T61STRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_T61STRING(a,pp,l) \
- (ASN1_T61STRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
-
-#define M_ASN1_IA5STRING_new() (ASN1_IA5STRING *)\
- ASN1_STRING_type_new(V_ASN1_IA5STRING)
-#define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_IA5STRING_dup(a) \
- (ASN1_IA5STRING *)ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_i2d_ASN1_IA5STRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_IA5STRING(a,pp,l) \
- (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
- B_ASN1_IA5STRING)
-
-#define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\
- ASN1_STRING_type_new(V_ASN1_UTCTIME)
-#define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a)
-
-#define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\
- ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
-#define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
- (ASN1_STRING *)a)
-
-#define M_ASN1_TIME_new() (ASN1_TIME *)\
- ASN1_STRING_type_new(V_ASN1_UTCTIME)
-#define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_TIME_dup(a) (ASN1_TIME *)ASN1_STRING_dup((ASN1_STRING *)a)
-
-#define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\
- ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
-#define M_ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_GENERALSTRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \
- (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
-
-#define M_ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\
- ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
-#define M_ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \
- (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
-
-#define M_ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\
- ASN1_STRING_type_new(V_ASN1_BMPSTRING)
-#define M_ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_BMPSTRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_BMPSTRING(a,pp,l) \
- (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING)
-
-#define M_ASN1_VISIBLESTRING_new() (ASN1_VISIBLESTRING *)\
- ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
-#define M_ASN1_VISIBLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_VISIBLESTRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \
- (ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING)
-
-#define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\
- ASN1_STRING_type_new(V_ASN1_UTF8STRING)
-#define M_ASN1_UTF8STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_UTF8STRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_UTF8STRING(a,pp,l) \
- (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING)
-
- /* for the is_set parameter to i2d_ASN1_SET */
-#define IS_SEQUENCE 0
-#define IS_SET 1
-
-ASN1_TYPE * ASN1_TYPE_new(void );
-void ASN1_TYPE_free(ASN1_TYPE *a);
-int i2d_ASN1_TYPE(ASN1_TYPE *a,unsigned char **pp);
-ASN1_TYPE * d2i_ASN1_TYPE(ASN1_TYPE **a,unsigned char **pp,long length);
-int ASN1_TYPE_get(ASN1_TYPE *a);
-void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
-
-ASN1_OBJECT * ASN1_OBJECT_new(void );
-void ASN1_OBJECT_free(ASN1_OBJECT *a);
-int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp);
-ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
- long length);
-ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
- long length);
-
-DECLARE_STACK_OF(ASN1_OBJECT)
-DECLARE_ASN1_SET_OF(ASN1_OBJECT)
-
-ASN1_STRING * ASN1_STRING_new(void);
-void ASN1_STRING_free(ASN1_STRING *a);
-ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
-ASN1_STRING * ASN1_STRING_type_new(int type );
-int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
- /* Since this is used to store all sorts of things, via macros, for now, make
- its data void * */
-int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
-int ASN1_STRING_length(ASN1_STRING *x);
-void ASN1_STRING_length_set(ASN1_STRING *x, int n);
-int ASN1_STRING_type(ASN1_STRING *x);
-unsigned char * ASN1_STRING_data(ASN1_STRING *x);
-
-ASN1_BIT_STRING * ASN1_BIT_STRING_new(void);
-void ASN1_BIT_STRING_free(ASN1_BIT_STRING *a);
-int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
-int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
-ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
- long length);
-ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
- long length);
-int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
- int length );
-int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
-int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
-
-#ifndef NO_BIO
-int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
- BIT_STRING_BITNAME *tbl, int indent);
-#endif
-int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl);
-int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
- BIT_STRING_BITNAME *tbl);
-
-int i2d_ASN1_BOOLEAN(int a,unsigned char **pp);
-int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length);
-
-ASN1_INTEGER * ASN1_INTEGER_new(void);
-void ASN1_INTEGER_free(ASN1_INTEGER *a);
-int i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
-int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
-ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
- long length);
-ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
- long length);
-ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp,
- long length);
-ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x);
-int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y);
-
-ASN1_ENUMERATED * ASN1_ENUMERATED_new(void);
-void ASN1_ENUMERATED_free(ASN1_ENUMERATED *a);
-int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a,unsigned char **pp);
-ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a,unsigned char **pp,
- long length);
-
-int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
-ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
-int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str);
-int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
-#if 0
-time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
-#endif
-
-int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t);
-int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str);
-
-ASN1_OCTET_STRING * ASN1_OCTET_STRING_new(void);
-void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *a);
-int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp);
-ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
- unsigned char **pp,long length);
-ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);
-int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
-int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len);
-
-ASN1_VISIBLESTRING * ASN1_VISIBLESTRING_new(void);
-void ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *a);
-int i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a,unsigned char **pp);
-ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a,
- unsigned char **pp,long length);
-
-ASN1_UTF8STRING * ASN1_UTF8STRING_new(void);
-void ASN1_UTF8STRING_free(ASN1_UTF8STRING *a);
-int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a,unsigned char **pp);
-ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a,
- unsigned char **pp,long length);
-
-ASN1_NULL * ASN1_NULL_new(void);
-void ASN1_NULL_free(ASN1_NULL *a);
-int i2d_ASN1_NULL(ASN1_NULL *a,unsigned char **pp);
-ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, unsigned char **pp,long length);
-
-ASN1_BMPSTRING * ASN1_BMPSTRING_new(void);
-void ASN1_BMPSTRING_free(ASN1_BMPSTRING *a);
-int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp);
-ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp,
- long length);
-
-
-int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
-int UTF8_putc(unsigned char *str, int len, unsigned long value);
-
-int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp);
-ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a,
- unsigned char **pp, long l);
-
-ASN1_PRINTABLESTRING * ASN1_PRINTABLESTRING_new(void);
-void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *a);
-ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
- unsigned char **pp, long l);
-int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp);
-
-ASN1_STRING * DIRECTORYSTRING_new(void);
-void DIRECTORYSTRING_free(ASN1_STRING *a);
-int i2d_DIRECTORYSTRING(ASN1_STRING *a,unsigned char **pp);
-ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp,
- long length);
-
-ASN1_STRING * DISPLAYTEXT_new(void);
-void DISPLAYTEXT_free(ASN1_STRING *a);
-int i2d_DISPLAYTEXT(ASN1_STRING *a,unsigned char **pp);
-ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp, long length);
-
-ASN1_T61STRING * ASN1_T61STRING_new(void);
-void ASN1_T61STRING_free(ASN1_IA5STRING *a);
-ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a,
- unsigned char **pp, long l);
-
-ASN1_IA5STRING * ASN1_IA5STRING_new(void);
-void ASN1_IA5STRING_free(ASN1_IA5STRING *a);
-int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp);
-ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a,
- unsigned char **pp, long l);
-
-ASN1_UTCTIME * ASN1_UTCTIME_new(void);
-void ASN1_UTCTIME_free(ASN1_UTCTIME *a);
-int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a,unsigned char **pp);
-ASN1_UTCTIME * d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp,
- long length);
-
-ASN1_GENERALIZEDTIME * ASN1_GENERALIZEDTIME_new(void);
-void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *a);
-int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a,unsigned char **pp);
-ASN1_GENERALIZEDTIME * d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,unsigned char **pp,
- long length);
-
-ASN1_TIME * ASN1_TIME_new(void);
-void ASN1_TIME_free(ASN1_TIME *a);
-int i2d_ASN1_TIME(ASN1_TIME *a,unsigned char **pp);
-ASN1_TIME * d2i_ASN1_TIME(ASN1_TIME **a,unsigned char **pp, long length);
-ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
-
-int i2d_ASN1_SET(STACK *a, unsigned char **pp,
- int (*func)(), int ex_tag, int ex_class, int is_set);
-STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
- char *(*func)(), void (*free_func)(void *),
- int ex_tag, int ex_class);
-
-#ifndef NO_BIO
-int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
-int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size);
-int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a);
-int a2i_ASN1_ENUMERATED(BIO *bp,ASN1_ENUMERATED *bs,char *buf,int size);
-int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a);
-int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size);
-int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
-#endif
-int i2t_ASN1_OBJECT(char *buf,int buf_len,ASN1_OBJECT *a);
-
-int a2d_ASN1_OBJECT(unsigned char *out,int olen, const char *buf, int num);
-ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len,
- char *sn, char *ln);
-
-int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
-long ASN1_INTEGER_get(ASN1_INTEGER *a);
-ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
-BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
-
-int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
-long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
-ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
-BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn);
-
-/* General */
-/* given a string, return the correct type, max is the maximum length */
-int ASN1_PRINTABLE_type(unsigned char *s, int max);
-
-int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
-ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp,
- long length, int Ptag, int Pclass);
-/* type is one or more of the B_ASN1_ values. */
-ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp,
- long length,int type);
-
-/* PARSING */
-int asn1_Finish(ASN1_CTX *c);
-
-/* SPECIALS */
-int ASN1_get_object(unsigned char **pp, long *plength, int *ptag,
- int *pclass, long omax);
-int ASN1_check_infinite_end(unsigned char **p,long len);
-void ASN1_put_object(unsigned char **pp, int constructed, int length,
- int tag, int xclass);
-int ASN1_object_size(int constructed, int length, int tag);
-
-/* Used to implement other functions */
-char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x);
-
-#ifndef NO_FP_API
-char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x);
-int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
-int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
-#endif
-
-int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
-
-#ifndef NO_BIO
-char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x);
-int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x);
-int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
-int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a);
-int ASN1_TIME_print(BIO *fp,ASN1_TIME *a);
-int ASN1_STRING_print(BIO *bp,ASN1_STRING *v);
-int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
-int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent);
-int ASN1_parse_dump(BIO *bp,unsigned char *pp,long len,int indent,int dump);
-#endif
-const char *ASN1_tag2str(int tag);
-
-/* Used to load and write netscape format cert/key */
-int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
-ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,unsigned char **pp, long length);
-ASN1_HEADER *ASN1_HEADER_new(void );
-void ASN1_HEADER_free(ASN1_HEADER *a);
-
-int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
-
-void ERR_load_ASN1_strings(void);
-
-/* Not used that much at this point, except for the first two */
-ASN1_METHOD *X509_asn1_meth(void);
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
-ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
-ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
-
-int ASN1_TYPE_set_octetstring(ASN1_TYPE *a,
- unsigned char *data, int len);
-int ASN1_TYPE_get_octetstring(ASN1_TYPE *a,
- unsigned char *data, int max_len);
-int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
- unsigned char *data, int len);
-int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num,
- unsigned char *data, int max_len);
-
-STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
- void (*free_func)(void *) );
-unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
- int *len );
-void *ASN1_unpack_string(ASN1_STRING *oct, char *(*d2i)());
-ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_OCTET_STRING **oct);
-
-void ASN1_STRING_set_default_mask(unsigned long mask);
-int ASN1_STRING_set_default_mask_asc(char *p);
-unsigned long ASN1_STRING_get_default_mask(void);
-int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
- int inform, unsigned long mask);
-int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
- int inform, unsigned long mask,
- long minsize, long maxsize);
-
-ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
- const unsigned char *in, int inlen, int inform, int nid);
-ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
-int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
-void ASN1_STRING_TABLE_cleanup(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the ASN1 functions. */
-
-/* Function codes. */
-#define ASN1_F_A2D_ASN1_OBJECT 100
-#define ASN1_F_A2I_ASN1_ENUMERATED 236
-#define ASN1_F_A2I_ASN1_INTEGER 101
-#define ASN1_F_A2I_ASN1_STRING 102
-#define ASN1_F_ACCESS_DESCRIPTION_NEW 291
-#define ASN1_F_ASN1_COLLATE_PRIMITIVE 103
-#define ASN1_F_ASN1_D2I_BIO 104
-#define ASN1_F_ASN1_D2I_FP 105
-#define ASN1_F_ASN1_DUP 106
-#define ASN1_F_ASN1_ENUMERATED_SET 232
-#define ASN1_F_ASN1_ENUMERATED_TO_BN 233
-#define ASN1_F_ASN1_GENERALIZEDTIME_NEW 222
-#define ASN1_F_ASN1_GET_OBJECT 107
-#define ASN1_F_ASN1_HEADER_NEW 108
-#define ASN1_F_ASN1_I2D_BIO 109
-#define ASN1_F_ASN1_I2D_FP 110
-#define ASN1_F_ASN1_INTEGER_SET 111
-#define ASN1_F_ASN1_INTEGER_TO_BN 112
-#define ASN1_F_ASN1_MBSTRING_COPY 282
-#define ASN1_F_ASN1_OBJECT_NEW 113
-#define ASN1_F_ASN1_PACK_STRING 245
-#define ASN1_F_ASN1_PBE_SET 253
-#define ASN1_F_ASN1_SEQ_PACK 246
-#define ASN1_F_ASN1_SEQ_UNPACK 247
-#define ASN1_F_ASN1_SIGN 114
-#define ASN1_F_ASN1_STRING_NEW 115
-#define ASN1_F_ASN1_STRING_TABLE_ADD 283
-#define ASN1_F_ASN1_STRING_TYPE_NEW 116
-#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 117
-#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 118
-#define ASN1_F_ASN1_TYPE_NEW 119
-#define ASN1_F_ASN1_UNPACK_STRING 248
-#define ASN1_F_ASN1_UTCTIME_NEW 120
-#define ASN1_F_ASN1_VERIFY 121
-#define ASN1_F_AUTHORITY_KEYID_NEW 237
-#define ASN1_F_BASIC_CONSTRAINTS_NEW 226
-#define ASN1_F_BN_TO_ASN1_ENUMERATED 234
-#define ASN1_F_BN_TO_ASN1_INTEGER 122
-#define ASN1_F_D2I_ACCESS_DESCRIPTION 284
-#define ASN1_F_D2I_ASN1_BIT_STRING 123
-#define ASN1_F_D2I_ASN1_BMPSTRING 124
-#define ASN1_F_D2I_ASN1_BOOLEAN 125
-#define ASN1_F_D2I_ASN1_BYTES 126
-#define ASN1_F_D2I_ASN1_ENUMERATED 235
-#define ASN1_F_D2I_ASN1_GENERALIZEDTIME 223
-#define ASN1_F_D2I_ASN1_HEADER 127
-#define ASN1_F_D2I_ASN1_INTEGER 128
-#define ASN1_F_D2I_ASN1_NULL 292
-#define ASN1_F_D2I_ASN1_OBJECT 129
-#define ASN1_F_D2I_ASN1_OCTET_STRING 130
-#define ASN1_F_D2I_ASN1_PRINT_TYPE 131
-#define ASN1_F_D2I_ASN1_SET 132
-#define ASN1_F_D2I_ASN1_TIME 224
-#define ASN1_F_D2I_ASN1_TYPE 133
-#define ASN1_F_D2I_ASN1_TYPE_BYTES 134
-#define ASN1_F_D2I_ASN1_UINTEGER 280
-#define ASN1_F_D2I_ASN1_UTCTIME 135
-#define ASN1_F_D2I_ASN1_UTF8STRING 266
-#define ASN1_F_D2I_ASN1_VISIBLESTRING 267
-#define ASN1_F_D2I_AUTHORITY_KEYID 238
-#define ASN1_F_D2I_BASIC_CONSTRAINTS 227
-#define ASN1_F_D2I_DHPARAMS 136
-#define ASN1_F_D2I_DIST_POINT 276
-#define ASN1_F_D2I_DIST_POINT_NAME 277
-#define ASN1_F_D2I_DSAPARAMS 137
-#define ASN1_F_D2I_DSAPRIVATEKEY 138
-#define ASN1_F_D2I_DSAPUBLICKEY 139
-#define ASN1_F_D2I_GENERAL_NAME 230
-#define ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE 228
-#define ASN1_F_D2I_NETSCAPE_PKEY 140
-#define ASN1_F_D2I_NETSCAPE_RSA 141
-#define ASN1_F_D2I_NETSCAPE_RSA_2 142
-#define ASN1_F_D2I_NETSCAPE_SPKAC 143
-#define ASN1_F_D2I_NETSCAPE_SPKI 144
-#define ASN1_F_D2I_NOTICEREF 268
-#define ASN1_F_D2I_OTHERNAME 287
-#define ASN1_F_D2I_PBE2PARAM 262
-#define ASN1_F_D2I_PBEPARAM 249
-#define ASN1_F_D2I_PBKDF2PARAM 263
-#define ASN1_F_D2I_PKCS12 254
-#define ASN1_F_D2I_PKCS12_BAGS 255
-#define ASN1_F_D2I_PKCS12_MAC_DATA 256
-#define ASN1_F_D2I_PKCS12_SAFEBAG 257
-#define ASN1_F_D2I_PKCS7 145
-#define ASN1_F_D2I_PKCS7_DIGEST 146
-#define ASN1_F_D2I_PKCS7_ENCRYPT 147
-#define ASN1_F_D2I_PKCS7_ENC_CONTENT 148
-#define ASN1_F_D2I_PKCS7_ENVELOPE 149
-#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 150
-#define ASN1_F_D2I_PKCS7_RECIP_INFO 151
-#define ASN1_F_D2I_PKCS7_SIGNED 152
-#define ASN1_F_D2I_PKCS7_SIGNER_INFO 153
-#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 154
-#define ASN1_F_D2I_PKCS8_PRIV_KEY_INFO 250
-#define ASN1_F_D2I_PKEY_USAGE_PERIOD 239
-#define ASN1_F_D2I_POLICYINFO 269
-#define ASN1_F_D2I_POLICYQUALINFO 270
-#define ASN1_F_D2I_PRIVATEKEY 155
-#define ASN1_F_D2I_PUBLICKEY 156
-#define ASN1_F_D2I_RSAPRIVATEKEY 157
-#define ASN1_F_D2I_RSAPUBLICKEY 158
-#define ASN1_F_D2I_SXNET 241
-#define ASN1_F_D2I_SXNETID 243
-#define ASN1_F_D2I_USERNOTICE 271
-#define ASN1_F_D2I_X509 159
-#define ASN1_F_D2I_X509_ALGOR 160
-#define ASN1_F_D2I_X509_ATTRIBUTE 161
-#define ASN1_F_D2I_X509_CERT_AUX 285
-#define ASN1_F_D2I_X509_CINF 162
-#define ASN1_F_D2I_X509_CRL 163
-#define ASN1_F_D2I_X509_CRL_INFO 164
-#define ASN1_F_D2I_X509_EXTENSION 165
-#define ASN1_F_D2I_X509_KEY 166
-#define ASN1_F_D2I_X509_NAME 167
-#define ASN1_F_D2I_X509_NAME_ENTRY 168
-#define ASN1_F_D2I_X509_PKEY 169
-#define ASN1_F_D2I_X509_PUBKEY 170
-#define ASN1_F_D2I_X509_REQ 171
-#define ASN1_F_D2I_X509_REQ_INFO 172
-#define ASN1_F_D2I_X509_REVOKED 173
-#define ASN1_F_D2I_X509_SIG 174
-#define ASN1_F_D2I_X509_VAL 175
-#define ASN1_F_DIST_POINT_NAME_NEW 278
-#define ASN1_F_DIST_POINT_NEW 279
-#define ASN1_F_GENERAL_NAME_NEW 231
-#define ASN1_F_I2D_ASN1_HEADER 176
-#define ASN1_F_I2D_ASN1_TIME 225
-#define ASN1_F_I2D_DHPARAMS 177
-#define ASN1_F_I2D_DSAPARAMS 178
-#define ASN1_F_I2D_DSAPRIVATEKEY 179
-#define ASN1_F_I2D_DSAPUBLICKEY 180
-#define ASN1_F_I2D_DSA_PUBKEY 290
-#define ASN1_F_I2D_NETSCAPE_RSA 181
-#define ASN1_F_I2D_PKCS7 182
-#define ASN1_F_I2D_PRIVATEKEY 183
-#define ASN1_F_I2D_PUBLICKEY 184
-#define ASN1_F_I2D_RSAPRIVATEKEY 185
-#define ASN1_F_I2D_RSAPUBLICKEY 186
-#define ASN1_F_I2D_RSA_PUBKEY 289
-#define ASN1_F_I2D_X509_ATTRIBUTE 187
-#define ASN1_F_I2T_ASN1_OBJECT 188
-#define ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW 229
-#define ASN1_F_NETSCAPE_PKEY_NEW 189
-#define ASN1_F_NETSCAPE_SPKAC_NEW 190
-#define ASN1_F_NETSCAPE_SPKI_NEW 191
-#define ASN1_F_NOTICEREF_NEW 272
-#define ASN1_F_OTHERNAME_NEW 288
-#define ASN1_F_PBE2PARAM_NEW 264
-#define ASN1_F_PBEPARAM_NEW 251
-#define ASN1_F_PBKDF2PARAM_NEW 265
-#define ASN1_F_PKCS12_BAGS_NEW 258
-#define ASN1_F_PKCS12_MAC_DATA_NEW 259
-#define ASN1_F_PKCS12_NEW 260
-#define ASN1_F_PKCS12_SAFEBAG_NEW 261
-#define ASN1_F_PKCS5_PBE2_SET 281
-#define ASN1_F_PKCS7_DIGEST_NEW 192
-#define ASN1_F_PKCS7_ENCRYPT_NEW 193
-#define ASN1_F_PKCS7_ENC_CONTENT_NEW 194
-#define ASN1_F_PKCS7_ENVELOPE_NEW 195
-#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 196
-#define ASN1_F_PKCS7_NEW 197
-#define ASN1_F_PKCS7_RECIP_INFO_NEW 198
-#define ASN1_F_PKCS7_SIGNED_NEW 199
-#define ASN1_F_PKCS7_SIGNER_INFO_NEW 200
-#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201
-#define ASN1_F_PKCS8_PRIV_KEY_INFO_NEW 252
-#define ASN1_F_PKEY_USAGE_PERIOD_NEW 240
-#define ASN1_F_POLICYINFO_NEW 273
-#define ASN1_F_POLICYQUALINFO_NEW 274
-#define ASN1_F_SXNETID_NEW 244
-#define ASN1_F_SXNET_NEW 242
-#define ASN1_F_USERNOTICE_NEW 275
-#define ASN1_F_X509_ALGOR_NEW 202
-#define ASN1_F_X509_ATTRIBUTE_NEW 203
-#define ASN1_F_X509_CERT_AUX_NEW 286
-#define ASN1_F_X509_CINF_NEW 204
-#define ASN1_F_X509_CRL_INFO_NEW 205
-#define ASN1_F_X509_CRL_NEW 206
-#define ASN1_F_X509_DHPARAMS_NEW 207
-#define ASN1_F_X509_EXTENSION_NEW 208
-#define ASN1_F_X509_INFO_NEW 209
-#define ASN1_F_X509_KEY_NEW 210
-#define ASN1_F_X509_NAME_ENTRY_NEW 211
-#define ASN1_F_X509_NAME_NEW 212
-#define ASN1_F_X509_NEW 213
-#define ASN1_F_X509_PKEY_NEW 214
-#define ASN1_F_X509_PUBKEY_NEW 215
-#define ASN1_F_X509_REQ_INFO_NEW 216
-#define ASN1_F_X509_REQ_NEW 217
-#define ASN1_F_X509_REVOKED_NEW 218
-#define ASN1_F_X509_SIG_NEW 219
-#define ASN1_F_X509_VAL_FREE 220
-#define ASN1_F_X509_VAL_NEW 221
-
-/* Reason codes. */
-#define ASN1_R_BAD_CLASS 100
-#define ASN1_R_BAD_OBJECT_HEADER 101
-#define ASN1_R_BAD_PASSWORD_READ 102
-#define ASN1_R_BAD_PKCS7_CONTENT 103
-#define ASN1_R_BAD_PKCS7_TYPE 104
-#define ASN1_R_BAD_TAG 105
-#define ASN1_R_BAD_TYPE 106
-#define ASN1_R_BN_LIB 107
-#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 108
-#define ASN1_R_BUFFER_TOO_SMALL 109
-#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 166
-#define ASN1_R_DATA_IS_WRONG 110
-#define ASN1_R_DECODE_ERROR 155
-#define ASN1_R_DECODING_ERROR 111
-#define ASN1_R_ENCODE_ERROR 156
-#define ASN1_R_ERROR_PARSING_SET_ELEMENT 112
-#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 157
-#define ASN1_R_EXPECTING_AN_ENUMERATED 154
-#define ASN1_R_EXPECTING_AN_INTEGER 113
-#define ASN1_R_EXPECTING_AN_OBJECT 114
-#define ASN1_R_EXPECTING_AN_OCTET_STRING 115
-#define ASN1_R_EXPECTING_A_BIT_STRING 116
-#define ASN1_R_EXPECTING_A_BOOLEAN 117
-#define ASN1_R_EXPECTING_A_GENERALIZEDTIME 151
-#define ASN1_R_EXPECTING_A_NULL 164
-#define ASN1_R_EXPECTING_A_TIME 152
-#define ASN1_R_EXPECTING_A_UTCTIME 118
-#define ASN1_R_FIRST_NUM_TOO_LARGE 119
-#define ASN1_R_GENERALIZEDTIME_TOO_LONG 153
-#define ASN1_R_HEADER_TOO_LONG 120
-#define ASN1_R_ILLEGAL_CHARACTERS 158
-#define ASN1_R_INVALID_BMPSTRING_LENGTH 159
-#define ASN1_R_INVALID_DIGIT 121
-#define ASN1_R_INVALID_SEPARATOR 122
-#define ASN1_R_INVALID_TIME_FORMAT 123
-#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 160
-#define ASN1_R_INVALID_UTF8STRING 161
-#define ASN1_R_IV_TOO_LARGE 124
-#define ASN1_R_LENGTH_ERROR 125
-#define ASN1_R_MISSING_SECOND_NUMBER 126
-#define ASN1_R_NON_HEX_CHARACTERS 127
-#define ASN1_R_NOT_ENOUGH_DATA 128
-#define ASN1_R_NULL_IS_WRONG_LENGTH 165
-#define ASN1_R_ODD_NUMBER_OF_CHARS 129
-#define ASN1_R_PARSING 130
-#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 131
-#define ASN1_R_SECOND_NUMBER_TOO_LARGE 132
-#define ASN1_R_SHORT_LINE 133
-#define ASN1_R_STRING_TOO_LONG 163
-#define ASN1_R_STRING_TOO_SHORT 134
-#define ASN1_R_TAG_VALUE_TOO_HIGH 135
-#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 136
-#define ASN1_R_TOO_LONG 137
-#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 138
-#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 139
-#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 140
-#define ASN1_R_UNKNOWN_FORMAT 162
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 141
-#define ASN1_R_UNKNOWN_OBJECT_TYPE 142
-#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 143
-#define ASN1_R_UNSUPPORTED_CIPHER 144
-#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 145
-#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 146
-#define ASN1_R_UTCTIME_TOO_LONG 147
-#define ASN1_R_WRONG_PRINTABLE_TYPE 148
-#define ASN1_R_WRONG_TAG 149
-#define ASN1_R_WRONG_TYPE 150
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c
deleted file mode 100644
index cecd555c88..0000000000
--- a/src/lib/libcrypto/asn1/asn1_err.c
+++ /dev/null
@@ -1,352 +0,0 @@
-/* crypto/asn1/asn1_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/asn1.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA ASN1_str_functs[]=
- {
-{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0), "a2d_ASN1_OBJECT"},
-{ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0), "a2i_ASN1_ENUMERATED"},
-{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"},
-{ERR_PACK(0,ASN1_F_ACCESS_DESCRIPTION_NEW,0), "ACCESS_DESCRIPTION_new"},
-{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0), "ASN1_COLLATE_PRIMITIVE"},
-{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"},
-{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"},
-{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"},
-{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0), "ASN1_ENUMERATED_set"},
-{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0), "ASN1_ENUMERATED_to_BN"},
-{ERR_PACK(0,ASN1_F_ASN1_GENERALIZEDTIME_NEW,0), "ASN1_GENERALIZEDTIME_new"},
-{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"},
-{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"},
-{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"},
-{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0), "ASN1_i2d_fp"},
-{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0), "ASN1_INTEGER_set"},
-{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0), "ASN1_INTEGER_to_BN"},
-{ERR_PACK(0,ASN1_F_ASN1_MBSTRING_COPY,0), "ASN1_mbstring_copy"},
-{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"},
-{ERR_PACK(0,ASN1_F_ASN1_PACK_STRING,0), "ASN1_pack_string"},
-{ERR_PACK(0,ASN1_F_ASN1_PBE_SET,0), "ASN1_PBE_SET"},
-{ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0), "ASN1_seq_pack"},
-{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"},
-{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_sign"},
-{ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0), "ASN1_STRING_new"},
-{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0), "ASN1_STRING_TABLE_add"},
-{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"},
-{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"},
-{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"},
-{ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0), "ASN1_TYPE_new"},
-{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"},
-{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0), "ASN1_UTCTIME_new"},
-{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_verify"},
-{ERR_PACK(0,ASN1_F_AUTHORITY_KEYID_NEW,0), "AUTHORITY_KEYID_new"},
-{ERR_PACK(0,ASN1_F_BASIC_CONSTRAINTS_NEW,0), "BASIC_CONSTRAINTS_new"},
-{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0), "BN_to_ASN1_ENUMERATED"},
-{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ACCESS_DESCRIPTION,0), "d2i_ACCESS_DESCRIPTION"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "d2i_ASN1_BIT_STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "d2i_ASN1_BMPSTRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_ENUMERATED,0), "d2i_ASN1_ENUMERATED"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0), "d2i_ASN1_GENERALIZEDTIME"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "d2i_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_NULL,0), "d2i_ASN1_NULL"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_OCTET_STRING,0), "d2i_ASN1_OCTET_STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_PRINT_TYPE,0), "D2I_ASN1_PRINT_TYPE"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_TIME,0), "d2i_ASN1_TIME"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE,0), "d2i_ASN1_TYPE"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0), "d2i_ASN1_UINTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "d2i_ASN1_UTCTIME"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_UTF8STRING,0), "d2i_ASN1_UTF8STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_VISIBLESTRING,0), "d2i_ASN1_VISIBLESTRING"},
-{ERR_PACK(0,ASN1_F_D2I_AUTHORITY_KEYID,0), "d2i_AUTHORITY_KEYID"},
-{ERR_PACK(0,ASN1_F_D2I_BASIC_CONSTRAINTS,0), "d2i_BASIC_CONSTRAINTS"},
-{ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0), "d2i_DHparams"},
-{ERR_PACK(0,ASN1_F_D2I_DIST_POINT,0), "d2i_DIST_POINT"},
-{ERR_PACK(0,ASN1_F_D2I_DIST_POINT_NAME,0), "d2i_DIST_POINT_NAME"},
-{ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0), "d2i_DSAparams"},
-{ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0), "d2i_DSAPrivateKey"},
-{ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0), "d2i_DSAPublicKey"},
-{ERR_PACK(0,ASN1_F_D2I_GENERAL_NAME,0), "d2i_GENERAL_NAME"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE,0), "d2i_NETSCAPE_CERT_SEQUENCE"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0), "D2I_NETSCAPE_PKEY"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "d2i_Netscape_RSA"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "d2i_Netscape_RSA_2"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0), "d2i_NETSCAPE_SPKAC"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0), "d2i_NETSCAPE_SPKI"},
-{ERR_PACK(0,ASN1_F_D2I_NOTICEREF,0), "d2i_NOTICEREF"},
-{ERR_PACK(0,ASN1_F_D2I_OTHERNAME,0), "d2i_OTHERNAME"},
-{ERR_PACK(0,ASN1_F_D2I_PBE2PARAM,0), "d2i_PBE2PARAM"},
-{ERR_PACK(0,ASN1_F_D2I_PBEPARAM,0), "d2i_PBEPARAM"},
-{ERR_PACK(0,ASN1_F_D2I_PBKDF2PARAM,0), "d2i_PBKDF2PARAM"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS12,0), "d2i_PKCS12"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS12_BAGS,0), "d2i_PKCS12_BAGS"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS12_MAC_DATA,0), "d2i_PKCS12_MAC_DATA"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS12_SAFEBAG,0), "d2i_PKCS12_SAFEBAG"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "d2i_PKCS7"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "d2i_PKCS7_DIGEST"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "d2i_PKCS7_ENCRYPT"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "d2i_PKCS7_ENC_CONTENT"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "d2i_PKCS7_ENVELOPE"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "d2i_PKCS7_ISSUER_AND_SERIAL"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "d2i_PKCS7_RECIP_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "d2i_PKCS7_SIGNED"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "d2i_PKCS7_SIGNER_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "d2i_PKCS7_SIGN_ENVELOPE"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS8_PRIV_KEY_INFO,0), "d2i_PKCS8_PRIV_KEY_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_PKEY_USAGE_PERIOD,0), "d2i_PKEY_USAGE_PERIOD"},
-{ERR_PACK(0,ASN1_F_D2I_POLICYINFO,0), "d2i_POLICYINFO"},
-{ERR_PACK(0,ASN1_F_D2I_POLICYQUALINFO,0), "d2i_POLICYQUALINFO"},
-{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "d2i_PrivateKey"},
-{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "d2i_PublicKey"},
-{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0), "d2i_RSAPrivateKey"},
-{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0), "d2i_RSAPublicKey"},
-{ERR_PACK(0,ASN1_F_D2I_SXNET,0), "d2i_SXNET"},
-{ERR_PACK(0,ASN1_F_D2I_SXNETID,0), "d2i_SXNETID"},
-{ERR_PACK(0,ASN1_F_D2I_USERNOTICE,0), "d2i_USERNOTICE"},
-{ERR_PACK(0,ASN1_F_D2I_X509,0), "d2i_X509"},
-{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0), "d2i_X509_ALGOR"},
-{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0), "d2i_X509_ATTRIBUTE"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CERT_AUX,0), "d2i_X509_CERT_AUX"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "d2i_X509_CINF"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CRL,0), "d2i_X509_CRL"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CRL_INFO,0), "d2i_X509_CRL_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_X509_EXTENSION,0), "d2i_X509_EXTENSION"},
-{ERR_PACK(0,ASN1_F_D2I_X509_KEY,0), "D2I_X509_KEY"},
-{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "d2i_X509_NAME"},
-{ERR_PACK(0,ASN1_F_D2I_X509_NAME_ENTRY,0), "d2i_X509_NAME_ENTRY"},
-{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"},
-{ERR_PACK(0,ASN1_F_D2I_X509_PUBKEY,0), "d2i_X509_PUBKEY"},
-{ERR_PACK(0,ASN1_F_D2I_X509_REQ,0), "d2i_X509_REQ"},
-{ERR_PACK(0,ASN1_F_D2I_X509_REQ_INFO,0), "d2i_X509_REQ_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_X509_REVOKED,0), "d2i_X509_REVOKED"},
-{ERR_PACK(0,ASN1_F_D2I_X509_SIG,0), "d2i_X509_SIG"},
-{ERR_PACK(0,ASN1_F_D2I_X509_VAL,0), "d2i_X509_VAL"},
-{ERR_PACK(0,ASN1_F_DIST_POINT_NAME_NEW,0), "DIST_POINT_NAME_new"},
-{ERR_PACK(0,ASN1_F_DIST_POINT_NEW,0), "DIST_POINT_new"},
-{ERR_PACK(0,ASN1_F_GENERAL_NAME_NEW,0), "GENERAL_NAME_new"},
-{ERR_PACK(0,ASN1_F_I2D_ASN1_HEADER,0), "i2d_ASN1_HEADER"},
-{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "i2d_ASN1_TIME"},
-{ERR_PACK(0,ASN1_F_I2D_DHPARAMS,0), "i2d_DHparams"},
-{ERR_PACK(0,ASN1_F_I2D_DSAPARAMS,0), "i2d_DSAparams"},
-{ERR_PACK(0,ASN1_F_I2D_DSAPRIVATEKEY,0), "i2d_DSAPrivateKey"},
-{ERR_PACK(0,ASN1_F_I2D_DSAPUBLICKEY,0), "i2d_DSAPublicKey"},
-{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"},
-{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"},
-{ERR_PACK(0,ASN1_F_I2D_PKCS7,0), "i2d_PKCS7"},
-{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "i2d_PrivateKey"},
-{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "i2d_PublicKey"},
-{ERR_PACK(0,ASN1_F_I2D_RSAPRIVATEKEY,0), "i2d_RSAPrivateKey"},
-{ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0), "i2d_RSAPublicKey"},
-{ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0), "i2d_RSA_PUBKEY"},
-{ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0), "i2d_X509_ATTRIBUTE"},
-{ERR_PACK(0,ASN1_F_I2T_ASN1_OBJECT,0), "i2t_ASN1_OBJECT"},
-{ERR_PACK(0,ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW,0), "NETSCAPE_CERT_SEQUENCE_new"},
-{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0), "NETSCAPE_PKEY_NEW"},
-{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_new"},
-{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_new"},
-{ERR_PACK(0,ASN1_F_NOTICEREF_NEW,0), "NOTICEREF_new"},
-{ERR_PACK(0,ASN1_F_OTHERNAME_NEW,0), "OTHERNAME_new"},
-{ERR_PACK(0,ASN1_F_PBE2PARAM_NEW,0), "PBE2PARAM_new"},
-{ERR_PACK(0,ASN1_F_PBEPARAM_NEW,0), "PBEPARAM_new"},
-{ERR_PACK(0,ASN1_F_PBKDF2PARAM_NEW,0), "PBKDF2PARAM_new"},
-{ERR_PACK(0,ASN1_F_PKCS12_BAGS_NEW,0), "PKCS12_BAGS_new"},
-{ERR_PACK(0,ASN1_F_PKCS12_MAC_DATA_NEW,0), "PKCS12_MAC_DATA_new"},
-{ERR_PACK(0,ASN1_F_PKCS12_NEW,0), "PKCS12_new"},
-{ERR_PACK(0,ASN1_F_PKCS12_SAFEBAG_NEW,0), "PKCS12_SAFEBAG_new"},
-{ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0), "PKCS5_pbe2_set"},
-{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_new"},
-{ERR_PACK(0,ASN1_F_PKCS8_PRIV_KEY_INFO_NEW,0), "PKCS8_PRIV_KEY_INFO_new"},
-{ERR_PACK(0,ASN1_F_PKEY_USAGE_PERIOD_NEW,0), "PKEY_USAGE_PERIOD_new"},
-{ERR_PACK(0,ASN1_F_POLICYINFO_NEW,0), "POLICYINFO_new"},
-{ERR_PACK(0,ASN1_F_POLICYQUALINFO_NEW,0), "POLICYQUALINFO_new"},
-{ERR_PACK(0,ASN1_F_SXNETID_NEW,0), "SXNETID_new"},
-{ERR_PACK(0,ASN1_F_SXNET_NEW,0), "SXNET_new"},
-{ERR_PACK(0,ASN1_F_USERNOTICE_NEW,0), "USERNOTICE_new"},
-{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0), "X509_ALGOR_new"},
-{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0), "X509_ATTRIBUTE_new"},
-{ERR_PACK(0,ASN1_F_X509_CERT_AUX_NEW,0), "X509_CERT_AUX_new"},
-{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_new"},
-{ERR_PACK(0,ASN1_F_X509_CRL_INFO_NEW,0), "X509_CRL_INFO_new"},
-{ERR_PACK(0,ASN1_F_X509_CRL_NEW,0), "X509_CRL_new"},
-{ERR_PACK(0,ASN1_F_X509_DHPARAMS_NEW,0), "X509_DHPARAMS_NEW"},
-{ERR_PACK(0,ASN1_F_X509_EXTENSION_NEW,0), "X509_EXTENSION_new"},
-{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_new"},
-{ERR_PACK(0,ASN1_F_X509_KEY_NEW,0), "X509_KEY_NEW"},
-{ERR_PACK(0,ASN1_F_X509_NAME_ENTRY_NEW,0), "X509_NAME_ENTRY_new"},
-{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_new"},
-{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_new"},
-{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_new"},
-{ERR_PACK(0,ASN1_F_X509_PUBKEY_NEW,0), "X509_PUBKEY_new"},
-{ERR_PACK(0,ASN1_F_X509_REQ_INFO_NEW,0), "X509_REQ_INFO_new"},
-{ERR_PACK(0,ASN1_F_X509_REQ_NEW,0), "X509_REQ_new"},
-{ERR_PACK(0,ASN1_F_X509_REVOKED_NEW,0), "X509_REVOKED_new"},
-{ERR_PACK(0,ASN1_F_X509_SIG_NEW,0), "X509_SIG_new"},
-{ERR_PACK(0,ASN1_F_X509_VAL_FREE,0), "X509_VAL_free"},
-{ERR_PACK(0,ASN1_F_X509_VAL_NEW,0), "X509_VAL_new"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA ASN1_str_reasons[]=
- {
-{ASN1_R_BAD_CLASS ,"bad class"},
-{ASN1_R_BAD_OBJECT_HEADER ,"bad object header"},
-{ASN1_R_BAD_PASSWORD_READ ,"bad password read"},
-{ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"},
-{ASN1_R_BAD_PKCS7_TYPE ,"bad pkcs7 type"},
-{ASN1_R_BAD_TAG ,"bad tag"},
-{ASN1_R_BAD_TYPE ,"bad type"},
-{ASN1_R_BN_LIB ,"bn lib"},
-{ASN1_R_BOOLEAN_IS_WRONG_LENGTH ,"boolean is wrong length"},
-{ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"},
-{ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"},
-{ASN1_R_DATA_IS_WRONG ,"data is wrong"},
-{ASN1_R_DECODE_ERROR ,"decode error"},
-{ASN1_R_DECODING_ERROR ,"decoding error"},
-{ASN1_R_ENCODE_ERROR ,"encode error"},
-{ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"},
-{ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"},
-{ASN1_R_EXPECTING_AN_ENUMERATED ,"expecting an enumerated"},
-{ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"},
-{ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"},
-{ASN1_R_EXPECTING_AN_OCTET_STRING ,"expecting an octet string"},
-{ASN1_R_EXPECTING_A_BIT_STRING ,"expecting a bit string"},
-{ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"},
-{ASN1_R_EXPECTING_A_GENERALIZEDTIME ,"expecting a generalizedtime"},
-{ASN1_R_EXPECTING_A_NULL ,"expecting a null"},
-{ASN1_R_EXPECTING_A_TIME ,"expecting a time"},
-{ASN1_R_EXPECTING_A_UTCTIME ,"expecting a utctime"},
-{ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"},
-{ASN1_R_GENERALIZEDTIME_TOO_LONG ,"generalizedtime too long"},
-{ASN1_R_HEADER_TOO_LONG ,"header too long"},
-{ASN1_R_ILLEGAL_CHARACTERS ,"illegal characters"},
-{ASN1_R_INVALID_BMPSTRING_LENGTH ,"invalid bmpstring length"},
-{ASN1_R_INVALID_DIGIT ,"invalid digit"},
-{ASN1_R_INVALID_SEPARATOR ,"invalid separator"},
-{ASN1_R_INVALID_TIME_FORMAT ,"invalid time format"},
-{ASN1_R_INVALID_UNIVERSALSTRING_LENGTH ,"invalid universalstring length"},
-{ASN1_R_INVALID_UTF8STRING ,"invalid utf8string"},
-{ASN1_R_IV_TOO_LARGE ,"iv too large"},
-{ASN1_R_LENGTH_ERROR ,"length error"},
-{ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"},
-{ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"},
-{ASN1_R_NOT_ENOUGH_DATA ,"not enough data"},
-{ASN1_R_NULL_IS_WRONG_LENGTH ,"null is wrong length"},
-{ASN1_R_ODD_NUMBER_OF_CHARS ,"odd number of chars"},
-{ASN1_R_PARSING ,"parsing"},
-{ASN1_R_PRIVATE_KEY_HEADER_MISSING ,"private key header missing"},
-{ASN1_R_SECOND_NUMBER_TOO_LARGE ,"second number too large"},
-{ASN1_R_SHORT_LINE ,"short line"},
-{ASN1_R_STRING_TOO_LONG ,"string too long"},
-{ASN1_R_STRING_TOO_SHORT ,"string too short"},
-{ASN1_R_TAG_VALUE_TOO_HIGH ,"tag value too high"},
-{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
-{ASN1_R_TOO_LONG ,"too long"},
-{ASN1_R_UNABLE_TO_DECODE_RSA_KEY ,"unable to decode rsa key"},
-{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"},
-{ASN1_R_UNKNOWN_ATTRIBUTE_TYPE ,"unknown attribute type"},
-{ASN1_R_UNKNOWN_FORMAT ,"unknown format"},
-{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"},
-{ASN1_R_UNKNOWN_OBJECT_TYPE ,"unknown object type"},
-{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ,"unknown public key type"},
-{ASN1_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
-{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"},
-{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ,"unsupported public key type"},
-{ASN1_R_UTCTIME_TOO_LONG ,"utctime too long"},
-{ASN1_R_WRONG_PRINTABLE_TYPE ,"wrong printable type"},
-{ASN1_R_WRONG_TAG ,"wrong tag"},
-{ASN1_R_WRONG_TYPE ,"wrong type"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_ASN1_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs);
- ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c
deleted file mode 100644
index a8b651e54e..0000000000
--- a/src/lib/libcrypto/asn1/asn1_lib.c
+++ /dev/null
@@ -1,427 +0,0 @@
-/* crypto/asn1/asn1_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-
-static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max);
-static void asn1_put_length(unsigned char **pp, int length);
-const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT;
-
-int ASN1_check_infinite_end(unsigned char **p, long len)
- {
- /* If there is 0 or 1 byte left, the length check should pick
- * things up */
- if (len <= 0)
- return(1);
- else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0))
- {
- (*p)+=2;
- return(1);
- }
- return(0);
- }
-
-
-int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass,
- long omax)
- {
- int i,ret;
- long l;
- unsigned char *p= *pp;
- int tag,xclass,inf;
- long max=omax;
-
- if (!max) goto err;
- ret=(*p&V_ASN1_CONSTRUCTED);
- xclass=(*p&V_ASN1_PRIVATE);
- i= *p&V_ASN1_PRIMITIVE_TAG;
- if (i == V_ASN1_PRIMITIVE_TAG)
- { /* high-tag */
- p++;
- if (--max == 0) goto err;
- l=0;
- while (*p&0x80)
- {
- l<<=7L;
- l|= *(p++)&0x7f;
- if (--max == 0) goto err;
- }
- l<<=7L;
- l|= *(p++)&0x7f;
- tag=(int)l;
- }
- else
- {
- tag=i;
- p++;
- if (--max == 0) goto err;
- }
- *ptag=tag;
- *pclass=xclass;
- if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
-
-#if 0
- fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
- (int)p,*plength,omax,(int)*pp,(int)(p+ *plength),
- (int)(omax+ *pp));
-
-#endif
-#if 0
- if ((p+ *plength) > (omax+ *pp))
- {
- ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
- /* Set this so that even if things are not long enough
- * the values are set correctly */
- ret|=0x80;
- }
-#endif
- *pp=p;
- return(ret|inf);
-err:
- ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG);
- return(0x80);
- }
-
-static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
- {
- unsigned char *p= *pp;
- long ret=0;
- int i;
-
- if (max-- < 1) return(0);
- if (*p == 0x80)
- {
- *inf=1;
- ret=0;
- p++;
- }
- else
- {
- *inf=0;
- i= *p&0x7f;
- if (*(p++) & 0x80)
- {
- if (max-- == 0) return(0);
- while (i-- > 0)
- {
- ret<<=8L;
- ret|= *(p++);
- if (max-- == 0) return(0);
- }
- }
- else
- ret=i;
- }
- *pp=p;
- *rl=ret;
- return(1);
- }
-
-/* class 0 is constructed
- * constructed == 2 for indefinite length constructed */
-void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
- int xclass)
- {
- unsigned char *p= *pp;
- int i, ttag;
-
- i=(constructed)?V_ASN1_CONSTRUCTED:0;
- i|=(xclass&V_ASN1_PRIVATE);
- if (tag < 31)
- *(p++)=i|(tag&V_ASN1_PRIMITIVE_TAG);
- else
- {
- *(p++)=i|V_ASN1_PRIMITIVE_TAG;
- for(i = 0, ttag = tag; ttag > 0; i++) ttag >>=7;
- ttag = i;
- while(i-- > 0)
- {
- p[i] = tag & 0x7f;
- if(i != (ttag - 1)) p[i] |= 0x80;
- tag >>= 7;
- }
- p += ttag;
- }
- if ((constructed == 2) && (length == 0))
- *(p++)=0x80; /* der_put_length would output 0 instead */
- else
- asn1_put_length(&p,length);
- *pp=p;
- }
-
-static void asn1_put_length(unsigned char **pp, int length)
- {
- unsigned char *p= *pp;
- int i,l;
- if (length <= 127)
- *(p++)=(unsigned char)length;
- else
- {
- l=length;
- for (i=0; l > 0; i++)
- l>>=8;
- *(p++)=i|0x80;
- l=i;
- while (i-- > 0)
- {
- p[i]=length&0xff;
- length>>=8;
- }
- p+=l;
- }
- *pp=p;
- }
-
-int ASN1_object_size(int constructed, int length, int tag)
- {
- int ret;
-
- ret=length;
- ret++;
- if (tag >= 31)
- {
- while (tag > 0)
- {
- tag>>=7;
- ret++;
- }
- }
- if ((length == 0) && (constructed == 2))
- ret+=2;
- ret++;
- if (length > 127)
- {
- while (length > 0)
- {
- length>>=8;
- ret++;
- }
- }
- return(ret);
- }
-
-int asn1_Finish(ASN1_CTX *c)
- {
- if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos))
- {
- if (!ASN1_check_infinite_end(&c->p,c->slen))
- {
- c->error=ERR_R_MISSING_ASN1_EOS;
- return(0);
- }
- }
- if ( ((c->slen != 0) && !(c->inf & 1)) ||
- ((c->slen < 0) && (c->inf & 1)))
- {
- c->error=ERR_R_ASN1_LENGTH_MISMATCH;
- return(0);
- }
- return(1);
- }
-
-int asn1_GetSequence(ASN1_CTX *c, long *length)
- {
- unsigned char *q;
-
- q=c->p;
- c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass),
- *length);
- if (c->inf & 0x80)
- {
- c->error=ERR_R_BAD_GET_ASN1_OBJECT_CALL;
- return(0);
- }
- if (c->tag != V_ASN1_SEQUENCE)
- {
- c->error=ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
- return(0);
- }
- (*length)-=(c->p-q);
- if (c->max && (*length < 0))
- {
- c->error=ERR_R_ASN1_LENGTH_MISMATCH;
- return(0);
- }
- if (c->inf == (1|V_ASN1_CONSTRUCTED))
- c->slen= *length;
- c->eos=0;
- return(1);
- }
-
-ASN1_STRING *ASN1_STRING_dup(ASN1_STRING *str)
- {
- ASN1_STRING *ret;
-
- if (str == NULL) return(NULL);
- if ((ret=ASN1_STRING_type_new(str->type)) == NULL)
- return(NULL);
- if (!ASN1_STRING_set(ret,str->data,str->length))
- {
- ASN1_STRING_free(ret);
- return(NULL);
- }
- ret->flags = str->flags;
- return(ret);
- }
-
-int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
- {
- unsigned char *c;
- const char *data=_data;
-
- if (len < 0)
- {
- if (data == NULL)
- return(0);
- else
- len=strlen(data);
- }
- if ((str->length < len) || (str->data == NULL))
- {
- c=str->data;
- if (c == NULL)
- str->data=OPENSSL_malloc(len+1);
- else
- str->data=OPENSSL_realloc(c,len+1);
-
- if (str->data == NULL)
- {
- str->data=c;
- return(0);
- }
- }
- str->length=len;
- if (data != NULL)
- {
- memcpy(str->data,data,len);
- /* an allowance for strings :-) */
- str->data[len]='\0';
- }
- return(1);
- }
-
-ASN1_STRING *ASN1_STRING_new(void)
- {
- return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
- }
-
-
-ASN1_STRING *ASN1_STRING_type_new(int type)
- {
- ASN1_STRING *ret;
-
- ret=(ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING));
- if (ret == NULL)
- {
- ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- ret->length=0;
- ret->type=type;
- ret->data=NULL;
- ret->flags=0;
- return(ret);
- }
-
-void ASN1_STRING_free(ASN1_STRING *a)
- {
- if (a == NULL) return;
- if (a->data != NULL) OPENSSL_free(a->data);
- OPENSSL_free(a);
- }
-
-int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b)
- {
- int i;
-
- i=(a->length-b->length);
- if (i == 0)
- {
- i=memcmp(a->data,b->data,a->length);
- if (i == 0)
- return(a->type-b->type);
- else
- return(i);
- }
- else
- return(i);
- }
-
-void asn1_add_error(unsigned char *address, int offset)
- {
- char buf1[16],buf2[16];
-
- sprintf(buf1,"%lu",(unsigned long)address);
- sprintf(buf2,"%d",offset);
- ERR_add_error_data(4,"address=",buf1," offset=",buf2);
- }
-
-int ASN1_STRING_length(ASN1_STRING *x)
-{ return M_ASN1_STRING_length(x); }
-
-void ASN1_STRING_length_set(ASN1_STRING *x, int len)
-{ M_ASN1_STRING_length_set(x, len); return; }
-
-int ASN1_STRING_type(ASN1_STRING *x)
-{ return M_ASN1_STRING_type(x); }
-
-unsigned char * ASN1_STRING_data(ASN1_STRING *x)
-{ return M_ASN1_STRING_data(x); }
diff --git a/src/lib/libcrypto/asn1/asn1_mac.h b/src/lib/libcrypto/asn1/asn1_mac.h
deleted file mode 100644
index af0e664b2d..0000000000
--- a/src/lib/libcrypto/asn1/asn1_mac.h
+++ /dev/null
@@ -1,583 +0,0 @@
-/* crypto/asn1/asn1_mac.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ASN1_MAC_H
-#define HEADER_ASN1_MAC_H
-
-#include <openssl/asn1.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifndef ASN1_MAC_ERR_LIB
-#define ASN1_MAC_ERR_LIB ERR_LIB_ASN1
-#endif
-
-#define ASN1_MAC_H_err(f,r,line) \
- ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),ERR_file_name,(line))
-
-#define M_ASN1_D2I_vars(a,type,func) \
- ASN1_CTX c; \
- type ret=NULL; \
- \
- c.pp=pp; \
- c.q= *pp; \
- c.error=ERR_R_NESTED_ASN1_ERROR; \
- if ((a == NULL) || ((*a) == NULL)) \
- { if ((ret=(type)func()) == NULL) \
- { c.line=__LINE__; goto err; } } \
- else ret=(*a);
-
-#define M_ASN1_D2I_Init() \
- c.p= *pp; \
- c.max=(length == 0)?0:(c.p+length);
-
-#define M_ASN1_D2I_Finish_2(a) \
- if (!asn1_Finish(&c)) \
- { c.line=__LINE__; goto err; } \
- *pp=c.p; \
- if (a != NULL) (*a)=ret; \
- return(ret);
-
-#define M_ASN1_D2I_Finish(a,func,e) \
- M_ASN1_D2I_Finish_2(a); \
-err:\
- ASN1_MAC_H_err((e),c.error,c.line); \
- asn1_add_error(*pp,(int)(c.q- *pp)); \
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
- return(NULL)
-
-#define M_ASN1_D2I_start_sequence() \
- if (!asn1_GetSequence(&c,&length)) \
- { c.line=__LINE__; goto err; }
-/* Begin reading ASN1 without a surrounding sequence */
-#define M_ASN1_D2I_begin() \
- c.slen = length;
-
-/* End reading ASN1 with no check on length */
-#define M_ASN1_D2I_Finish_nolen(a, func, e) \
- *pp=c.p; \
- if (a != NULL) (*a)=ret; \
- return(ret); \
-err:\
- ASN1_MAC_H_err((e),c.error,c.line); \
- asn1_add_error(*pp,(int)(c.q- *pp)); \
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
- return(NULL)
-
-#define M_ASN1_D2I_end_sequence() \
- (((c.inf&1) == 0)?(c.slen <= 0): \
- (c.eos=ASN1_check_infinite_end(&c.p,c.slen)))
-
-/* Don't use this with d2i_ASN1_BOOLEAN() */
-#define M_ASN1_D2I_get(b,func) \
- c.q=c.p; \
- if (func(&(b),&c.p,c.slen) == NULL) \
- {c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
-
-/* use this instead () */
-#define M_ASN1_D2I_get_int(b,func) \
- c.q=c.p; \
- if (func(&(b),&c.p,c.slen) < 0) \
- {c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_opt(b,func,type) \
- if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
- == (V_ASN1_UNIVERSAL|(type)))) \
- { \
- M_ASN1_D2I_get(b,func); \
- }
-
-#define M_ASN1_D2I_get_imp(b,func, type) \
- M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
- c.q=c.p; \
- if (func(&(b),&c.p,c.slen) == NULL) \
- {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
- c.slen-=(c.p-c.q);\
- M_ASN1_next_prev=_tmp;
-
-#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
- if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
- (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
- { \
- unsigned char _tmp = M_ASN1_next; \
- M_ASN1_D2I_get_imp(b,func, type);\
- }
-
-#define M_ASN1_D2I_get_set(r,func,free_func) \
- M_ASN1_D2I_get_imp_set(r,func,free_func, \
- V_ASN1_SET,V_ASN1_UNIVERSAL);
-
-#define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
- M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
- V_ASN1_SET,V_ASN1_UNIVERSAL);
-
-#define M_ASN1_D2I_get_set_opt(r,func,free_func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
- { M_ASN1_D2I_get_set(r,func,free_func); }
-
-#define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
- { M_ASN1_D2I_get_set_type(type,r,func,free_func); }
-
-#define M_ASN1_I2D_len_SET_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_len_SET(a,f);
-
-#define M_ASN1_I2D_put_SET_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_put_SET(a,f);
-
-#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_put_SEQUENCE(a,f);
-
-#define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
-
-#define M_ASN1_I2D_put_SEQUENCE_opt_ex_type(type,a,f) \
- if (a) M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
-
-#define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
- if ((c.slen != 0) && \
- (M_ASN1_next == \
- (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
- { \
- M_ASN1_D2I_get_imp_set(b,func,free_func,\
- tag,V_ASN1_CONTEXT_SPECIFIC); \
- }
-
-#define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
- if ((c.slen != 0) && \
- (M_ASN1_next == \
- (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
- { \
- M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
- tag,V_ASN1_CONTEXT_SPECIFIC); \
- }
-
-#define M_ASN1_D2I_get_seq(r,func,free_func) \
- M_ASN1_D2I_get_imp_set(r,func,free_func,\
- V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-#define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
- M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
- V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-
-#define M_ASN1_D2I_get_seq_opt(r,func,free_func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
- { M_ASN1_D2I_get_seq(r,func,free_func); }
-
-#define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
- { M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
-
-#define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \
- M_ASN1_D2I_get_imp_set(r,func,free_func,\
- x,V_ASN1_CONTEXT_SPECIFIC);
-
-#define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
- M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
- x,V_ASN1_CONTEXT_SPECIFIC);
-
-#define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \
- c.q=c.p; \
- if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
- (void (*)())free_func,a,b) == NULL) \
- { c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
- c.q=c.p; \
- if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
- free_func,a,b) == NULL) \
- { c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_set_strings(r,func,a,b) \
- c.q=c.p; \
- if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
- { c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
- if ((c.slen != 0L) && (M_ASN1_next == \
- (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
- { \
- int Tinf,Ttag,Tclass; \
- long Tlen; \
- \
- c.q=c.p; \
- Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
- if (Tinf & 0x80) \
- { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
- c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
- Tlen = c.slen - (c.p - c.q) - 2; \
- if (func(&(r),&c.p,Tlen) == NULL) \
- { c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
- Tlen = c.slen - (c.p - c.q); \
- if(!ASN1_check_infinite_end(&c.p, Tlen)) \
- { c.error=ERR_R_MISSING_ASN1_EOS; \
- c.line=__LINE__; goto err; } \
- }\
- c.slen-=(c.p-c.q); \
- }
-
-#define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \
- if ((c.slen != 0) && (M_ASN1_next == \
- (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
- { \
- int Tinf,Ttag,Tclass; \
- long Tlen; \
- \
- c.q=c.p; \
- Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
- if (Tinf & 0x80) \
- { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
- c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
- Tlen = c.slen - (c.p - c.q) - 2; \
- if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
- (void (*)())free_func, \
- b,V_ASN1_UNIVERSAL) == NULL) \
- { c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
- Tlen = c.slen - (c.p - c.q); \
- if(!ASN1_check_infinite_end(&c.p, Tlen)) \
- { c.error=ERR_R_MISSING_ASN1_EOS; \
- c.line=__LINE__; goto err; } \
- }\
- c.slen-=(c.p-c.q); \
- }
-
-#define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
- if ((c.slen != 0) && (M_ASN1_next == \
- (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
- { \
- int Tinf,Ttag,Tclass; \
- long Tlen; \
- \
- c.q=c.p; \
- Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
- if (Tinf & 0x80) \
- { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
- c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
- Tlen = c.slen - (c.p - c.q) - 2; \
- if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
- free_func,b,V_ASN1_UNIVERSAL) == NULL) \
- { c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
- Tlen = c.slen - (c.p - c.q); \
- if(!ASN1_check_infinite_end(&c.p, Tlen)) \
- { c.error=ERR_R_MISSING_ASN1_EOS; \
- c.line=__LINE__; goto err; } \
- }\
- c.slen-=(c.p-c.q); \
- }
-
-/* New macros */
-#define M_ASN1_New_Malloc(ret,type) \
- if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \
- { c.line=__LINE__; goto err2; }
-
-#define M_ASN1_New(arg,func) \
- if (((arg)=func()) == NULL) return(NULL)
-
-#define M_ASN1_New_Error(a) \
-/* err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
- return(NULL);*/ \
- err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
- return(NULL)
-
-
-#define M_ASN1_next (*c.p)
-#define M_ASN1_next_prev (*c.q)
-
-/*************************************************/
-
-#define M_ASN1_I2D_vars(a) int r=0,ret=0; \
- unsigned char *p; \
- if (a == NULL) return(0)
-
-/* Length Macros */
-#define M_ASN1_I2D_len(a,f) ret+=f(a,NULL)
-#define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f)
-
-#define M_ASN1_I2D_len_SET(a,f) \
- ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
-
-#define M_ASN1_I2D_len_SET_type(type,a,f) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
- V_ASN1_UNIVERSAL,IS_SET);
-
-#define M_ASN1_I2D_len_SEQUENCE(a,f) \
- ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
- V_ASN1_UNIVERSAL,IS_SEQUENCE)
-
-#define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_len_SEQUENCE(a,f);
-
-#define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
-
-#define M_ASN1_I2D_len_SEQUENCE_opt_ex_type(type,a,f) \
- if (a) M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
-
-#define M_ASN1_I2D_len_IMP_SET(a,f,x) \
- ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
- V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
- V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \
- ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
- V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
- if (a != NULL)\
- { \
- v=f(a,NULL); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
-
-#define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_num(a) != 0))\
- { \
- v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
-
-#define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_num(a) != 0))\
- { \
- v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
-
-#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_##type##_num(a) != 0))\
- { \
- v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
- V_ASN1_UNIVERSAL, \
- IS_SEQUENCE); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
-
-#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_ex_type(type,a,f,mtag,tag,v) \
- if (a)\
- { \
- v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
- V_ASN1_UNIVERSAL, \
- IS_SEQUENCE); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
-
-/* Put Macros */
-#define M_ASN1_I2D_put(a,f) f(a,&p)
-
-#define M_ASN1_I2D_put_IMP_opt(a,f,t) \
- if (a != NULL) \
- { \
- unsigned char *q=p; \
- f(a,&p); \
- *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
- }
-
-#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
- V_ASN1_UNIVERSAL,IS_SET)
-#define M_ASN1_I2D_put_SET_type(type,a,f) \
- i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET)
-#define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
- V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-#define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
- i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-#define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
- V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE)
-
-#define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
- V_ASN1_UNIVERSAL,IS_SEQUENCE)
-
-#define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
- i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE)
-
-#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_put_SEQUENCE(a,f);
-
-#define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SET); }
-
-#define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
- V_ASN1_CONTEXT_SPECIFIC, \
- IS_SET); }
-
-#define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE); }
-
-#define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
- V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE); }
-
-#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
- if (a != NULL) \
- { \
- ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
- f(a,&p); \
- }
-
-#define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- { \
- ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
- i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
- }
-
-#define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- { \
- ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
- i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \
- }
-
-#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- { \
- ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
- i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE); \
- }
-
-#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_ex_type(type,a,f,mtag,tag,v) \
- if (a) \
- { \
- ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
- i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE); \
- }
-
-#define M_ASN1_I2D_seq_total() \
- r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
- if (pp == NULL) return(r); \
- p= *pp; \
- ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-
-#define M_ASN1_I2D_INF_seq_start(tag,ctx) \
- *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
- *(p++)=0x80
-
-#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
-
-#define M_ASN1_I2D_finish() *pp=p; \
- return(r);
-
-int asn1_GetSequence(ASN1_CTX *c, long *length);
-void asn1_add_error(unsigned char *address,int offset);
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c
deleted file mode 100644
index facfdd27fc..0000000000
--- a/src/lib/libcrypto/asn1/asn1_par.c
+++ /dev/null
@@ -1,423 +0,0 @@
-/* crypto/asn1/asn1_par.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/asn1.h>
-
-static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed,
- int indent);
-static int asn1_parse2(BIO *bp, unsigned char **pp, long length,
- int offset, int depth, int indent, int dump);
-static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
- int indent)
- {
- static const char fmt[]="%-18s";
- static const char fmt2[]="%2d %-15s";
- char str[128];
- const char *p,*p2=NULL;
-
- if (constructed & V_ASN1_CONSTRUCTED)
- p="cons: ";
- else
- p="prim: ";
- if (BIO_write(bp,p,6) < 6) goto err;
- if (indent)
- {
- if (indent > 128) indent=128;
- memset(str,' ',indent);
- if (BIO_write(bp,str,indent) < indent) goto err;
- }
-
- p=str;
- if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
- sprintf(str,"priv [ %d ] ",tag);
- else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
- sprintf(str,"cont [ %d ]",tag);
- else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
- sprintf(str,"appl [ %d ]",tag);
- else p = ASN1_tag2str(tag);
-
- if (p2 != NULL)
- {
- if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err;
- }
- else
- {
- if (BIO_printf(bp,fmt,p) <= 0) goto err;
- }
- return(1);
-err:
- return(0);
- }
-
-int ASN1_parse(BIO *bp, unsigned char *pp, long len, int indent)
- {
- return(asn1_parse2(bp,&pp,len,0,0,indent,0));
- }
-
-int ASN1_parse_dump(BIO *bp, unsigned char *pp, long len, int indent, int dump)
- {
- return(asn1_parse2(bp,&pp,len,0,0,indent,dump));
- }
-
-static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset,
- int depth, int indent, int dump)
- {
- unsigned char *p,*ep,*tot,*op,*opp;
- long len;
- int tag,xclass,ret=0;
- int nl,hl,j,r;
- ASN1_OBJECT *o=NULL;
- ASN1_OCTET_STRING *os=NULL;
- /* ASN1_BMPSTRING *bmp=NULL;*/
- int dump_indent;
-
-#if 0
- dump_indent = indent;
-#else
- dump_indent = 6; /* Because we know BIO_dump_indent() */
-#endif
- p= *pp;
- tot=p+length;
- op=p-1;
- while ((p < tot) && (op < p))
- {
- op=p;
- j=ASN1_get_object(&p,&len,&tag,&xclass,length);
-#ifdef LINT
- j=j;
-#endif
- if (j & 0x80)
- {
- if (BIO_write(bp,"Error in encoding\n",18) <= 0)
- goto end;
- ret=0;
- goto end;
- }
- hl=(p-op);
- length-=hl;
- /* if j == 0x21 it is a constructed indefinite length object */
- if (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp))
- <= 0) goto end;
-
- if (j != (V_ASN1_CONSTRUCTED | 1))
- {
- if (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ",
- depth,(long)hl,len) <= 0)
- goto end;
- }
- else
- {
- if (BIO_printf(bp,"d=%-2d hl=%ld l=inf ",
- depth,(long)hl) <= 0)
- goto end;
- }
- if (!asn1_print_info(bp,tag,xclass,j,(indent)?depth:0))
- goto end;
- if (j & V_ASN1_CONSTRUCTED)
- {
- ep=p+len;
- if (BIO_write(bp,"\n",1) <= 0) goto end;
- if (len > length)
- {
- BIO_printf(bp,
- "length is greater than %ld\n",length);
- ret=0;
- goto end;
- }
- if ((j == 0x21) && (len == 0))
- {
- for (;;)
- {
- r=asn1_parse2(bp,&p,(long)(tot-p),
- offset+(p - *pp),depth+1,
- indent,dump);
- if (r == 0) { ret=0; goto end; }
- if ((r == 2) || (p >= tot)) break;
- }
- }
- else
- while (p < ep)
- {
- r=asn1_parse2(bp,&p,(long)len,
- offset+(p - *pp),depth+1,
- indent,dump);
- if (r == 0) { ret=0; goto end; }
- }
- }
- else if (xclass != 0)
- {
- p+=len;
- if (BIO_write(bp,"\n",1) <= 0) goto end;
- }
- else
- {
- nl=0;
- if ( (tag == V_ASN1_PRINTABLESTRING) ||
- (tag == V_ASN1_T61STRING) ||
- (tag == V_ASN1_IA5STRING) ||
- (tag == V_ASN1_VISIBLESTRING) ||
- (tag == V_ASN1_UTCTIME) ||
- (tag == V_ASN1_GENERALIZEDTIME))
- {
- if (BIO_write(bp,":",1) <= 0) goto end;
- if ((len > 0) &&
- BIO_write(bp,(char *)p,(int)len)
- != (int)len)
- goto end;
- }
- else if (tag == V_ASN1_OBJECT)
- {
- opp=op;
- if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL)
- {
- if (BIO_write(bp,":",1) <= 0) goto end;
- i2a_ASN1_OBJECT(bp,o);
- }
- else
- {
- if (BIO_write(bp,":BAD OBJECT",11) <= 0)
- goto end;
- }
- }
- else if (tag == V_ASN1_BOOLEAN)
- {
- int ii;
-
- opp=op;
- ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl);
- if (ii < 0)
- {
- if (BIO_write(bp,"Bad boolean\n",12))
- goto end;
- }
- BIO_printf(bp,":%d",ii);
- }
- else if (tag == V_ASN1_BMPSTRING)
- {
- /* do the BMP thang */
- }
- else if (tag == V_ASN1_OCTET_STRING)
- {
- int i,printable=1;
-
- opp=op;
- os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl);
- if (os != NULL)
- {
- opp=os->data;
- for (i=0; i<os->length; i++)
- {
- if (( (opp[i] < ' ') &&
- (opp[i] != '\n') &&
- (opp[i] != '\r') &&
- (opp[i] != '\t')) ||
- (opp[i] > '~'))
- {
- printable=0;
- break;
- }
- }
- if (printable && (os->length > 0))
- {
- if (BIO_write(bp,":",1) <= 0)
- goto end;
- if (BIO_write(bp,(char *)opp,
- os->length) <= 0)
- goto end;
- }
- if (!printable && (os->length > 0)
- && dump)
- {
- if (!nl)
- {
- if (BIO_write(bp,"\n",1) <= 0)
- goto end;
- }
- if (BIO_dump_indent(bp,(char *)opp,
- ((dump == -1 || dump > os->length)?os->length:dump),
- dump_indent) <= 0)
- goto end;
- nl=1;
- }
- M_ASN1_OCTET_STRING_free(os);
- os=NULL;
- }
- }
- else if (tag == V_ASN1_INTEGER)
- {
- ASN1_INTEGER *bs;
- int i;
-
- opp=op;
- bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl);
- if (bs != NULL)
- {
- if (BIO_write(bp,":",1) <= 0) goto end;
- if (bs->type == V_ASN1_NEG_INTEGER)
- if (BIO_write(bp,"-",1) <= 0)
- goto end;
- for (i=0; i<bs->length; i++)
- {
- if (BIO_printf(bp,"%02X",
- bs->data[i]) <= 0)
- goto end;
- }
- if (bs->length == 0)
- {
- if (BIO_write(bp,"00",2) <= 0)
- goto end;
- }
- }
- else
- {
- if (BIO_write(bp,"BAD INTEGER",11) <= 0)
- goto end;
- }
- M_ASN1_INTEGER_free(bs);
- }
- else if (tag == V_ASN1_ENUMERATED)
- {
- ASN1_ENUMERATED *bs;
- int i;
-
- opp=op;
- bs=d2i_ASN1_ENUMERATED(NULL,&opp,len+hl);
- if (bs != NULL)
- {
- if (BIO_write(bp,":",1) <= 0) goto end;
- if (bs->type == V_ASN1_NEG_ENUMERATED)
- if (BIO_write(bp,"-",1) <= 0)
- goto end;
- for (i=0; i<bs->length; i++)
- {
- if (BIO_printf(bp,"%02X",
- bs->data[i]) <= 0)
- goto end;
- }
- if (bs->length == 0)
- {
- if (BIO_write(bp,"00",2) <= 0)
- goto end;
- }
- }
- else
- {
- if (BIO_write(bp,"BAD ENUMERATED",11) <= 0)
- goto end;
- }
- M_ASN1_ENUMERATED_free(bs);
- }
- else if (len > 0 && dump)
- {
- if (!nl)
- {
- if (BIO_write(bp,"\n",1) <= 0)
- goto end;
- }
- if (BIO_dump_indent(bp,(char *)p,
- ((dump == -1 || dump > len)?len:dump),
- dump_indent) <= 0)
- goto end;
- nl=1;
- }
-
- if (!nl)
- {
- if (BIO_write(bp,"\n",1) <= 0) goto end;
- }
- p+=len;
- if ((tag == V_ASN1_EOC) && (xclass == 0))
- {
- ret=2; /* End of sequence */
- goto end;
- }
- }
- length-=len;
- }
- ret=1;
-end:
- if (o != NULL) ASN1_OBJECT_free(o);
- if (os != NULL) M_ASN1_OCTET_STRING_free(os);
- *pp=p;
- return(ret);
- }
-
-const char *ASN1_tag2str(int tag)
-{
- const static char *tag2str[] = {
- "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */
- "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */
- "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>", /* 10-13 */
- "<ASN1 14>", "<ASN1 15>", "SEQUENCE", "SET", /* 15-17 */
- "NUMERICSTRING", "PRINTABLESTRING", "T61STRING", /* 18-20 */
- "VIDEOTEXSTRING", "IA5STRING", "UTCTIME","GENERALIZEDTIME", /* 21-24 */
- "GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING", /* 25-27 */
- "UNIVERSALSTRING", "<ASN1 29>", "BMPSTRING" /* 28-30 */
- };
-
- if((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
- tag &= ~0x100;
-
- if(tag < 0 || tag > 30) return "(unknown)";
- return tag2str[tag];
-}
-
diff --git a/src/lib/libcrypto/asn1/asn_pack.c b/src/lib/libcrypto/asn1/asn_pack.c
deleted file mode 100644
index bdf5f130b3..0000000000
--- a/src/lib/libcrypto/asn1/asn_pack.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* asn_pack.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-/* ASN1 packing and unpacking functions */
-
-/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */
-
-STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
- void (*free_func)(void *))
-{
- STACK *sk;
- unsigned char *pbuf;
- pbuf = buf;
- if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func,
- V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL)))
- ASN1err(ASN1_F_ASN1_SEQ_UNPACK,ASN1_R_DECODE_ERROR);
- return sk;
-}
-
-/* Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a
- * OPENSSL_malloc'ed buffer
- */
-
-unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
- int *len)
-{
- int safelen;
- unsigned char *safe, *p;
- if (!(safelen = i2d_ASN1_SET(safes, NULL, i2d, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE))) {
- ASN1err(ASN1_F_ASN1_SEQ_PACK,ASN1_R_ENCODE_ERROR);
- return NULL;
- }
- if (!(safe = OPENSSL_malloc (safelen))) {
- ASN1err(ASN1_F_ASN1_SEQ_PACK,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- p = safe;
- i2d_ASN1_SET(safes, &p, i2d, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL,
- IS_SEQUENCE);
- if (len) *len = safelen;
- if (buf) *buf = safe;
- return safe;
-}
-
-/* Extract an ASN1 object from an ASN1_STRING */
-
-void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)())
-{
- unsigned char *p;
- char *ret;
-
- p = oct->data;
- if(!(ret = d2i(NULL, &p, oct->length)))
- ASN1err(ASN1_F_ASN1_UNPACK_STRING,ASN1_R_DECODE_ERROR);
- return ret;
-}
-
-/* Pack an ASN1 object into an ASN1_STRING */
-
-ASN1_STRING *ASN1_pack_string (void *obj, int (*i2d)(), ASN1_STRING **oct)
-{
- unsigned char *p;
- ASN1_STRING *octmp;
-
- if (!oct || !*oct) {
- if (!(octmp = ASN1_STRING_new ())) {
- ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- if (oct) *oct = octmp;
- } else octmp = *oct;
-
- if (!(octmp->length = i2d(obj, NULL))) {
- ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR);
- return NULL;
- }
- if (!(p = OPENSSL_malloc (octmp->length))) {
- ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- octmp->data = p;
- i2d (obj, &p);
- return octmp;
-}
-
diff --git a/src/lib/libcrypto/asn1/charmap.h b/src/lib/libcrypto/asn1/charmap.h
deleted file mode 100644
index bd020a9562..0000000000
--- a/src/lib/libcrypto/asn1/charmap.h
+++ /dev/null
@@ -1,15 +0,0 @@
-/* Auto generated with chartype.pl script.
- * Mask of various character properties
- */
-
-static unsigned char char_type[] = {
- 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
- 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
-120, 0, 1,40, 0, 0, 0,16,16,16, 0,25,25,16,16,16,
-16,16,16,16,16,16,16,16,16,16,16, 9, 9,16, 9,16,
- 0,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,
-16,16,16,16,16,16,16,16,16,16,16, 0, 1, 0, 0, 0,
- 0,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,
-16,16,16,16,16,16,16,16,16,16,16, 0, 0, 0, 0, 2
-};
-
diff --git a/src/lib/libcrypto/asn1/charmap.pl b/src/lib/libcrypto/asn1/charmap.pl
deleted file mode 100644
index 2875c59867..0000000000
--- a/src/lib/libcrypto/asn1/charmap.pl
+++ /dev/null
@@ -1,80 +0,0 @@
-#!/usr/local/bin/perl -w
-
-use strict;
-
-my ($i, @arr);
-
-# Set up an array with the type of ASCII characters
-# Each set bit represents a character property.
-
-# RFC2253 character properties
-my $RFC2253_ESC = 1; # Character escaped with \
-my $ESC_CTRL = 2; # Escaped control character
-# These are used with RFC1779 quoting using "
-my $NOESC_QUOTE = 8; # Not escaped if quoted
-my $PSTRING_CHAR = 0x10; # Valid PrintableString character
-my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character
-my $RFC2253_LAST_ESC = 0x40; # Escaped with \ if last character
-
-for($i = 0; $i < 128; $i++) {
- # Set the RFC2253 escape characters (control)
- $arr[$i] = 0;
- if(($i < 32) || ($i > 126)) {
- $arr[$i] |= $ESC_CTRL;
- }
-
- # Some PrintableString characters
- if( ( ( $i >= ord("a")) && ( $i <= ord("z")) )
- || ( ( $i >= ord("A")) && ( $i <= ord("Z")) )
- || ( ( $i >= ord("0")) && ( $i <= ord("9")) ) ) {
- $arr[$i] |= $PSTRING_CHAR;
- }
-}
-
-# Now setup the rest
-
-# Remaining RFC2253 escaped characters
-
-$arr[ord(" ")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC | $RFC2253_LAST_ESC;
-$arr[ord("#")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC;
-
-$arr[ord(",")] |= $NOESC_QUOTE | $RFC2253_ESC;
-$arr[ord("+")] |= $NOESC_QUOTE | $RFC2253_ESC;
-$arr[ord("\"")] |= $RFC2253_ESC;
-$arr[ord("\\")] |= $RFC2253_ESC;
-$arr[ord("<")] |= $NOESC_QUOTE | $RFC2253_ESC;
-$arr[ord(">")] |= $NOESC_QUOTE | $RFC2253_ESC;
-$arr[ord(";")] |= $NOESC_QUOTE | $RFC2253_ESC;
-
-# Remaining PrintableString characters
-
-$arr[ord(" ")] |= $PSTRING_CHAR;
-$arr[ord("'")] |= $PSTRING_CHAR;
-$arr[ord("(")] |= $PSTRING_CHAR;
-$arr[ord(")")] |= $PSTRING_CHAR;
-$arr[ord("+")] |= $PSTRING_CHAR;
-$arr[ord(",")] |= $PSTRING_CHAR;
-$arr[ord("-")] |= $PSTRING_CHAR;
-$arr[ord(".")] |= $PSTRING_CHAR;
-$arr[ord("/")] |= $PSTRING_CHAR;
-$arr[ord(":")] |= $PSTRING_CHAR;
-$arr[ord("=")] |= $PSTRING_CHAR;
-$arr[ord("?")] |= $PSTRING_CHAR;
-
-# Now generate the C code
-
-print <<EOF;
-/* Auto generated with chartype.pl script.
- * Mask of various character properties
- */
-
-static unsigned char char_type[] = {
-EOF
-
-for($i = 0; $i < 128; $i++) {
- print("\n") if($i && (($i % 16) == 0));
- printf("%2d", $arr[$i]);
- print(",") if ($i != 127);
-}
-print("\n};\n\n");
-
diff --git a/src/lib/libcrypto/asn1/d2i_pr.c b/src/lib/libcrypto/asn1/d2i_pr.c
deleted file mode 100644
index c92b8325d8..0000000000
--- a/src/lib/libcrypto/asn1/d2i_pr.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/* crypto/asn1/d2i_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/asn1.h>
-
-EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp,
- long length)
- {
- EVP_PKEY *ret;
-
- if ((a == NULL) || (*a == NULL))
- {
- if ((ret=EVP_PKEY_new()) == NULL)
- {
- ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB);
- return(NULL);
- }
- }
- else ret= *a;
-
- ret->save_type=type;
- ret->type=EVP_PKEY_type(type);
- switch (ret->type)
- {
-#ifndef NO_RSA
- case EVP_PKEY_RSA:
- if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,pp,length)) == NULL)
- {
- ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
- goto err;
- }
- break;
-#endif
-#ifndef NO_DSA
- case EVP_PKEY_DSA:
- if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,pp,length)) == NULL)
- {
- ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
- goto err;
- }
- break;
-#endif
- default:
- ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
- goto err;
- /* break; */
- }
- if (a != NULL) (*a)=ret;
- return(ret);
-err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret);
- return(NULL);
- }
-
-/* This works like d2i_PrivateKey() except it automatically works out the type */
-
-EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
- long length)
-{
- STACK_OF(ASN1_TYPE) *inkey;
- unsigned char *p;
- int keytype;
- p = *pp;
- /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE):
- * by analyzing it we can determine the passed structure: this
- * assumes the input is surrounded by an ASN1 SEQUENCE.
- */
- inkey = d2i_ASN1_SET_OF_ASN1_TYPE(NULL, &p, length, d2i_ASN1_TYPE,
- ASN1_TYPE_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
- /* Since we only need to discern "traditional format" RSA and DSA
- * keys we can just count the elements.
- */
- if(sk_ASN1_TYPE_num(inkey) == 6) keytype = EVP_PKEY_DSA;
- else keytype = EVP_PKEY_RSA;
- sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
- return d2i_PrivateKey(keytype, a, pp, length);
-}
diff --git a/src/lib/libcrypto/asn1/d2i_pu.c b/src/lib/libcrypto/asn1/d2i_pu.c
deleted file mode 100644
index e0d203cef7..0000000000
--- a/src/lib/libcrypto/asn1/d2i_pu.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/* crypto/asn1/d2i_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/asn1.h>
-
-EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp,
- long length)
- {
- EVP_PKEY *ret;
-
- if ((a == NULL) || (*a == NULL))
- {
- if ((ret=EVP_PKEY_new()) == NULL)
- {
- ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
- return(NULL);
- }
- }
- else ret= *a;
-
- ret->save_type=type;
- ret->type=EVP_PKEY_type(type);
- switch (ret->type)
- {
-#ifndef NO_RSA
- case EVP_PKEY_RSA:
- if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,pp,length)) == NULL)
- {
- ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
- goto err;
- }
- break;
-#endif
-#ifndef NO_DSA
- case EVP_PKEY_DSA:
- if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,pp,length)) == NULL)
- {
- ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
- goto err;
- }
- break;
-#endif
- default:
- ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
- goto err;
- /* break; */
- }
- if (a != NULL) (*a)=ret;
- return(ret);
-err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret);
- return(NULL);
- }
-
diff --git a/src/lib/libcrypto/asn1/evp_asn1.c b/src/lib/libcrypto/asn1/evp_asn1.c
deleted file mode 100644
index 3506005a71..0000000000
--- a/src/lib/libcrypto/asn1/evp_asn1.c
+++ /dev/null
@@ -1,185 +0,0 @@
-/* crypto/asn1/evp_asn1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-
-int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len)
- {
- ASN1_STRING *os;
-
- if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0);
- if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0);
- ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os);
- return(1);
- }
-
-/* int max_len: for returned value */
-int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data,
- int max_len)
- {
- int ret,num;
- unsigned char *p;
-
- if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL))
- {
- ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
- return(-1);
- }
- p=M_ASN1_STRING_data(a->value.octet_string);
- ret=M_ASN1_STRING_length(a->value.octet_string);
- if (ret < max_len)
- num=ret;
- else
- num=max_len;
- memcpy(data,p,num);
- return(ret);
- }
-
-int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
- int len)
- {
- int n,size;
- ASN1_OCTET_STRING os,*osp;
- ASN1_INTEGER in;
- unsigned char *p;
- unsigned char buf[32]; /* when they have 256bit longs,
- * I'll be in trouble */
- in.data=buf;
- in.length=32;
- os.data=data;
- os.type=V_ASN1_OCTET_STRING;
- os.length=len;
- ASN1_INTEGER_set(&in,num);
- n = i2d_ASN1_INTEGER(&in,NULL);
- n+=M_i2d_ASN1_OCTET_STRING(&os,NULL);
-
- size=ASN1_object_size(1,n,V_ASN1_SEQUENCE);
-
- if ((osp=ASN1_STRING_new()) == NULL) return(0);
- /* Grow the 'string' */
- ASN1_STRING_set(osp,NULL,size);
-
- M_ASN1_STRING_length_set(osp, size);
- p=M_ASN1_STRING_data(osp);
-
- ASN1_put_object(&p,1,n,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
- i2d_ASN1_INTEGER(&in,&p);
- M_i2d_ASN1_OCTET_STRING(&os,&p);
-
- ASN1_TYPE_set(a,V_ASN1_SEQUENCE,osp);
- return(1);
- }
-
-/* we return the actual length..., num may be missing, in which
- * case, set it to zero */
-/* int max_len: for returned value */
-int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
- int max_len)
- {
- int ret= -1,n;
- ASN1_INTEGER *ai=NULL;
- ASN1_OCTET_STRING *os=NULL;
- unsigned char *p;
- long length;
- ASN1_CTX c;
-
- if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL))
- {
- goto err;
- }
- p=M_ASN1_STRING_data(a->value.sequence);
- length=M_ASN1_STRING_length(a->value.sequence);
-
- c.pp= &p;
- c.p=p;
- c.max=p+length;
- c.error=ASN1_R_DATA_IS_WRONG;
-
- M_ASN1_D2I_start_sequence();
- c.q=c.p;
- if ((ai=d2i_ASN1_INTEGER(NULL,&c.p,c.slen)) == NULL) goto err;
- c.slen-=(c.p-c.q);
- c.q=c.p;
- if ((os=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) goto err;
- c.slen-=(c.p-c.q);
- if (!M_ASN1_D2I_end_sequence()) goto err;
-
- if (num != NULL)
- *num=ASN1_INTEGER_get(ai);
-
- ret=M_ASN1_STRING_length(os);
- if (max_len > ret)
- n=ret;
- else
- n=max_len;
-
- if (data != NULL)
- memcpy(data,M_ASN1_STRING_data(os),n);
- if (0)
- {
-err:
- ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
- }
- if (os != NULL) M_ASN1_OCTET_STRING_free(os);
- if (ai != NULL) M_ASN1_INTEGER_free(ai);
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/asn1/f_enum.c b/src/lib/libcrypto/asn1/f_enum.c
deleted file mode 100644
index 56e3cc8df2..0000000000
--- a/src/lib/libcrypto/asn1/f_enum.c
+++ /dev/null
@@ -1,207 +0,0 @@
-/* crypto/asn1/f_enum.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-/* Based on a_int.c: equivalent ENUMERATED functions */
-
-int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
- {
- int i,n=0;
- static const char *h="0123456789ABCDEF";
- char buf[2];
-
- if (a == NULL) return(0);
-
- if (a->length == 0)
- {
- if (BIO_write(bp,"00",2) != 2) goto err;
- n=2;
- }
- else
- {
- for (i=0; i<a->length; i++)
- {
- if ((i != 0) && (i%35 == 0))
- {
- if (BIO_write(bp,"\\\n",2) != 2) goto err;
- n+=2;
- }
- buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
- buf[1]=h[((unsigned char)a->data[i] )&0x0f];
- if (BIO_write(bp,buf,2) != 2) goto err;
- n+=2;
- }
- }
- return(n);
-err:
- return(-1);
- }
-
-int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
- {
- int ret=0;
- int i,j,k,m,n,again,bufsize;
- unsigned char *s=NULL,*sp;
- unsigned char *bufp;
- int num=0,slen=0,first=1;
-
- bs->type=V_ASN1_ENUMERATED;
-
- bufsize=BIO_gets(bp,buf,size);
- for (;;)
- {
- if (bufsize < 1) goto err_sl;
- i=bufsize;
- if (buf[i-1] == '\n') buf[--i]='\0';
- if (i == 0) goto err_sl;
- if (buf[i-1] == '\r') buf[--i]='\0';
- if (i == 0) goto err_sl;
- again=(buf[i-1] == '\\');
-
- for (j=0; j<i; j++)
- {
- if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
- ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
- ((buf[j] >= 'A') && (buf[j] <= 'F'))))
- {
- i=j;
- break;
- }
- }
- buf[i]='\0';
- /* We have now cleared all the crap off the end of the
- * line */
- if (i < 2) goto err_sl;
-
- bufp=(unsigned char *)buf;
- if (first)
- {
- first=0;
- if ((bufp[0] == '0') && (buf[1] == '0'))
- {
- bufp+=2;
- i-=2;
- }
- }
- k=0;
- i-=again;
- if (i%2 != 0)
- {
- ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_ODD_NUMBER_OF_CHARS);
- goto err;
- }
- i/=2;
- if (num+i > slen)
- {
- if (s == NULL)
- sp=(unsigned char *)OPENSSL_malloc(
- (unsigned int)num+i*2);
- else
- sp=(unsigned char *)OPENSSL_realloc(s,
- (unsigned int)num+i*2);
- if (sp == NULL)
- {
- ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
- if (s != NULL) OPENSSL_free(s);
- goto err;
- }
- s=sp;
- slen=num+i*2;
- }
- for (j=0; j<i; j++,k+=2)
- {
- for (n=0; n<2; n++)
- {
- m=bufp[k+n];
- if ((m >= '0') && (m <= '9'))
- m-='0';
- else if ((m >= 'a') && (m <= 'f'))
- m=m-'a'+10;
- else if ((m >= 'A') && (m <= 'F'))
- m=m-'A'+10;
- else
- {
- ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_NON_HEX_CHARACTERS);
- goto err;
- }
- s[num+j]<<=4;
- s[num+j]|=m;
- }
- }
- num+=i;
- if (again)
- bufsize=BIO_gets(bp,buf,size);
- else
- break;
- }
- bs->length=num;
- bs->data=s;
- ret=1;
-err:
- if (0)
- {
-err_sl:
- ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_SHORT_LINE);
- }
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/asn1/f_int.c b/src/lib/libcrypto/asn1/f_int.c
deleted file mode 100644
index 6b090f6740..0000000000
--- a/src/lib/libcrypto/asn1/f_int.c
+++ /dev/null
@@ -1,214 +0,0 @@
-/* crypto/asn1/f_int.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
- {
- int i,n=0;
- static const char *h="0123456789ABCDEF";
- char buf[2];
-
- if (a == NULL) return(0);
-
- if (a->length == 0)
- {
- if (BIO_write(bp,"00",2) != 2) goto err;
- n=2;
- }
- else
- {
- for (i=0; i<a->length; i++)
- {
- if ((i != 0) && (i%35 == 0))
- {
- if (BIO_write(bp,"\\\n",2) != 2) goto err;
- n+=2;
- }
- buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
- buf[1]=h[((unsigned char)a->data[i] )&0x0f];
- if (BIO_write(bp,buf,2) != 2) goto err;
- n+=2;
- }
- }
- return(n);
-err:
- return(-1);
- }
-
-int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
- {
- int ret=0;
- int i,j,k,m,n,again,bufsize;
- unsigned char *s=NULL,*sp;
- unsigned char *bufp;
- int num=0,slen=0,first=1;
-
- bs->type=V_ASN1_INTEGER;
-
- bufsize=BIO_gets(bp,buf,size);
- for (;;)
- {
- if (bufsize < 1) goto err_sl;
- i=bufsize;
- if (buf[i-1] == '\n') buf[--i]='\0';
- if (i == 0) goto err_sl;
- if (buf[i-1] == '\r') buf[--i]='\0';
- if (i == 0) goto err_sl;
- again=(buf[i-1] == '\\');
-
- for (j=0; j<i; j++)
- {
-#ifndef CHARSET_EBCDIC
- if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
- ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
- ((buf[j] >= 'A') && (buf[j] <= 'F'))))
-#else
- /* This #ifdef is not strictly necessary, since
- * the characters A...F a...f 0...9 are contiguous
- * (yes, even in EBCDIC - but not the whole alphabet).
- * Nevertheless, isxdigit() is faster.
- */
- if (!isxdigit(buf[j]))
-#endif
- {
- i=j;
- break;
- }
- }
- buf[i]='\0';
- /* We have now cleared all the crap off the end of the
- * line */
- if (i < 2) goto err_sl;
-
- bufp=(unsigned char *)buf;
- if (first)
- {
- first=0;
- if ((bufp[0] == '0') && (buf[1] == '0'))
- {
- bufp+=2;
- i-=2;
- }
- }
- k=0;
- i-=again;
- if (i%2 != 0)
- {
- ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_ODD_NUMBER_OF_CHARS);
- goto err;
- }
- i/=2;
- if (num+i > slen)
- {
- if (s == NULL)
- sp=(unsigned char *)OPENSSL_malloc(
- (unsigned int)num+i*2);
- else
- sp=(unsigned char *)OPENSSL_realloc(s,
- (unsigned int)num+i*2);
- if (sp == NULL)
- {
- ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
- if (s != NULL) OPENSSL_free(s);
- goto err;
- }
- s=sp;
- slen=num+i*2;
- }
- for (j=0; j<i; j++,k+=2)
- {
- for (n=0; n<2; n++)
- {
- m=bufp[k+n];
- if ((m >= '0') && (m <= '9'))
- m-='0';
- else if ((m >= 'a') && (m <= 'f'))
- m=m-'a'+10;
- else if ((m >= 'A') && (m <= 'F'))
- m=m-'A'+10;
- else
- {
- ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_NON_HEX_CHARACTERS);
- goto err;
- }
- s[num+j]<<=4;
- s[num+j]|=m;
- }
- }
- num+=i;
- if (again)
- bufsize=BIO_gets(bp,buf,size);
- else
- break;
- }
- bs->length=num;
- bs->data=s;
- ret=1;
-err:
- if (0)
- {
-err_sl:
- ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_SHORT_LINE);
- }
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/asn1/f_string.c b/src/lib/libcrypto/asn1/f_string.c
deleted file mode 100644
index 968698a798..0000000000
--- a/src/lib/libcrypto/asn1/f_string.c
+++ /dev/null
@@ -1,212 +0,0 @@
-/* crypto/asn1/f_string.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type)
- {
- int i,n=0;
- static const char *h="0123456789ABCDEF";
- char buf[2];
-
- if (a == NULL) return(0);
-
- if (a->length == 0)
- {
- if (BIO_write(bp,"0",1) != 1) goto err;
- n=1;
- }
- else
- {
- for (i=0; i<a->length; i++)
- {
- if ((i != 0) && (i%35 == 0))
- {
- if (BIO_write(bp,"\\\n",2) != 2) goto err;
- n+=2;
- }
- buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
- buf[1]=h[((unsigned char)a->data[i] )&0x0f];
- if (BIO_write(bp,buf,2) != 2) goto err;
- n+=2;
- }
- }
- return(n);
-err:
- return(-1);
- }
-
-int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
- {
- int ret=0;
- int i,j,k,m,n,again,bufsize;
- unsigned char *s=NULL,*sp;
- unsigned char *bufp;
- int num=0,slen=0,first=1;
-
- bufsize=BIO_gets(bp,buf,size);
- for (;;)
- {
- if (bufsize < 1)
- {
- if (first)
- break;
- else
- goto err_sl;
- }
- first=0;
-
- i=bufsize;
- if (buf[i-1] == '\n') buf[--i]='\0';
- if (i == 0) goto err_sl;
- if (buf[i-1] == '\r') buf[--i]='\0';
- if (i == 0) goto err_sl;
- again=(buf[i-1] == '\\');
-
- for (j=i-1; j>0; j--)
- {
-#ifndef CHARSET_EBCDIC
- if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
- ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
- ((buf[j] >= 'A') && (buf[j] <= 'F'))))
-#else
- /* This #ifdef is not strictly necessary, since
- * the characters A...F a...f 0...9 are contiguous
- * (yes, even in EBCDIC - but not the whole alphabet).
- * Nevertheless, isxdigit() is faster.
- */
- if (!isxdigit(buf[j]))
-#endif
- {
- i=j;
- break;
- }
- }
- buf[i]='\0';
- /* We have now cleared all the crap off the end of the
- * line */
- if (i < 2) goto err_sl;
-
- bufp=(unsigned char *)buf;
-
- k=0;
- i-=again;
- if (i%2 != 0)
- {
- ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_ODD_NUMBER_OF_CHARS);
- goto err;
- }
- i/=2;
- if (num+i > slen)
- {
- if (s == NULL)
- sp=(unsigned char *)OPENSSL_malloc(
- (unsigned int)num+i*2);
- else
- sp=(unsigned char *)OPENSSL_realloc(s,
- (unsigned int)num+i*2);
- if (sp == NULL)
- {
- ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE);
- if (s != NULL) OPENSSL_free(s);
- goto err;
- }
- s=sp;
- slen=num+i*2;
- }
- for (j=0; j<i; j++,k+=2)
- {
- for (n=0; n<2; n++)
- {
- m=bufp[k+n];
- if ((m >= '0') && (m <= '9'))
- m-='0';
- else if ((m >= 'a') && (m <= 'f'))
- m=m-'a'+10;
- else if ((m >= 'A') && (m <= 'F'))
- m=m-'A'+10;
- else
- {
- ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_NON_HEX_CHARACTERS);
- goto err;
- }
- s[num+j]<<=4;
- s[num+j]|=m;
- }
- }
- num+=i;
- if (again)
- bufsize=BIO_gets(bp,buf,size);
- else
- break;
- }
- bs->length=num;
- bs->data=s;
- ret=1;
-err:
- if (0)
- {
-err_sl:
- ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_SHORT_LINE);
- }
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/asn1/i2d_pr.c b/src/lib/libcrypto/asn1/i2d_pr.c
deleted file mode 100644
index 71d6910204..0000000000
--- a/src/lib/libcrypto/asn1/i2d_pr.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* crypto/asn1/i2d_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
- {
-#ifndef NO_RSA
- if (a->type == EVP_PKEY_RSA)
- {
- return(i2d_RSAPrivateKey(a->pkey.rsa,pp));
- }
- else
-#endif
-#ifndef NO_DSA
- if (a->type == EVP_PKEY_DSA)
- {
- return(i2d_DSAPrivateKey(a->pkey.dsa,pp));
- }
-#endif
-
- ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
- return(-1);
- }
-
diff --git a/src/lib/libcrypto/asn1/i2d_pu.c b/src/lib/libcrypto/asn1/i2d_pu.c
deleted file mode 100644
index 8f73d37d03..0000000000
--- a/src/lib/libcrypto/asn1/i2d_pu.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* crypto/asn1/i2d_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
- {
- switch (a->type)
- {
-#ifndef NO_RSA
- case EVP_PKEY_RSA:
- return(i2d_RSAPublicKey(a->pkey.rsa,pp));
-#endif
-#ifndef NO_DSA
- case EVP_PKEY_DSA:
- return(i2d_DSAPublicKey(a->pkey.dsa,pp));
-#endif
- default:
- ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
- return(-1);
- }
- }
-
diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c
deleted file mode 100644
index 9840193538..0000000000
--- a/src/lib/libcrypto/asn1/n_pkey.c
+++ /dev/null
@@ -1,388 +0,0 @@
-/* crypto/asn1/n_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-
-#ifndef NO_RC4
-
-typedef struct netscape_pkey_st
- {
- ASN1_INTEGER *version;
- X509_ALGOR *algor;
- ASN1_OCTET_STRING *private_key;
- } NETSCAPE_PKEY;
-
-static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp);
-static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length);
-static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void);
-static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *);
-
-int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)())
-{
- return i2d_RSA_NET(a, pp, cb, 0);
-}
-
-int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
- {
- int i,j,l[6];
- NETSCAPE_PKEY *pkey;
- unsigned char buf[256],*zz;
- unsigned char key[EVP_MAX_KEY_LENGTH];
- EVP_CIPHER_CTX ctx;
- X509_ALGOR *alg=NULL;
- ASN1_OCTET_STRING os,os2;
- M_ASN1_I2D_vars(a);
-
- if (a == NULL) return(0);
-
-#ifdef WIN32
- r=r; /* shut the damn compiler up :-) */
-#endif
-
- os.data=os2.data=NULL;
- if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err;
- if (!ASN1_INTEGER_set(pkey->version,0)) goto err;
-
- if (pkey->algor->algorithm != NULL)
- ASN1_OBJECT_free(pkey->algor->algorithm);
- pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption);
- if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
- pkey->algor->parameter->type=V_ASN1_NULL;
-
- l[0]=i2d_RSAPrivateKey(a,NULL);
- pkey->private_key->length=l[0];
-
- os2.length=i2d_NETSCAPE_PKEY(pkey,NULL);
- l[1]=i2d_ASN1_OCTET_STRING(&os2,NULL);
-
- if ((alg=X509_ALGOR_new()) == NULL) goto err;
- if (alg->algorithm != NULL)
- ASN1_OBJECT_free(alg->algorithm);
- alg->algorithm=OBJ_nid2obj(NID_rc4);
- if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err;
- alg->parameter->type=V_ASN1_NULL;
-
- l[2]=i2d_X509_ALGOR(alg,NULL);
- l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE);
-
-#ifndef CONST_STRICT
- os.data=(unsigned char *)"private-key";
-#endif
- os.length=11;
- l[4]=i2d_ASN1_OCTET_STRING(&os,NULL);
-
- l[5]=ASN1_object_size(1,l[4]+l[3],V_ASN1_SEQUENCE);
-
- if (pp == NULL)
- {
- if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
- if (alg != NULL) X509_ALGOR_free(alg);
- return(l[5]);
- }
-
- if (pkey->private_key->data != NULL)
- OPENSSL_free(pkey->private_key->data);
- if ((pkey->private_key->data=(unsigned char *)OPENSSL_malloc(l[0])) == NULL)
- {
- ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- zz=pkey->private_key->data;
- i2d_RSAPrivateKey(a,&zz);
-
- if ((os2.data=(unsigned char *)OPENSSL_malloc(os2.length)) == NULL)
- {
- ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- zz=os2.data;
- i2d_NETSCAPE_PKEY(pkey,&zz);
-
- if (cb == NULL)
- cb=EVP_read_pw_string;
- i=cb(buf,256,"Enter Private Key password:",1);
- if (i != 0)
- {
- ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ);
- goto err;
- }
- i = strlen((char *)buf);
- /* If the key is used for SGC the algorithm is modified a little. */
- if(sgckey){
- EVP_MD_CTX mctx;
- EVP_DigestInit(&mctx, EVP_md5());
- EVP_DigestUpdate(&mctx, buf, i);
- EVP_DigestFinal(&mctx, buf, NULL);
- memcpy(buf + 16, "SGCKEYSALT", 10);
- i = 26;
- }
-
- EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
- memset(buf,0,256);
-
- EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL);
- EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length);
- EVP_EncryptFinal(&ctx,&(os2.data[i]),&j);
- EVP_CIPHER_CTX_cleanup(&ctx);
-
- p= *pp;
- ASN1_put_object(&p,1,l[4]+l[3],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
- i2d_ASN1_OCTET_STRING(&os,&p);
- ASN1_put_object(&p,1,l[2]+l[1],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
- i2d_X509_ALGOR(alg,&p);
- i2d_ASN1_OCTET_STRING(&os2,&p);
- ret=l[5];
-err:
- if (os2.data != NULL) OPENSSL_free(os2.data);
- if (alg != NULL) X509_ALGOR_free(alg);
- if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
- r=r;
- return(ret);
- }
-
-
-RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)())
-{
- return d2i_RSA_NET(a, pp, length, cb, 0);
-}
-
-RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey)
- {
- RSA *ret=NULL;
- ASN1_OCTET_STRING *os=NULL;
- ASN1_CTX c;
-
- c.pp=pp;
- c.error=ASN1_R_DECODING_ERROR;
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
- if ((os->length != 11) || (strncmp("private-key",
- (char *)os->data,os->length) != 0))
- {
- ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
- M_ASN1_BIT_STRING_free(os);
- goto err;
- }
- M_ASN1_BIT_STRING_free(os);
- c.q=c.p;
- if ((ret=d2i_RSA_NET_2(a,&c.p,c.slen,cb, sgckey)) == NULL) goto err;
- /* Note: some versions of IIS key files use length values that are
- * too small for the surrounding SEQUENCEs. This following line
- * effectively disable length checking.
- */
- c.slen = 0;
-
- M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA);
- }
-
-RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length,
- int (*cb)())
-{
- return d2i_RSA_NET_2(a, pp, length, cb, 0);
-}
-
-RSA *d2i_RSA_NET_2(RSA **a, unsigned char **pp, long length,
- int (*cb)(), int sgckey)
- {
- NETSCAPE_PKEY *pkey=NULL;
- RSA *ret=NULL;
- int i,j;
- unsigned char buf[256],*zz;
- unsigned char key[EVP_MAX_KEY_LENGTH];
- EVP_CIPHER_CTX ctx;
- X509_ALGOR *alg=NULL;
- ASN1_OCTET_STRING *os=NULL;
- ASN1_CTX c;
-
- c.error=ERR_R_NESTED_ASN1_ERROR;
- c.pp=pp;
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(alg,d2i_X509_ALGOR);
- if (OBJ_obj2nid(alg->algorithm) != NID_rc4)
- {
- ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
- goto err;
- }
- M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
- if (cb == NULL)
- cb=EVP_read_pw_string;
- i=cb(buf,256,"Enter Private Key password:",0);
- if (i != 0)
- {
- ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ);
- goto err;
- }
-
- i = strlen((char *)buf);
- if(sgckey){
- EVP_MD_CTX mctx;
- EVP_DigestInit(&mctx, EVP_md5());
- EVP_DigestUpdate(&mctx, buf, i);
- EVP_DigestFinal(&mctx, buf, NULL);
- memcpy(buf + 16, "SGCKEYSALT", 10);
- i = 26;
- }
-
- EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
- memset(buf,0,256);
-
- EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL);
- EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
- EVP_DecryptFinal(&ctx,&(os->data[i]),&j);
- EVP_CIPHER_CTX_cleanup(&ctx);
- os->length=i+j;
-
- zz=os->data;
-
- if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL)
- {
- ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
- goto err;
- }
-
- zz=pkey->private_key->data;
- if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
- {
- ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
- goto err;
- }
- if (!asn1_Finish(&c)) goto err;
- *pp=c.p;
-err:
- if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
- if (os != NULL) M_ASN1_BIT_STRING_free(os);
- if (alg != NULL) X509_ALGOR_free(alg);
- return(ret);
- }
-
-static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
-
- M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->private_key, i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->private_key, i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->private_key,d2i_ASN1_OCTET_STRING);
- M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY);
- }
-
-static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void)
- {
- NETSCAPE_PKEY *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,NETSCAPE_PKEY);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->algor,X509_ALGOR_new);
- M_ASN1_New(ret->private_key,M_ASN1_OCTET_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW);
- }
-
-static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- X509_ALGOR_free(a->algor);
- M_ASN1_OCTET_STRING_free(a->private_key);
- OPENSSL_free(a);
- }
-
-#endif /* NO_RC4 */
-
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/src/lib/libcrypto/asn1/nsseq.c b/src/lib/libcrypto/asn1/nsseq.c
deleted file mode 100644
index 6e7f09ba23..0000000000
--- a/src/lib/libcrypto/asn1/nsseq.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* nsseq.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-
-/* Netscape certificate sequence structure */
-
-int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp)
-{
- int v = 0;
- M_ASN1_I2D_vars(a);
- M_ASN1_I2D_len (a->type, i2d_ASN1_OBJECT);
- M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0,
- V_ASN1_SEQUENCE,v);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->type, i2d_ASN1_OBJECT);
- M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0,
- V_ASN1_SEQUENCE,v);
-
- M_ASN1_I2D_finish();
-}
-
-NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void)
-{
- NETSCAPE_CERT_SEQUENCE *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, NETSCAPE_CERT_SEQUENCE);
- /* Note hardcoded object type */
- ret->type = OBJ_nid2obj(NID_netscape_cert_sequence);
- ret->certs = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW);
-}
-
-NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a,
- unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,NETSCAPE_CERT_SEQUENCE *,
- NETSCAPE_CERT_SEQUENCE_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->type, d2i_ASN1_OBJECT);
- M_ASN1_D2I_get_EXP_set_opt_type(X509,ret->certs,d2i_X509,X509_free,0,
- V_ASN1_SEQUENCE);
- M_ASN1_D2I_Finish(a, NETSCAPE_CERT_SEQUENCE_free,
- ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE);
-}
-
-void NETSCAPE_CERT_SEQUENCE_free (NETSCAPE_CERT_SEQUENCE *a)
-{
- if (a == NULL) return;
- ASN1_OBJECT_free(a->type);
- if(a->certs)
- sk_X509_pop_free(a->certs, X509_free);
- OPENSSL_free (a);
-}
diff --git a/src/lib/libcrypto/asn1/p5_pbe.c b/src/lib/libcrypto/asn1/p5_pbe.c
deleted file mode 100644
index b7ed538eb2..0000000000
--- a/src/lib/libcrypto/asn1/p5_pbe.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* p5_pbe.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-
-/* PKCS#5 password based encryption structure */
-
-int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
- M_ASN1_I2D_len (a->salt, i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER);
-
- M_ASN1_I2D_seq_total ();
-
- M_ASN1_I2D_put (a->salt, i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER);
- M_ASN1_I2D_finish();
-}
-
-PBEPARAM *PBEPARAM_new(void)
-{
- PBEPARAM *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, PBEPARAM);
- M_ASN1_New(ret->iter,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->salt,M_ASN1_OCTET_STRING_new);
- return (ret);
- M_ASN1_New_Error(ASN1_F_PBEPARAM_NEW);
-}
-
-PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,PBEPARAM *,PBEPARAM_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->salt, d2i_ASN1_OCTET_STRING);
- M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER);
- M_ASN1_D2I_Finish(a, PBEPARAM_free, ASN1_F_D2I_PBEPARAM);
-}
-
-void PBEPARAM_free (PBEPARAM *a)
-{
- if(a==NULL) return;
- M_ASN1_OCTET_STRING_free(a->salt);
- M_ASN1_INTEGER_free (a->iter);
- OPENSSL_free (a);
-}
-
-/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
-
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
- int saltlen)
-{
- PBEPARAM *pbe;
- ASN1_OBJECT *al;
- X509_ALGOR *algor;
- ASN1_TYPE *astype;
-
- if (!(pbe = PBEPARAM_new ())) {
- ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
- ASN1_INTEGER_set (pbe->iter, iter);
- if (!saltlen) saltlen = PKCS5_SALT_LEN;
- if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) {
- ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- pbe->salt->length = saltlen;
- if (salt) memcpy (pbe->salt->data, salt, saltlen);
- else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0)
- return NULL;
-
- if (!(astype = ASN1_TYPE_new())) {
- ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- astype->type = V_ASN1_SEQUENCE;
- if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) {
- ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- PBEPARAM_free (pbe);
-
- al = OBJ_nid2obj(alg); /* never need to free al */
- if (!(algor = X509_ALGOR_new())) {
- ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- ASN1_OBJECT_free(algor->algorithm);
- algor->algorithm = al;
- algor->parameter = astype;
-
- return (algor);
-}
diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c
deleted file mode 100644
index 6a7b578c0e..0000000000
--- a/src/lib/libcrypto/asn1/p5_pbev2.c
+++ /dev/null
@@ -1,282 +0,0 @@
-/* p5_pbev2.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-
-/* PKCS#5 v2.0 password based encryption structures */
-
-int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
- M_ASN1_I2D_len (a->keyfunc, i2d_X509_ALGOR);
- M_ASN1_I2D_len (a->encryption, i2d_X509_ALGOR);
-
- M_ASN1_I2D_seq_total ();
-
- M_ASN1_I2D_put (a->keyfunc, i2d_X509_ALGOR);
- M_ASN1_I2D_put (a->encryption, i2d_X509_ALGOR);
-
- M_ASN1_I2D_finish();
-}
-
-PBE2PARAM *PBE2PARAM_new(void)
-{
- PBE2PARAM *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, PBE2PARAM);
- M_ASN1_New(ret->keyfunc,X509_ALGOR_new);
- M_ASN1_New(ret->encryption,X509_ALGOR_new);
- return (ret);
- M_ASN1_New_Error(ASN1_F_PBE2PARAM_NEW);
-}
-
-PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,PBE2PARAM *,PBE2PARAM_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->keyfunc, d2i_X509_ALGOR);
- M_ASN1_D2I_get (ret->encryption, d2i_X509_ALGOR);
- M_ASN1_D2I_Finish(a, PBE2PARAM_free, ASN1_F_D2I_PBE2PARAM);
-}
-
-void PBE2PARAM_free (PBE2PARAM *a)
-{
- if(a==NULL) return;
- X509_ALGOR_free(a->keyfunc);
- X509_ALGOR_free(a->encryption);
- OPENSSL_free (a);
-}
-
-int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
- M_ASN1_I2D_len (a->salt, i2d_ASN1_TYPE);
- M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len (a->keylength, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len (a->prf, i2d_X509_ALGOR);
-
- M_ASN1_I2D_seq_total ();
-
- M_ASN1_I2D_put (a->salt, i2d_ASN1_TYPE);
- M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put (a->keylength, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put (a->prf, i2d_X509_ALGOR);
-
- M_ASN1_I2D_finish();
-}
-
-PBKDF2PARAM *PBKDF2PARAM_new(void)
-{
- PBKDF2PARAM *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, PBKDF2PARAM);
- M_ASN1_New(ret->salt, ASN1_TYPE_new);
- M_ASN1_New(ret->iter, M_ASN1_INTEGER_new);
- ret->keylength = NULL;
- ret->prf = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_PBKDF2PARAM_NEW);
-}
-
-PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp,
- long length)
-{
- M_ASN1_D2I_vars(a,PBKDF2PARAM *,PBKDF2PARAM_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->salt, d2i_ASN1_TYPE);
- M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER);
- M_ASN1_D2I_get_opt (ret->keylength, d2i_ASN1_INTEGER, V_ASN1_INTEGER);
- M_ASN1_D2I_get_opt (ret->prf, d2i_X509_ALGOR, V_ASN1_SEQUENCE);
- M_ASN1_D2I_Finish(a, PBKDF2PARAM_free, ASN1_F_D2I_PBKDF2PARAM);
-}
-
-void PBKDF2PARAM_free (PBKDF2PARAM *a)
-{
- if(a==NULL) return;
- ASN1_TYPE_free(a->salt);
- M_ASN1_INTEGER_free(a->iter);
- M_ASN1_INTEGER_free(a->keylength);
- X509_ALGOR_free(a->prf);
- OPENSSL_free (a);
-}
-
-/* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
- * yes I know this is horrible!
- */
-
-X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
- unsigned char *salt, int saltlen)
-{
- X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
- int alg_nid;
- EVP_CIPHER_CTX ctx;
- unsigned char iv[EVP_MAX_IV_LENGTH];
- PBKDF2PARAM *kdf = NULL;
- PBE2PARAM *pbe2 = NULL;
- ASN1_OCTET_STRING *osalt = NULL;
- ASN1_OBJECT *obj;
-
- alg_nid = EVP_CIPHER_type(cipher);
- if(alg_nid == NID_undef) {
- ASN1err(ASN1_F_PKCS5_PBE2_SET,
- ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
- goto err;
- }
- obj = OBJ_nid2obj(alg_nid);
-
- if(!(pbe2 = PBE2PARAM_new())) goto merr;
-
- /* Setup the AlgorithmIdentifier for the encryption scheme */
- scheme = pbe2->encryption;
-
- scheme->algorithm = obj;
- if(!(scheme->parameter = ASN1_TYPE_new())) goto merr;
-
- /* Create random IV */
- if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
- goto err;
-
- /* Dummy cipherinit to just setup the IV */
- EVP_CipherInit(&ctx, cipher, NULL, iv, 0);
- if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
- ASN1err(ASN1_F_PKCS5_PBE2_SET,
- ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
- goto err;
- }
- EVP_CIPHER_CTX_cleanup(&ctx);
-
- if(!(kdf = PBKDF2PARAM_new())) goto merr;
- if(!(osalt = M_ASN1_OCTET_STRING_new())) goto merr;
-
- if (!saltlen) saltlen = PKCS5_SALT_LEN;
- if (!(osalt->data = OPENSSL_malloc (saltlen))) goto merr;
- osalt->length = saltlen;
- if (salt) memcpy (osalt->data, salt, saltlen);
- else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr;
-
- if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
- if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;
-
- /* Now include salt in kdf structure */
- kdf->salt->value.octet_string = osalt;
- kdf->salt->type = V_ASN1_OCTET_STRING;
- osalt = NULL;
-
- /* If its RC2 then we'd better setup the key length */
-
- if(alg_nid == NID_rc2_cbc) {
- if(!(kdf->keylength = M_ASN1_INTEGER_new())) goto merr;
- if(!ASN1_INTEGER_set (kdf->keylength,
- EVP_CIPHER_key_length(cipher))) goto merr;
- }
-
- /* prf can stay NULL because we are using hmacWithSHA1 */
-
- /* Now setup the PBE2PARAM keyfunc structure */
-
- pbe2->keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
-
- /* Encode PBKDF2PARAM into parameter of pbe2 */
-
- if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr;
-
- if(!ASN1_pack_string(kdf, i2d_PBKDF2PARAM,
- &pbe2->keyfunc->parameter->value.sequence)) goto merr;
- pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE;
-
- PBKDF2PARAM_free(kdf);
- kdf = NULL;
-
- /* Now set up top level AlgorithmIdentifier */
-
- if(!(ret = X509_ALGOR_new())) goto merr;
- if(!(ret->parameter = ASN1_TYPE_new())) goto merr;
-
- ret->algorithm = OBJ_nid2obj(NID_pbes2);
-
- /* Encode PBE2PARAM into parameter */
-
- if(!ASN1_pack_string(pbe2, i2d_PBE2PARAM,
- &ret->parameter->value.sequence)) goto merr;
- ret->parameter->type = V_ASN1_SEQUENCE;
-
- PBE2PARAM_free(pbe2);
- pbe2 = NULL;
-
- return ret;
-
- merr:
- ASN1err(ASN1_F_PKCS5_PBE2_SET,ERR_R_MALLOC_FAILURE);
-
- err:
- PBE2PARAM_free(pbe2);
- /* Note 'scheme' is freed as part of pbe2 */
- M_ASN1_OCTET_STRING_free(osalt);
- PBKDF2PARAM_free(kdf);
- X509_ALGOR_free(kalg);
- X509_ALGOR_free(ret);
-
- return NULL;
-
-}
diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c
deleted file mode 100644
index fa6cbfb6f8..0000000000
--- a/src/lib/libcrypto/asn1/p8_pkey.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* p8_pkey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS8_PRIV_KEY_INFO (PKCS8_PRIV_KEY_INFO *a, unsigned char **pp)
-{
-
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len (a->pkeyalg, i2d_X509_ALGOR);
- M_ASN1_I2D_len (a->pkey, i2d_ASN1_TYPE);
- M_ASN1_I2D_len_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,
- i2d_X509_ATTRIBUTE, 0);
-
- M_ASN1_I2D_seq_total ();
-
- M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put (a->pkeyalg, i2d_X509_ALGOR);
- M_ASN1_I2D_put (a->pkey, i2d_ASN1_TYPE);
- M_ASN1_I2D_put_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,
- i2d_X509_ATTRIBUTE, 0);
-
- M_ASN1_I2D_finish();
-}
-
-PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void)
-{
- PKCS8_PRIV_KEY_INFO *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, PKCS8_PRIV_KEY_INFO);
- M_ASN1_New (ret->version, M_ASN1_INTEGER_new);
- M_ASN1_New (ret->pkeyalg, X509_ALGOR_new);
- M_ASN1_New (ret->pkey, ASN1_TYPE_new);
- ret->attributes = NULL;
- ret->broken = PKCS8_OK;
- return (ret);
- M_ASN1_New_Error(ASN1_F_PKCS8_PRIV_KEY_INFO_NEW);
-}
-
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a,
- unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,PKCS8_PRIV_KEY_INFO *,PKCS8_PRIV_KEY_INFO_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
- M_ASN1_D2I_get (ret->pkeyalg, d2i_X509_ALGOR);
- M_ASN1_D2I_get (ret->pkey, d2i_ASN1_TYPE);
- M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE, ret->attributes,
- d2i_X509_ATTRIBUTE,
- X509_ATTRIBUTE_free, 0);
- M_ASN1_D2I_Finish(a, PKCS8_PRIV_KEY_INFO_free, ASN1_F_D2I_PKCS8_PRIV_KEY_INFO);
-}
-
-void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a)
-{
- if (a == NULL) return;
- M_ASN1_INTEGER_free (a->version);
- X509_ALGOR_free(a->pkeyalg);
- /* Clear sensitive data */
- if (a->pkey->value.octet_string)
- memset (a->pkey->value.octet_string->data,
- 0, a->pkey->value.octet_string->length);
- ASN1_TYPE_free (a->pkey);
- sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free);
- OPENSSL_free (a);
-}
diff --git a/src/lib/libcrypto/asn1/t_bitst.c b/src/lib/libcrypto/asn1/t_bitst.c
deleted file mode 100644
index 8ee789f082..0000000000
--- a/src/lib/libcrypto/asn1/t_bitst.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* t_bitst.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
- BIT_STRING_BITNAME *tbl, int indent)
-{
- BIT_STRING_BITNAME *bnam;
- char first = 1;
- BIO_printf(out, "%*s", indent, "");
- for(bnam = tbl; bnam->lname; bnam++) {
- if(ASN1_BIT_STRING_get_bit(bs, bnam->bitnum)) {
- if(!first) BIO_puts(out, ", ");
- BIO_puts(out, bnam->lname);
- first = 0;
- }
- }
- BIO_puts(out, "\n");
- return 1;
-}
-
-int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
- BIT_STRING_BITNAME *tbl)
-{
- int bitnum;
- bitnum = ASN1_BIT_STRING_num_asc(name, tbl);
- if(bitnum < 0) return 0;
- if(bs) ASN1_BIT_STRING_set_bit(bs, bitnum, value);
- return 1;
-}
-
-int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl)
-{
- BIT_STRING_BITNAME *bnam;
- for(bnam = tbl; bnam->lname; bnam++) {
- if(!strcmp(bnam->sname, name) ||
- !strcmp(bnam->lname, name) ) return bnam->bitnum;
- }
- return -1;
-}
diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c
deleted file mode 100644
index d78e4a8f88..0000000000
--- a/src/lib/libcrypto/asn1/t_crl.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* t_crl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static void ext_print(BIO *out, X509_EXTENSION *ex);
-#ifndef NO_FP_API
-int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=X509_CRL_print(b, x);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int X509_CRL_print(BIO *out, X509_CRL *x)
-{
- char buf[256];
- unsigned char *s;
- STACK_OF(X509_REVOKED) *rev;
- X509_REVOKED *r;
- long l;
- int i, j, n;
-
- BIO_printf(out, "Certificate Revocation List (CRL):\n");
- l = X509_CRL_get_version(x);
- BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l+1, l);
- i = OBJ_obj2nid(x->sig_alg->algorithm);
- BIO_printf(out, "%8sSignature Algorithm: %s\n", "",
- (i == NID_undef) ? "NONE" : OBJ_nid2ln(i));
- X509_NAME_oneline(X509_CRL_get_issuer(x),buf,256);
- BIO_printf(out,"%8sIssuer: %s\n","",buf);
- BIO_printf(out,"%8sLast Update: ","");
- ASN1_TIME_print(out,X509_CRL_get_lastUpdate(x));
- BIO_printf(out,"\n%8sNext Update: ","");
- if (X509_CRL_get_nextUpdate(x))
- ASN1_TIME_print(out,X509_CRL_get_nextUpdate(x));
- else BIO_printf(out,"NONE");
- BIO_printf(out,"\n");
-
- n=X509_CRL_get_ext_count(x);
- if (n > 0) {
- BIO_printf(out,"%8sCRL extensions:\n","");
- for (i=0; i<n; i++) ext_print(out, X509_CRL_get_ext(x, i));
- }
-
-
- rev = X509_CRL_get_REVOKED(x);
-
- if(sk_X509_REVOKED_num(rev))
- BIO_printf(out, "Revoked Certificates:\n");
- else BIO_printf(out, "No Revoked Certificates.\n");
-
- for(i = 0; i < sk_X509_REVOKED_num(rev); i++) {
- r = sk_X509_REVOKED_value(rev, i);
- BIO_printf(out," Serial Number: ");
- i2a_ASN1_INTEGER(out,r->serialNumber);
- BIO_printf(out,"\n Revocation Date: ","");
- ASN1_TIME_print(out,r->revocationDate);
- BIO_printf(out,"\n");
- for(j = 0; j < X509_REVOKED_get_ext_count(r); j++)
- ext_print(out, X509_REVOKED_get_ext(r, j));
- }
-
- i=OBJ_obj2nid(x->sig_alg->algorithm);
- BIO_printf(out," Signature Algorithm: %s",
- (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
-
- s = x->signature->data;
- n = x->signature->length;
- for (i=0; i<n; i++, s++)
- {
- if ((i%18) == 0) BIO_write(out,"\n ",9);
- BIO_printf(out,"%02x%s",*s, ((i+1) == n)?"":":");
- }
- BIO_write(out,"\n",1);
-
- return 1;
-
-}
-
-static void ext_print(BIO *out, X509_EXTENSION *ex)
-{
- ASN1_OBJECT *obj;
- int j;
- BIO_printf(out,"%12s","");
- obj=X509_EXTENSION_get_object(ex);
- i2a_ASN1_OBJECT(out,obj);
- j=X509_EXTENSION_get_critical(ex);
- BIO_printf(out, ": %s\n", j ? "critical":"","");
- if(!X509V3_EXT_print(out, ex, 0, 16)) {
- BIO_printf(out, "%16s", "");
- M_ASN1_OCTET_STRING_print(out,ex->value);
- }
- BIO_write(out,"\n",1);
-}
diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c
deleted file mode 100644
index ae18da96e3..0000000000
--- a/src/lib/libcrypto/asn1/t_pkey.c
+++ /dev/null
@@ -1,361 +0,0 @@
-/* crypto/asn1/t_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-#ifndef NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-static int print(BIO *fp,const char *str,BIGNUM *num,
- unsigned char *buf,int off);
-#ifndef NO_RSA
-#ifndef NO_FP_API
-int RSA_print_fp(FILE *fp, RSA *x, int off)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=RSA_print(b,x,off);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int RSA_print(BIO *bp, RSA *x, int off)
- {
- char str[128];
- const char *s;
- unsigned char *m=NULL;
- int i,ret=0;
-
- i=RSA_size(x);
- m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
- if (m == NULL)
- {
- RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (off)
- {
- if (off > 128) off=128;
- memset(str,' ',off);
- }
- if (x->d != NULL)
- {
- if (off && (BIO_write(bp,str,off) <= 0)) goto err;
- if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n))
- <= 0) goto err;
- }
-
- if (x->d == NULL)
- sprintf(str,"Modulus (%d bit):",BN_num_bits(x->n));
- else
- strcpy(str,"modulus:");
- if (!print(bp,str,x->n,m,off)) goto err;
- s=(x->d == NULL)?"Exponent:":"publicExponent:";
- if (!print(bp,s,x->e,m,off)) goto err;
- if (!print(bp,"privateExponent:",x->d,m,off)) goto err;
- if (!print(bp,"prime1:",x->p,m,off)) goto err;
- if (!print(bp,"prime2:",x->q,m,off)) goto err;
- if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err;
- if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err;
- if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err;
- ret=1;
-err:
- if (m != NULL) OPENSSL_free(m);
- return(ret);
- }
-#endif /* NO_RSA */
-
-#ifndef NO_DSA
-#ifndef NO_FP_API
-int DSA_print_fp(FILE *fp, DSA *x, int off)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- DSAerr(DSA_F_DSA_PRINT_FP,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=DSA_print(b,x,off);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int DSA_print(BIO *bp, DSA *x, int off)
- {
- char str[128];
- unsigned char *m=NULL;
- int i,ret=0;
- BIGNUM *bn=NULL;
-
- if (x->p != NULL)
- bn=x->p;
- else if (x->priv_key != NULL)
- bn=x->priv_key;
- else if (x->pub_key != NULL)
- bn=x->pub_key;
-
- /* larger than needed but what the hell :-) */
- if (bn != NULL)
- i=BN_num_bytes(bn)*2;
- else
- i=256;
- m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
- if (m == NULL)
- {
- DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (off)
- {
- if (off > 128) off=128;
- memset(str,' ',off);
- }
- if (x->priv_key != NULL)
- {
- if (off && (BIO_write(bp,str,off) <= 0)) goto err;
- if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p))
- <= 0) goto err;
- }
-
- if ((x->priv_key != NULL) && !print(bp,"priv:",x->priv_key,m,off))
- goto err;
- if ((x->pub_key != NULL) && !print(bp,"pub: ",x->pub_key,m,off))
- goto err;
- if ((x->p != NULL) && !print(bp,"P: ",x->p,m,off)) goto err;
- if ((x->q != NULL) && !print(bp,"Q: ",x->q,m,off)) goto err;
- if ((x->g != NULL) && !print(bp,"G: ",x->g,m,off)) goto err;
- ret=1;
-err:
- if (m != NULL) OPENSSL_free(m);
- return(ret);
- }
-#endif /* !NO_DSA */
-
-static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf,
- int off)
- {
- int n,i;
- char str[128];
- const char *neg;
-
- if (num == NULL) return(1);
- neg=(num->neg)?"-":"";
- if (off)
- {
- if (off > 128) off=128;
- memset(str,' ',off);
- if (BIO_write(bp,str,off) <= 0) return(0);
- }
-
- if (BN_num_bytes(num) <= BN_BYTES)
- {
- if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg,
- (unsigned long)num->d[0],neg,(unsigned long)num->d[0])
- <= 0) return(0);
- }
- else
- {
- buf[0]=0;
- if (BIO_printf(bp,"%s%s",number,
- (neg[0] == '-')?" (Negative)":"") <= 0)
- return(0);
- n=BN_bn2bin(num,&buf[1]);
-
- if (buf[1] & 0x80)
- n++;
- else buf++;
-
- for (i=0; i<n; i++)
- {
- if ((i%15) == 0)
- {
- str[0]='\n';
- memset(&(str[1]),' ',off+4);
- if (BIO_write(bp,str,off+1+4) <= 0) return(0);
- }
- if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":")
- <= 0) return(0);
- }
- if (BIO_write(bp,"\n",1) <= 0) return(0);
- }
- return(1);
- }
-
-#ifndef NO_DH
-#ifndef NO_FP_API
-int DHparams_print_fp(FILE *fp, DH *x)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=DHparams_print(b, x);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int DHparams_print(BIO *bp, DH *x)
- {
- unsigned char *m=NULL;
- int reason=ERR_R_BUF_LIB,i,ret=0;
-
- i=BN_num_bytes(x->p);
- m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
- if (m == NULL)
- {
- reason=ERR_R_MALLOC_FAILURE;
- goto err;
- }
-
- if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n",
- BN_num_bits(x->p)) <= 0)
- goto err;
- if (!print(bp,"prime:",x->p,m,4)) goto err;
- if (!print(bp,"generator:",x->g,m,4)) goto err;
- if (x->length != 0)
- {
- if (BIO_printf(bp," recommended-private-length: %d bits\n",
- (int)x->length) <= 0) goto err;
- }
- ret=1;
- if (0)
- {
-err:
- DHerr(DH_F_DHPARAMS_PRINT,reason);
- }
- if (m != NULL) OPENSSL_free(m);
- return(ret);
- }
-#endif
-
-#ifndef NO_DSA
-#ifndef NO_FP_API
-int DSAparams_print_fp(FILE *fp, DSA *x)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=DSAparams_print(b, x);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int DSAparams_print(BIO *bp, DSA *x)
- {
- unsigned char *m=NULL;
- int reason=ERR_R_BUF_LIB,i,ret=0;
-
- i=BN_num_bytes(x->p);
- m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
- if (m == NULL)
- {
- reason=ERR_R_MALLOC_FAILURE;
- goto err;
- }
-
- if (BIO_printf(bp,"DSA-Parameters: (%d bit)\n",
- BN_num_bits(x->p)) <= 0)
- goto err;
- if (!print(bp,"p:",x->p,m,4)) goto err;
- if (!print(bp,"q:",x->q,m,4)) goto err;
- if (!print(bp,"g:",x->g,m,4)) goto err;
- ret=1;
-err:
- if (m != NULL) OPENSSL_free(m);
- DSAerr(DSA_F_DSAPARAMS_PRINT,reason);
- return(ret);
- }
-
-#endif /* !NO_DSA */
-
diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c
deleted file mode 100644
index ea1af092db..0000000000
--- a/src/lib/libcrypto/asn1/t_req.c
+++ /dev/null
@@ -1,254 +0,0 @@
-/* crypto/asn1/t_req.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#ifndef NO_FP_API
-int X509_REQ_print_fp(FILE *fp, X509_REQ *x)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- X509err(X509_F_X509_REQ_PRINT_FP,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=X509_REQ_print(b, x);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int X509_REQ_print(BIO *bp, X509_REQ *x)
- {
- unsigned long l;
- int i,n;
- char *s;
- const char *neg;
- X509_REQ_INFO *ri;
- EVP_PKEY *pkey;
- STACK_OF(X509_ATTRIBUTE) *sk;
- STACK_OF(X509_EXTENSION) *exts;
- char str[128];
-
- ri=x->req_info;
- sprintf(str,"Certificate Request:\n");
- if (BIO_puts(bp,str) <= 0) goto err;
- sprintf(str,"%4sData:\n","");
- if (BIO_puts(bp,str) <= 0) goto err;
-
- neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":"";
- l=0;
- for (i=0; i<ri->version->length; i++)
- { l<<=8; l+=ri->version->data[i]; }
- sprintf(str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,l);
- if (BIO_puts(bp,str) <= 0) goto err;
- sprintf(str,"%8sSubject: ","");
- if (BIO_puts(bp,str) <= 0) goto err;
-
- X509_NAME_print(bp,ri->subject,16);
- sprintf(str,"\n%8sSubject Public Key Info:\n","");
- if (BIO_puts(bp,str) <= 0) goto err;
- i=OBJ_obj2nid(ri->pubkey->algor->algorithm);
- sprintf(str,"%12sPublic Key Algorithm: %s\n","",
- (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
- if (BIO_puts(bp,str) <= 0) goto err;
-
- pkey=X509_REQ_get_pubkey(x);
-#ifndef NO_RSA
- if (pkey != NULL && pkey->type == EVP_PKEY_RSA)
- {
- BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
- BN_num_bits(pkey->pkey.rsa->n));
- RSA_print(bp,pkey->pkey.rsa,16);
- }
- else
-#endif
-#ifndef NO_DSA
- if (pkey != NULL && pkey->type == EVP_PKEY_DSA)
- {
- BIO_printf(bp,"%12sDSA Public Key:\n","");
- DSA_print(bp,pkey->pkey.dsa,16);
- }
- else
-#endif
- BIO_printf(bp,"%12sUnknown Public Key:\n","");
-
- if (pkey != NULL)
- EVP_PKEY_free(pkey);
-
- /* may not be */
- sprintf(str,"%8sAttributes:\n","");
- if (BIO_puts(bp,str) <= 0) goto err;
-
- sk=x->req_info->attributes;
- if ((sk == NULL) || (sk_X509_ATTRIBUTE_num(sk) == 0))
- {
- if (!x->req_info->req_kludge)
- {
- sprintf(str,"%12sa0:00\n","");
- if (BIO_puts(bp,str) <= 0) goto err;
- }
- }
- else
- {
- for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
- {
- ASN1_TYPE *at;
- X509_ATTRIBUTE *a;
- ASN1_BIT_STRING *bs=NULL;
- ASN1_TYPE *t;
- int j,type=0,count=1,ii=0;
-
- a=sk_X509_ATTRIBUTE_value(sk,i);
- if(X509_REQ_extension_nid(OBJ_obj2nid(a->object)))
- continue;
- sprintf(str,"%12s","");
- if (BIO_puts(bp,str) <= 0) goto err;
- if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0)
- {
- if (a->set)
- {
- ii=0;
- count=sk_ASN1_TYPE_num(a->value.set);
-get_next:
- at=sk_ASN1_TYPE_value(a->value.set,ii);
- type=at->type;
- bs=at->value.asn1_string;
- }
- else
- {
- t=a->value.single;
- type=t->type;
- bs=t->value.bit_string;
- }
- }
- for (j=25-j; j>0; j--)
- if (BIO_write(bp," ",1) != 1) goto err;
- if (BIO_puts(bp,":") <= 0) goto err;
- if ( (type == V_ASN1_PRINTABLESTRING) ||
- (type == V_ASN1_T61STRING) ||
- (type == V_ASN1_IA5STRING))
- {
- if (BIO_write(bp,(char *)bs->data,bs->length)
- != bs->length)
- goto err;
- BIO_puts(bp,"\n");
- }
- else
- {
- BIO_puts(bp,"unable to print attribute\n");
- }
- if (++ii < count) goto get_next;
- }
- }
-
- exts = X509_REQ_get_extensions(x);
- if(exts) {
- BIO_printf(bp,"%8sRequested Extensions:\n","");
- for (i=0; i<sk_X509_EXTENSION_num(exts); i++) {
- ASN1_OBJECT *obj;
- X509_EXTENSION *ex;
- int j;
- ex=sk_X509_EXTENSION_value(exts, i);
- if (BIO_printf(bp,"%12s","") <= 0) goto err;
- obj=X509_EXTENSION_get_object(ex);
- i2a_ASN1_OBJECT(bp,obj);
- j=X509_EXTENSION_get_critical(ex);
- if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
- goto err;
- if(!X509V3_EXT_print(bp, ex, 0, 16)) {
- BIO_printf(bp, "%16s", "");
- M_ASN1_OCTET_STRING_print(bp,ex->value);
- }
- if (BIO_write(bp,"\n",1) <= 0) goto err;
- }
- sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
- }
-
- i=OBJ_obj2nid(x->sig_alg->algorithm);
- sprintf(str,"%4sSignature Algorithm: %s","",
- (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
- if (BIO_puts(bp,str) <= 0) goto err;
-
- n=x->signature->length;
- s=(char *)x->signature->data;
- for (i=0; i<n; i++)
- {
- if ((i%18) == 0)
- {
- sprintf(str,"\n%8s","");
- if (BIO_puts(bp,str) <= 0) goto err;
- }
- sprintf(str,"%02x%s",(unsigned char)s[i],((i+1) == n)?"":":");
- if (BIO_puts(bp,str) <= 0) goto err;
- }
- if (BIO_puts(bp,"\n") <= 0) goto err;
- return(1);
-err:
- X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB);
- return(0);
- }
diff --git a/src/lib/libcrypto/asn1/t_spki.c b/src/lib/libcrypto/asn1/t_spki.c
deleted file mode 100644
index d708434fca..0000000000
--- a/src/lib/libcrypto/asn1/t_spki.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/* t_spki.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/asn1_mac.h>
-
-/* Print out an SPKI */
-
-int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
-{
- EVP_PKEY *pkey;
- ASN1_IA5STRING *chal;
- int i, n;
- char *s;
- BIO_printf(out, "Netscape SPKI:\n");
- i=OBJ_obj2nid(spki->spkac->pubkey->algor->algorithm);
- BIO_printf(out," Public Key Algorithm: %s\n",
- (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
- pkey = X509_PUBKEY_get(spki->spkac->pubkey);
- if(!pkey) BIO_printf(out, " Unable to load public key\n");
- else {
-#ifndef NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
- {
- BIO_printf(out," RSA Public Key: (%d bit)\n",
- BN_num_bits(pkey->pkey.rsa->n));
- RSA_print(out,pkey->pkey.rsa,2);
- }
- else
-#endif
-#ifndef NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- {
- BIO_printf(out," DSA Public Key:\n");
- DSA_print(out,pkey->pkey.dsa,2);
- }
- else
-#endif
- BIO_printf(out," Unknown Public Key:\n");
- EVP_PKEY_free(pkey);
- }
- chal = spki->spkac->challenge;
- if(chal->length)
- BIO_printf(out, " Challenge String: %s\n", chal->data);
- i=OBJ_obj2nid(spki->sig_algor->algorithm);
- BIO_printf(out," Signature Algorithm: %s",
- (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
-
- n=spki->signature->length;
- s=(char *)spki->signature->data;
- for (i=0; i<n; i++)
- {
- if ((i%18) == 0) BIO_write(out,"\n ",7);
- BIO_printf(out,"%02x%s",(unsigned char)s[i],
- ((i+1) == n)?"":":");
- }
- BIO_write(out,"\n",1);
- return 1;
-}
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c
deleted file mode 100644
index 89ae73a6de..0000000000
--- a/src/lib/libcrypto/asn1/t_x509.c
+++ /dev/null
@@ -1,411 +0,0 @@
-/* crypto/asn1/t_x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-#ifndef NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef NO_DSA
-#include <openssl/dsa.h>
-#endif
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#ifndef NO_FP_API
-int X509_print_fp(FILE *fp, X509 *x)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=X509_print(b, x);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int X509_print(BIO *bp, X509 *x)
- {
- long l;
- int ret=0,i,j,n;
- char *m=NULL,*s;
- X509_CINF *ci;
- ASN1_INTEGER *bs;
- EVP_PKEY *pkey=NULL;
- const char *neg;
- X509_EXTENSION *ex;
- ASN1_STRING *str=NULL;
-
- ci=x->cert_info;
- if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
- if (BIO_write(bp," Data:\n",10) <= 0) goto err;
- l=X509_get_version(x);
- if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
- if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
-
- bs=X509_get_serialNumber(x);
- if (bs->length <= 4)
- {
- l=ASN1_INTEGER_get(bs);
- if (l < 0)
- {
- l= -l;
- neg="-";
- }
- else
- neg="";
- if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
- goto err;
- }
- else
- {
- neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
- if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
-
- for (i=0; i<bs->length; i++)
- {
- if (BIO_printf(bp,"%02x%c",bs->data[i],
- ((i+1 == bs->length)?'\n':':')) <= 0)
- goto err;
- }
- }
-
- i=OBJ_obj2nid(ci->signature->algorithm);
- if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",
- (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
- goto err;
-
- if (BIO_write(bp," Issuer: ",16) <= 0) goto err;
- if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err;
- if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err;
- if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
- if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
- if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
- if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
- if (BIO_write(bp,"\n Subject: ",18) <= 0) goto err;
- if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err;
- if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0)
- goto err;
- i=OBJ_obj2nid(ci->key->algor->algorithm);
- if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
- (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
-
- pkey=X509_get_pubkey(x);
- if (pkey == NULL)
- {
- BIO_printf(bp,"%12sUnable to load Public Key\n","");
- ERR_print_errors(bp);
- }
- else
-#ifndef NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
- {
- BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
- BN_num_bits(pkey->pkey.rsa->n));
- RSA_print(bp,pkey->pkey.rsa,16);
- }
- else
-#endif
-#ifndef NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- {
- BIO_printf(bp,"%12sDSA Public Key:\n","");
- DSA_print(bp,pkey->pkey.dsa,16);
- }
- else
-#endif
- BIO_printf(bp,"%12sUnknown Public Key:\n","");
-
- EVP_PKEY_free(pkey);
-
- n=X509_get_ext_count(x);
- if (n > 0)
- {
- BIO_printf(bp,"%8sX509v3 extensions:\n","");
- for (i=0; i<n; i++)
- {
- ASN1_OBJECT *obj;
- ex=X509_get_ext(x,i);
- if (BIO_printf(bp,"%12s","") <= 0) goto err;
- obj=X509_EXTENSION_get_object(ex);
- i2a_ASN1_OBJECT(bp,obj);
- j=X509_EXTENSION_get_critical(ex);
- if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
- goto err;
- if(!X509V3_EXT_print(bp, ex, 0, 16))
- {
- BIO_printf(bp, "%16s", "");
- M_ASN1_OCTET_STRING_print(bp,ex->value);
- }
- if (BIO_write(bp,"\n",1) <= 0) goto err;
- }
- }
-
- i=OBJ_obj2nid(x->sig_alg->algorithm);
- if (BIO_printf(bp,"%4sSignature Algorithm: %s","",
- (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
-
- n=x->signature->length;
- s=(char *)x->signature->data;
- for (i=0; i<n; i++)
- {
- if ((i%18) == 0)
- if (BIO_write(bp,"\n ",9) <= 0) goto err;
- if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
- ((i+1) == n)?"":":") <= 0) goto err;
- }
- if (BIO_write(bp,"\n",1) != 1) goto err;
- if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
- ret=1;
-err:
- if (str != NULL) ASN1_STRING_free(str);
- if (m != NULL) OPENSSL_free(m);
- return(ret);
- }
-
-int ASN1_STRING_print(BIO *bp, ASN1_STRING *v)
- {
- int i,n;
- char buf[80],*p;;
-
- if (v == NULL) return(0);
- n=0;
- p=(char *)v->data;
- for (i=0; i<v->length; i++)
- {
- if ((p[i] > '~') || ((p[i] < ' ') &&
- (p[i] != '\n') && (p[i] != '\r')))
- buf[n]='.';
- else
- buf[n]=p[i];
- n++;
- if (n >= 80)
- {
- if (BIO_write(bp,buf,n) <= 0)
- return(0);
- n=0;
- }
- }
- if (n > 0)
- if (BIO_write(bp,buf,n) <= 0)
- return(0);
- return(1);
- }
-
-int ASN1_TIME_print(BIO *bp, ASN1_TIME *tm)
-{
- if(tm->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_print(bp, tm);
- if(tm->type == V_ASN1_GENERALIZEDTIME)
- return ASN1_GENERALIZEDTIME_print(bp, tm);
- BIO_write(bp,"Bad time value",14);
- return(0);
-}
-
-static const char *mon[12]=
- {
- "Jan","Feb","Mar","Apr","May","Jun",
- "Jul","Aug","Sep","Oct","Nov","Dec"
- };
-
-int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm)
- {
- char *v;
- int gmt=0;
- int i;
- int y=0,M=0,d=0,h=0,m=0,s=0;
-
- i=tm->length;
- v=(char *)tm->data;
-
- if (i < 12) goto err;
- if (v[i-1] == 'Z') gmt=1;
- for (i=0; i<12; i++)
- if ((v[i] > '9') || (v[i] < '0')) goto err;
- y= (v[0]-'0')*1000+(v[1]-'0')*100 + (v[2]-'0')*10+(v[3]-'0');
- M= (v[4]-'0')*10+(v[5]-'0');
- if ((M > 12) || (M < 1)) goto err;
- d= (v[6]-'0')*10+(v[7]-'0');
- h= (v[8]-'0')*10+(v[9]-'0');
- m= (v[10]-'0')*10+(v[11]-'0');
- if ( (v[12] >= '0') && (v[12] <= '9') &&
- (v[13] >= '0') && (v[13] <= '9'))
- s= (v[12]-'0')*10+(v[13]-'0');
-
- if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
- mon[M-1],d,h,m,s,y,(gmt)?" GMT":"") <= 0)
- return(0);
- else
- return(1);
-err:
- BIO_write(bp,"Bad time value",14);
- return(0);
- }
-
-int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm)
- {
- char *v;
- int gmt=0;
- int i;
- int y=0,M=0,d=0,h=0,m=0,s=0;
-
- i=tm->length;
- v=(char *)tm->data;
-
- if (i < 10) goto err;
- if (v[i-1] == 'Z') gmt=1;
- for (i=0; i<10; i++)
- if ((v[i] > '9') || (v[i] < '0')) goto err;
- y= (v[0]-'0')*10+(v[1]-'0');
- if (y < 50) y+=100;
- M= (v[2]-'0')*10+(v[3]-'0');
- if ((M > 12) || (M < 1)) goto err;
- d= (v[4]-'0')*10+(v[5]-'0');
- h= (v[6]-'0')*10+(v[7]-'0');
- m= (v[8]-'0')*10+(v[9]-'0');
- if ( (v[10] >= '0') && (v[10] <= '9') &&
- (v[11] >= '0') && (v[11] <= '9'))
- s= (v[10]-'0')*10+(v[11]-'0');
-
- if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
- mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":"") <= 0)
- return(0);
- else
- return(1);
-err:
- BIO_write(bp,"Bad time value",14);
- return(0);
- }
-
-int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
- {
- char *s,*c;
- int ret=0,l,ll,i,first=1;
- char buf[256];
-
- ll=80-2-obase;
-
- s=X509_NAME_oneline(name,buf,256);
- if (!*s)
- return 1;
- s++; /* skip the first slash */
-
- l=ll;
- c=s;
- for (;;)
- {
-#ifndef CHARSET_EBCDIC
- if ( ((*s == '/') &&
- ((s[1] >= 'A') && (s[1] <= 'Z') && (
- (s[2] == '=') ||
- ((s[2] >= 'A') && (s[2] <= 'Z') &&
- (s[3] == '='))
- ))) ||
- (*s == '\0'))
-#else
- if ( ((*s == '/') &&
- (isupper(s[1]) && (
- (s[2] == '=') ||
- (isupper(s[2]) &&
- (s[3] == '='))
- ))) ||
- (*s == '\0'))
-#endif
- {
- if ((l <= 0) && !first)
- {
- first=0;
- if (BIO_write(bp,"\n",1) != 1) goto err;
- for (i=0; i<obase; i++)
- {
- if (BIO_write(bp," ",1) != 1) goto err;
- }
- l=ll;
- }
- i=s-c;
- if (BIO_write(bp,c,i) != i) goto err;
- c+=i;
- c++;
- if (*s != '\0')
- {
- if (BIO_write(bp,", ",2) != 2) goto err;
- }
- l--;
- }
- if (*s == '\0') break;
- s++;
- l--;
- }
-
- ret=1;
- if (0)
- {
-err:
- X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB);
- }
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/asn1/t_x509a.c b/src/lib/libcrypto/asn1/t_x509a.c
deleted file mode 100644
index f06af5b576..0000000000
--- a/src/lib/libcrypto/asn1/t_x509a.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* t_x509a.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-/* X509_CERT_AUX and string set routines
- */
-
-int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
-{
- char oidstr[80], first;
- int i;
- if(!aux) return 1;
- if(aux->trust) {
- first = 1;
- BIO_printf(out, "%*sTrusted Uses:\n%*s",
- indent, "", indent + 2, "");
- for(i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) {
- if(!first) BIO_puts(out, ", ");
- else first = 0;
- OBJ_obj2txt(oidstr, 80,
- sk_ASN1_OBJECT_value(aux->trust, i), 0);
- BIO_puts(out, oidstr);
- }
- BIO_puts(out, "\n");
- } else BIO_printf(out, "%*sNo Trusted Uses.\n", indent, "");
- if(aux->reject) {
- first = 1;
- BIO_printf(out, "%*sRejected Uses:\n%*s",
- indent, "", indent + 2, "");
- for(i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) {
- if(!first) BIO_puts(out, ", ");
- else first = 0;
- OBJ_obj2txt(oidstr, 80,
- sk_ASN1_OBJECT_value(aux->reject, i), 0);
- BIO_puts(out, oidstr);
- }
- BIO_puts(out, "\n");
- } else BIO_printf(out, "%*sNo Rejected Uses.\n", indent, "");
- if(aux->alias) BIO_printf(out, "%*sAlias: %s\n", indent, "",
- aux->alias->data);
- if(aux->keyid) {
- BIO_printf(out, "%*sKey Id: ", indent, "");
- for(i = 0; i < aux->keyid->length; i++)
- BIO_printf(out, "%s%02X",
- i ? ":" : "",
- aux->keyid->data[i]);
- BIO_write(out,"\n",1);
- }
- return 1;
-}
diff --git a/src/lib/libcrypto/asn1/x_algor.c b/src/lib/libcrypto/asn1/x_algor.c
deleted file mode 100644
index 853a8dfeef..0000000000
--- a/src/lib/libcrypto/asn1/x_algor.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* crypto/asn1/x_algor.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->algorithm,i2d_ASN1_OBJECT);
- if (a->parameter != NULL)
- { M_ASN1_I2D_len(a->parameter,i2d_ASN1_TYPE); }
-
- M_ASN1_I2D_seq_total();
- M_ASN1_I2D_put(a->algorithm,i2d_ASN1_OBJECT);
- if (a->parameter != NULL)
- { M_ASN1_I2D_put(a->parameter,i2d_ASN1_TYPE); }
-
- M_ASN1_I2D_finish();
- }
-
-X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,X509_ALGOR *,X509_ALGOR_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->algorithm,d2i_ASN1_OBJECT);
- if (!M_ASN1_D2I_end_sequence())
- { M_ASN1_D2I_get(ret->parameter,d2i_ASN1_TYPE); }
- else
- {
- ASN1_TYPE_free(ret->parameter);
- ret->parameter=NULL;
- }
- M_ASN1_D2I_Finish(a,X509_ALGOR_free,ASN1_F_D2I_X509_ALGOR);
- }
-
-X509_ALGOR *X509_ALGOR_new(void)
- {
- X509_ALGOR *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_ALGOR);
- ret->algorithm=OBJ_nid2obj(NID_undef);
- ret->parameter=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW);
- }
-
-void X509_ALGOR_free(X509_ALGOR *a)
- {
- if (a == NULL) return;
- ASN1_OBJECT_free(a->algorithm);
- ASN1_TYPE_free(a->parameter);
- OPENSSL_free(a);
- }
-
-IMPLEMENT_STACK_OF(X509_ALGOR)
-IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
diff --git a/src/lib/libcrypto/asn1/x_attrib.c b/src/lib/libcrypto/asn1/x_attrib.c
deleted file mode 100644
index 14e5ea27aa..0000000000
--- a/src/lib/libcrypto/asn1/x_attrib.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/* crypto/asn1/x_attrib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-/* sequence */
-int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a, unsigned char **pp)
- {
- int k=0;
- int r=0,ret=0;
- unsigned char **p=NULL;
-
- if (a == NULL) return(0);
-
- p=NULL;
- for (;;)
- {
- if (k)
- {
- r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
- if (pp == NULL) return(r);
- p=pp;
- ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL);
- }
-
- ret+=i2d_ASN1_OBJECT(a->object,p);
- if (a->set)
- ret+=i2d_ASN1_SET_OF_ASN1_TYPE(a->value.set,p,i2d_ASN1_TYPE,
- V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
- else
- ret+=i2d_ASN1_TYPE(a->value.single,p);
- if (k++) return(r);
- }
- }
-
-X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,X509_ATTRIBUTE *,X509_ATTRIBUTE_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
-
- if ((c.slen != 0) &&
- (M_ASN1_next == (V_ASN1_CONSTRUCTED|V_ASN1_UNIVERSAL|V_ASN1_SET)))
- {
- ret->set=1;
- M_ASN1_D2I_get_set_type(ASN1_TYPE,ret->value.set,d2i_ASN1_TYPE,
- ASN1_TYPE_free);
- }
- else
- {
- ret->set=0;
- M_ASN1_D2I_get(ret->value.single,d2i_ASN1_TYPE);
- }
-
- M_ASN1_D2I_Finish(a,X509_ATTRIBUTE_free,ASN1_F_D2I_X509_ATTRIBUTE);
- }
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
- {
- X509_ATTRIBUTE *ret=NULL;
- ASN1_TYPE *val=NULL;
-
- if ((ret=X509_ATTRIBUTE_new()) == NULL)
- return(NULL);
- ret->object=OBJ_nid2obj(nid);
- ret->set=1;
- if ((ret->value.set=sk_ASN1_TYPE_new_null()) == NULL) goto err;
- if ((val=ASN1_TYPE_new()) == NULL) goto err;
- if (!sk_ASN1_TYPE_push(ret->value.set,val)) goto err;
-
- ASN1_TYPE_set(val,atrtype,value);
- return(ret);
-err:
- if (ret != NULL) X509_ATTRIBUTE_free(ret);
- if (val != NULL) ASN1_TYPE_free(val);
- return(NULL);
- }
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_new(void)
- {
- X509_ATTRIBUTE *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_ATTRIBUTE);
- ret->object=OBJ_nid2obj(NID_undef);
- ret->set=0;
- ret->value.ptr=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_ATTRIBUTE_NEW);
- }
-
-void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a)
- {
- if (a == NULL) return;
- ASN1_OBJECT_free(a->object);
- if (a->set)
- sk_ASN1_TYPE_pop_free(a->value.set,ASN1_TYPE_free);
- else
- ASN1_TYPE_free(a->value.single);
- OPENSSL_free(a);
- }
-
diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c
deleted file mode 100644
index 51518cdf35..0000000000
--- a/src/lib/libcrypto/asn1/x_crl.c
+++ /dev/null
@@ -1,348 +0,0 @@
-/* crypto/asn1/x_crl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
- const X509_REVOKED * const *b);
-static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
- const X509_REVOKED * const *b);
-int i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_TIME);
- M_ASN1_I2D_len_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
- i2d_X509_EXTENSION);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_TIME);
- M_ASN1_I2D_put_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
- i2d_X509_EXTENSION);
-
- M_ASN1_I2D_finish();
- }
-
-X509_REVOKED *d2i_X509_REVOKED(X509_REVOKED **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_TIME);
- M_ASN1_D2I_get_seq_opt_type(X509_EXTENSION,ret->extensions,
- d2i_X509_EXTENSION,X509_EXTENSION_free);
- M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED);
- }
-
-int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp)
- {
- int v1=0;
- long l=0;
- int (*old_cmp)(const X509_REVOKED * const *,
- const X509_REVOKED * const *);
- M_ASN1_I2D_vars(a);
-
- old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp);
- sk_X509_REVOKED_sort(a->revoked);
- sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp);
-
- if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0))
- {
- M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
- }
- M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
- M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_TIME);
- if (a->nextUpdate != NULL)
- { M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_TIME); }
- M_ASN1_I2D_len_SEQUENCE_opt_type(X509_REVOKED,a->revoked,
- i2d_X509_REVOKED);
- M_ASN1_I2D_len_EXP_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
- i2d_X509_EXTENSION,0,
- V_ASN1_SEQUENCE,v1);
-
- M_ASN1_I2D_seq_total();
-
- if ((a->version != NULL) && (l != 0))
- {
- M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
- }
- M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
- M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_TIME);
- if (a->nextUpdate != NULL)
- { M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_TIME); }
- M_ASN1_I2D_put_SEQUENCE_opt_type(X509_REVOKED,a->revoked,
- i2d_X509_REVOKED);
- M_ASN1_I2D_put_EXP_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
- i2d_X509_EXTENSION,0,
- V_ASN1_SEQUENCE,v1);
-
- M_ASN1_I2D_finish();
- }
-
-X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a, unsigned char **pp,
- long length)
- {
- int i,ver=0;
- M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new);
-
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER);
- if (ret->version != NULL)
- ver=ret->version->data[0];
-
- if ((ver == 0) && (ret->version != NULL))
- {
- M_ASN1_INTEGER_free(ret->version);
- ret->version=NULL;
- }
- M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
- M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_TIME);
- /* Manually handle the OPTIONAL ASN1_TIME stuff */
- /* First try UTCTime */
- M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_UTCTIME, V_ASN1_UTCTIME);
- /* If that doesn't work try GeneralizedTime */
- if(!ret->nextUpdate)
- M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_GENERALIZEDTIME,
- V_ASN1_GENERALIZEDTIME);
- if (ret->revoked != NULL)
- {
- while (sk_X509_REVOKED_num(ret->revoked))
- X509_REVOKED_free(sk_X509_REVOKED_pop(ret->revoked));
- }
- M_ASN1_D2I_get_seq_opt_type(X509_REVOKED,ret->revoked,d2i_X509_REVOKED,
- X509_REVOKED_free);
-
- if (ret->revoked != NULL)
- {
- for (i=0; i<sk_X509_REVOKED_num(ret->revoked); i++)
- {
- sk_X509_REVOKED_value(ret->revoked,i)->sequence=i;
- }
- }
-
- if (ret->extensions != NULL)
- {
- while (sk_X509_EXTENSION_num(ret->extensions))
- X509_EXTENSION_free(
- sk_X509_EXTENSION_pop(ret->extensions));
- }
-
- M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION,ret->extensions,
- d2i_X509_EXTENSION,
- X509_EXTENSION_free,0,
- V_ASN1_SEQUENCE);
-
- M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO);
- }
-
-int i2d_X509_CRL(X509_CRL *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO);
- M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO);
- M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-X509_CRL *d2i_X509_CRL(X509_CRL **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO);
- M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
-
- M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL);
- }
-
-
-X509_REVOKED *X509_REVOKED_new(void)
- {
- X509_REVOKED *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_REVOKED);
- M_ASN1_New(ret->serialNumber,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->revocationDate,M_ASN1_UTCTIME_new);
- ret->extensions=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW);
- }
-
-X509_CRL_INFO *X509_CRL_INFO_new(void)
- {
- X509_CRL_INFO *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_CRL_INFO);
- ret->version=NULL;
- M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
- M_ASN1_New(ret->issuer,X509_NAME_new);
- M_ASN1_New(ret->lastUpdate,M_ASN1_UTCTIME_new);
- ret->nextUpdate=NULL;
- M_ASN1_New(ret->revoked,sk_X509_REVOKED_new_null);
- ret->extensions = NULL;
- sk_X509_REVOKED_set_cmp_func(ret->revoked,X509_REVOKED_cmp);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW);
- }
-
-X509_CRL *X509_CRL_new(void)
- {
- X509_CRL *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_CRL);
- ret->references=1;
- M_ASN1_New(ret->crl,X509_CRL_INFO_new);
- M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
- M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_CRL_NEW);
- }
-
-void X509_REVOKED_free(X509_REVOKED *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->serialNumber);
- M_ASN1_UTCTIME_free(a->revocationDate);
- sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free);
- OPENSSL_free(a);
- }
-
-void X509_CRL_INFO_free(X509_CRL_INFO *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- X509_ALGOR_free(a->sig_alg);
- X509_NAME_free(a->issuer);
- M_ASN1_UTCTIME_free(a->lastUpdate);
- if (a->nextUpdate)
- M_ASN1_UTCTIME_free(a->nextUpdate);
- sk_X509_REVOKED_pop_free(a->revoked,X509_REVOKED_free);
- sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free);
- OPENSSL_free(a);
- }
-
-void X509_CRL_free(X509_CRL *a)
- {
- int i;
-
- if (a == NULL) return;
-
- i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL);
-#ifdef REF_PRINT
- REF_PRINT("X509_CRL",a);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"X509_CRL_free, bad reference count\n");
- abort();
- }
-#endif
-
- X509_CRL_INFO_free(a->crl);
- X509_ALGOR_free(a->sig_alg);
- M_ASN1_BIT_STRING_free(a->signature);
- OPENSSL_free(a);
- }
-
-static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
- const X509_REVOKED * const *b)
- {
- return(ASN1_STRING_cmp(
- (ASN1_STRING *)(*a)->serialNumber,
- (ASN1_STRING *)(*b)->serialNumber));
- }
-
-static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
- const X509_REVOKED * const *b)
- {
- return((*a)->sequence-(*b)->sequence);
- }
-
-IMPLEMENT_STACK_OF(X509_REVOKED)
-IMPLEMENT_ASN1_SET_OF(X509_REVOKED)
-IMPLEMENT_STACK_OF(X509_CRL)
-IMPLEMENT_ASN1_SET_OF(X509_CRL)
diff --git a/src/lib/libcrypto/asn1/x_exten.c b/src/lib/libcrypto/asn1/x_exten.c
deleted file mode 100644
index fbfd963b40..0000000000
--- a/src/lib/libcrypto/asn1/x_exten.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* crypto/asn1/x_exten.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_X509_EXTENSION(X509_EXTENSION *a, unsigned char **pp)
- {
- int k=0;
- int r=0,ret=0;
- unsigned char **p=NULL;
-
- if (a == NULL) return(0);
-
- p=NULL;
- for (;;)
- {
- if (k)
- {
- r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
- if (pp == NULL) return(r);
- p=pp;
- ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL);
- }
-
- ret+=i2d_ASN1_OBJECT(a->object,p);
- if ((a->critical) || a->netscape_hack)
- ret+=i2d_ASN1_BOOLEAN(a->critical,p);
- ret+=i2d_ASN1_OCTET_STRING(a->value,p);
- if (k++) return(r);
- }
- }
-
-X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a, unsigned char **pp,
- long length)
- {
- int i;
- M_ASN1_D2I_vars(a,X509_EXTENSION *,X509_EXTENSION_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
-
- ret->netscape_hack=0;
- if ((c.slen != 0) &&
- (M_ASN1_next == (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN)))
- {
- c.q=c.p;
- if (d2i_ASN1_BOOLEAN(&i,&c.p,c.slen) < 0) goto err;
- ret->critical=i;
- c.slen-=(c.p-c.q);
- if (ret->critical == 0) ret->netscape_hack=1;
- }
- M_ASN1_D2I_get(ret->value,d2i_ASN1_OCTET_STRING);
-
- M_ASN1_D2I_Finish(a,X509_EXTENSION_free,ASN1_F_D2I_X509_EXTENSION);
- }
-
-X509_EXTENSION *X509_EXTENSION_new(void)
- {
- X509_EXTENSION *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_EXTENSION);
- ret->object=OBJ_nid2obj(NID_undef);
- M_ASN1_New(ret->value,M_ASN1_OCTET_STRING_new);
- ret->critical=0;
- ret->netscape_hack=0;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_EXTENSION_NEW);
- }
-
-void X509_EXTENSION_free(X509_EXTENSION *a)
- {
- if (a == NULL) return;
- ASN1_OBJECT_free(a->object);
- M_ASN1_OCTET_STRING_free(a->value);
- OPENSSL_free(a);
- }
-
diff --git a/src/lib/libcrypto/asn1/x_info.c b/src/lib/libcrypto/asn1/x_info.c
deleted file mode 100644
index 5e62fc2f6f..0000000000
--- a/src/lib/libcrypto/asn1/x_info.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/* crypto/asn1/x_info.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-X509_INFO *X509_INFO_new(void)
- {
- X509_INFO *ret=NULL;
-
- ret=(X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO));
- if (ret == NULL)
- {
- ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
-
- ret->enc_cipher.cipher=NULL;
- ret->enc_len=0;
- ret->enc_data=NULL;
-
- ret->references=1;
- ret->x509=NULL;
- ret->crl=NULL;
- ret->x_pkey=NULL;
- return(ret);
- }
-
-void X509_INFO_free(X509_INFO *x)
- {
- int i;
-
- if (x == NULL) return;
-
- i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_INFO);
-#ifdef REF_PRINT
- REF_PRINT("X509_INFO",x);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"X509_INFO_free, bad reference count\n");
- abort();
- }
-#endif
-
- if (x->x509 != NULL) X509_free(x->x509);
- if (x->crl != NULL) X509_CRL_free(x->crl);
- if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey);
- if (x->enc_data != NULL) OPENSSL_free(x->enc_data);
- OPENSSL_free(x);
- }
-
-IMPLEMENT_STACK_OF(X509_INFO)
-
diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c
deleted file mode 100644
index 1885d699ef..0000000000
--- a/src/lib/libcrypto/asn1/x_name.c
+++ /dev/null
@@ -1,281 +0,0 @@
-/* crypto/asn1/x_name.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-static int i2d_X509_NAME_entries(X509_NAME *a);
-int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->object,i2d_ASN1_OBJECT);
- M_ASN1_I2D_len(a->value,i2d_ASN1_PRINTABLE);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->object,i2d_ASN1_OBJECT);
- M_ASN1_I2D_put(a->value,i2d_ASN1_PRINTABLE);
-
- M_ASN1_I2D_finish();
- }
-
-X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,X509_NAME_ENTRY *,X509_NAME_ENTRY_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
- M_ASN1_D2I_get(ret->value,d2i_ASN1_PRINTABLE);
- ret->set=0;
- M_ASN1_D2I_Finish(a,X509_NAME_ENTRY_free,ASN1_F_D2I_X509_NAME_ENTRY);
- }
-
-int i2d_X509_NAME(X509_NAME *a, unsigned char **pp)
- {
- int ret;
-
- if (a == NULL) return(0);
- if (a->modified)
- {
- ret=i2d_X509_NAME_entries(a);
- if (ret < 0) return(ret);
- }
-
- ret=a->bytes->length;
- if (pp != NULL)
- {
- memcpy(*pp,a->bytes->data,ret);
- *pp+=ret;
- }
- return(ret);
- }
-
-static int i2d_X509_NAME_entries(X509_NAME *a)
- {
- X509_NAME_ENTRY *ne,*fe=NULL;
- STACK_OF(X509_NAME_ENTRY) *sk;
- BUF_MEM *buf=NULL;
- int set=0,r,ret=0;
- int i;
- unsigned char *p;
- int size=0;
-
- sk=a->entries;
- for (i=0; i<sk_X509_NAME_ENTRY_num(sk); i++)
- {
- ne=sk_X509_NAME_ENTRY_value(sk,i);
- if (fe == NULL)
- {
- fe=ne;
- size=0;
- }
-
- if (ne->set != set)
- {
- ret+=ASN1_object_size(1,size,V_ASN1_SET);
- fe->size=size;
- fe=ne;
- size=0;
- set=ne->set;
- }
- size+=i2d_X509_NAME_ENTRY(ne,NULL);
- }
- if (fe != NULL)
- {
- /* SET OF needed only if entries is non empty */
- ret+=ASN1_object_size(1,size,V_ASN1_SET);
- fe->size=size;
- }
-
- r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
-
- buf=a->bytes;
- if (!BUF_MEM_grow(buf,r)) goto err;
- p=(unsigned char *)buf->data;
-
- ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
- set= -1;
- for (i=0; i<sk_X509_NAME_ENTRY_num(sk); i++)
- {
- ne=sk_X509_NAME_ENTRY_value(sk,i);
- if (set != ne->set)
- {
- set=ne->set;
- ASN1_put_object(&p,1,ne->size,
- V_ASN1_SET,V_ASN1_UNIVERSAL);
- }
- i2d_X509_NAME_ENTRY(ne,&p);
- }
- a->modified=0;
- return(r);
-err:
- return(-1);
- }
-
-X509_NAME *d2i_X509_NAME(X509_NAME **a, unsigned char **pp, long length)
- {
- int set=0,i;
- int idx=0;
- unsigned char *orig;
- M_ASN1_D2I_vars(a,X509_NAME *,X509_NAME_new);
-
- orig= *pp;
- if (sk_X509_NAME_ENTRY_num(ret->entries) > 0)
- {
- while (sk_X509_NAME_ENTRY_num(ret->entries) > 0)
- X509_NAME_ENTRY_free(
- sk_X509_NAME_ENTRY_pop(ret->entries));
- }
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- for (;;)
- {
- if (M_ASN1_D2I_end_sequence()) break;
- M_ASN1_D2I_get_set_type(X509_NAME_ENTRY,ret->entries,
- d2i_X509_NAME_ENTRY,
- X509_NAME_ENTRY_free);
- for (; idx < sk_X509_NAME_ENTRY_num(ret->entries); idx++)
- {
- sk_X509_NAME_ENTRY_value(ret->entries,idx)->set=set;
- }
- set++;
- }
-
- i=(int)(c.p-orig);
- if (!BUF_MEM_grow(ret->bytes,i)) goto err;
- memcpy(ret->bytes->data,orig,i);
- ret->bytes->length=i;
- ret->modified=0;
-
- M_ASN1_D2I_Finish(a,X509_NAME_free,ASN1_F_D2I_X509_NAME);
- }
-
-X509_NAME *X509_NAME_new(void)
- {
- X509_NAME *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_NAME);
- if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL)
- { c.line=__LINE__; goto err2; }
- M_ASN1_New(ret->bytes,BUF_MEM_new);
- ret->modified=1;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_NAME_NEW);
- }
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_new(void)
- {
- X509_NAME_ENTRY *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_NAME_ENTRY);
-/* M_ASN1_New(ret->object,ASN1_OBJECT_new);*/
- ret->object=NULL;
- ret->set=0;
- M_ASN1_New(ret->value,ASN1_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_NAME_ENTRY_NEW);
- }
-
-void X509_NAME_free(X509_NAME *a)
- {
- if(a == NULL)
- return;
-
- BUF_MEM_free(a->bytes);
- sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free);
- OPENSSL_free(a);
- }
-
-void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a)
- {
- if (a == NULL) return;
- ASN1_OBJECT_free(a->object);
- M_ASN1_BIT_STRING_free(a->value);
- OPENSSL_free(a);
- }
-
-int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
- {
- X509_NAME *in;
-
- if (*xn == NULL) return(0);
-
- if (*xn != name)
- {
- in=X509_NAME_dup(name);
- if (in != NULL)
- {
- X509_NAME_free(*xn);
- *xn=in;
- }
- }
- return(*xn != NULL);
- }
-
-IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
-IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY)
diff --git a/src/lib/libcrypto/asn1/x_pkey.c b/src/lib/libcrypto/asn1/x_pkey.c
deleted file mode 100644
index f1c6221ac3..0000000000
--- a/src/lib/libcrypto/asn1/x_pkey.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* crypto/asn1/x_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-/* need to implement */
-int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp)
- {
- return(0);
- }
-
-X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, unsigned char **pp, long length)
- {
- int i;
- M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->enc_algor,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->enc_pkey,d2i_ASN1_OCTET_STRING);
-
- ret->cipher.cipher=EVP_get_cipherbyname(
- OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
- if (ret->cipher.cipher == NULL)
- {
- c.error=ASN1_R_UNSUPPORTED_CIPHER;
- c.line=__LINE__;
- goto err;
- }
- if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING)
- {
- i=ret->enc_algor->parameter->value.octet_string->length;
- if (i > EVP_MAX_IV_LENGTH)
- {
- c.error=ASN1_R_IV_TOO_LARGE;
- c.line=__LINE__;
- goto err;
- }
- memcpy(ret->cipher.iv,
- ret->enc_algor->parameter->value.octet_string->data,i);
- }
- else
- memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
- M_ASN1_D2I_Finish(a,X509_PKEY_free,ASN1_F_D2I_X509_PKEY);
- }
-
-X509_PKEY *X509_PKEY_new(void)
- {
- X509_PKEY *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_PKEY);
- ret->version=0;
- M_ASN1_New(ret->enc_algor,X509_ALGOR_new);
- M_ASN1_New(ret->enc_pkey,M_ASN1_OCTET_STRING_new);
- ret->dec_pkey=NULL;
- ret->key_length=0;
- ret->key_data=NULL;
- ret->key_free=0;
- ret->cipher.cipher=NULL;
- memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
- ret->references=1;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
- }
-
-void X509_PKEY_free(X509_PKEY *x)
- {
- int i;
-
- if (x == NULL) return;
-
- i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_PKEY);
-#ifdef REF_PRINT
- REF_PRINT("X509_PKEY",x);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"X509_PKEY_free, bad reference count\n");
- abort();
- }
-#endif
-
- if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor);
- if (x->enc_pkey != NULL) M_ASN1_OCTET_STRING_free(x->enc_pkey);
- if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey);
- if ((x->key_data != NULL) && (x->key_free)) OPENSSL_free(x->key_data);
- OPENSSL_free(x);
- }
diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c
deleted file mode 100644
index 4397a404b5..0000000000
--- a/src/lib/libcrypto/asn1/x_pubkey.c
+++ /dev/null
@@ -1,366 +0,0 @@
-/* crypto/asn1/x_pubkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_X509_PUBKEY(X509_PUBKEY *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->public_key, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->public_key, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-X509_PUBKEY *d2i_X509_PUBKEY(X509_PUBKEY **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,X509_PUBKEY *,X509_PUBKEY_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->public_key,d2i_ASN1_BIT_STRING);
- if (ret->pkey != NULL)
- {
- EVP_PKEY_free(ret->pkey);
- ret->pkey=NULL;
- }
- M_ASN1_D2I_Finish(a,X509_PUBKEY_free,ASN1_F_D2I_X509_PUBKEY);
- }
-
-X509_PUBKEY *X509_PUBKEY_new(void)
- {
- X509_PUBKEY *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_PUBKEY);
- M_ASN1_New(ret->algor,X509_ALGOR_new);
- M_ASN1_New(ret->public_key,M_ASN1_BIT_STRING_new);
- ret->pkey=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_PUBKEY_NEW);
- }
-
-void X509_PUBKEY_free(X509_PUBKEY *a)
- {
- if (a == NULL) return;
- X509_ALGOR_free(a->algor);
- M_ASN1_BIT_STRING_free(a->public_key);
- if (a->pkey != NULL) EVP_PKEY_free(a->pkey);
- OPENSSL_free(a);
- }
-
-int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
- {
- int ok=0;
- X509_PUBKEY *pk;
- X509_ALGOR *a;
- ASN1_OBJECT *o;
- unsigned char *s,*p;
- int i;
-
- if (x == NULL) return(0);
-
- if ((pk=X509_PUBKEY_new()) == NULL) goto err;
- a=pk->algor;
-
- /* set the algorithm id */
- if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err;
- ASN1_OBJECT_free(a->algorithm);
- a->algorithm=o;
-
- /* Set the parameter list */
- if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA))
- {
- if ((a->parameter == NULL) ||
- (a->parameter->type != V_ASN1_NULL))
- {
- ASN1_TYPE_free(a->parameter);
- a->parameter=ASN1_TYPE_new();
- a->parameter->type=V_ASN1_NULL;
- }
- }
- else
-#ifndef NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- {
- unsigned char *pp;
- DSA *dsa;
-
- dsa=pkey->pkey.dsa;
- dsa->write_params=0;
- ASN1_TYPE_free(a->parameter);
- i=i2d_DSAparams(dsa,NULL);
- p=(unsigned char *)OPENSSL_malloc(i);
- pp=p;
- i2d_DSAparams(dsa,&pp);
- a->parameter=ASN1_TYPE_new();
- a->parameter->type=V_ASN1_SEQUENCE;
- a->parameter->value.sequence=ASN1_STRING_new();
- ASN1_STRING_set(a->parameter->value.sequence,p,i);
- OPENSSL_free(p);
- }
- else
-#endif
- {
- X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
- goto err;
- }
-
- if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err;
- if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL) goto err;
- p=s;
- i2d_PublicKey(pkey,&p);
- if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
- /* Set number of unused bits to zero */
- pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
- pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
-
- OPENSSL_free(s);
-
-#if 0
- CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
- pk->pkey=pkey;
-#endif
-
- if (*x != NULL)
- X509_PUBKEY_free(*x);
-
- *x=pk;
- pk=NULL;
-
- ok=1;
-err:
- if (pk != NULL) X509_PUBKEY_free(pk);
- return(ok);
- }
-
-EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
- {
- EVP_PKEY *ret=NULL;
- long j;
- int type;
- unsigned char *p;
-#ifndef NO_DSA
- X509_ALGOR *a;
-#endif
-
- if (key == NULL) goto err;
-
- if (key->pkey != NULL)
- {
- CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
- return(key->pkey);
- }
-
- if (key->public_key == NULL) goto err;
-
- type=OBJ_obj2nid(key->algor->algorithm);
- p=key->public_key->data;
- j=key->public_key->length;
- if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL)
- {
- X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB);
- goto err;
- }
- ret->save_parameters=0;
-
-#ifndef NO_DSA
- a=key->algor;
- if (ret->type == EVP_PKEY_DSA)
- {
- if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
- {
- ret->pkey.dsa->write_params=0;
- p=a->parameter->value.sequence->data;
- j=a->parameter->value.sequence->length;
- if (!d2i_DSAparams(&ret->pkey.dsa,&p,(long)j))
- goto err;
- }
- ret->save_parameters=1;
- }
-#endif
- key->pkey=ret;
- CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY);
- return(ret);
-err:
- if (ret != NULL)
- EVP_PKEY_free(ret);
- return(NULL);
- }
-
-/* Now two pseudo ASN1 routines that take an EVP_PKEY structure
- * and encode or decode as X509_PUBKEY
- */
-
-EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp,
- long length)
-{
- X509_PUBKEY *xpk;
- EVP_PKEY *pktmp;
- xpk = d2i_X509_PUBKEY(NULL, pp, length);
- if(!xpk) return NULL;
- pktmp = X509_PUBKEY_get(xpk);
- X509_PUBKEY_free(xpk);
- if(!pktmp) return NULL;
- if(a) {
- EVP_PKEY_free(*a);
- *a = pktmp;
- }
- return pktmp;
-}
-
-int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
-{
- X509_PUBKEY *xpk=NULL;
- int ret;
- if(!a) return 0;
- if(!X509_PUBKEY_set(&xpk, a)) return 0;
- ret = i2d_X509_PUBKEY(xpk, pp);
- X509_PUBKEY_free(xpk);
- return ret;
-}
-
-/* The following are equivalents but which return RSA and DSA
- * keys
- */
-#ifndef NO_RSA
-RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp,
- long length)
-{
- EVP_PKEY *pkey;
- RSA *key;
- unsigned char *q;
- q = *pp;
- pkey = d2i_PUBKEY(NULL, &q, length);
- if(!pkey) return NULL;
- key = EVP_PKEY_get1_RSA(pkey);
- EVP_PKEY_free(pkey);
- if(!key) return NULL;
- *pp = q;
- if(a) {
- RSA_free(*a);
- *a = key;
- }
- return key;
-}
-
-int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
-{
- EVP_PKEY *pktmp;
- int ret;
- if(!a) return 0;
- pktmp = EVP_PKEY_new();
- if(!pktmp) {
- ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- EVP_PKEY_set1_RSA(pktmp, a);
- ret = i2d_PUBKEY(pktmp, pp);
- EVP_PKEY_free(pktmp);
- return ret;
-}
-#endif
-
-#ifndef NO_DSA
-DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp,
- long length)
-{
- EVP_PKEY *pkey;
- DSA *key;
- unsigned char *q;
- q = *pp;
- pkey = d2i_PUBKEY(NULL, &q, length);
- if(!pkey) return NULL;
- key = EVP_PKEY_get1_DSA(pkey);
- EVP_PKEY_free(pkey);
- if(!key) return NULL;
- *pp = q;
- if(a) {
- DSA_free(*a);
- *a = key;
- }
- return key;
-}
-
-int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
-{
- EVP_PKEY *pktmp;
- int ret;
- if(!a) return 0;
- pktmp = EVP_PKEY_new();
- if(!pktmp) {
- ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- EVP_PKEY_set1_DSA(pktmp, a);
- ret = i2d_PUBKEY(pktmp, pp);
- EVP_PKEY_free(pktmp);
- return ret;
-}
-#endif
diff --git a/src/lib/libcrypto/asn1/x_req.c b/src/lib/libcrypto/asn1/x_req.c
deleted file mode 100644
index 6dddd4f653..0000000000
--- a/src/lib/libcrypto/asn1/x_req.c
+++ /dev/null
@@ -1,257 +0,0 @@
-/* crypto/asn1/x_req.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- if(a->asn1) {
- if(pp) {
- memcpy(*pp, a->asn1, a->length);
- *pp += a->length;
- }
- return a->length;
- }
-
- M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(a->subject, i2d_X509_NAME);
- M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY);
-
- /* this is a *nasty* hack reported to be required to
- * allow some CA Software to accept the cert request.
- * It is not following the PKCS standards ...
- * PKCS#10 pg 5
- * attributes [0] IMPLICIT Attributes
- * NOTE: no OPTIONAL ... so it *must* be there
- */
- if (a->req_kludge)
- {
- M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes,i2d_X509_ATTRIBUTE,0);
- }
- else
- {
- M_ASN1_I2D_len_IMP_SET_type(X509_ATTRIBUTE,a->attributes,
- i2d_X509_ATTRIBUTE,0);
- }
-
- M_ASN1_I2D_seq_total();
- M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(a->subject, i2d_X509_NAME);
- M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY);
-
- /* this is a *nasty* hack reported to be required by some CA's.
- * It is not following the PKCS standards ...
- * PKCS#10 pg 5
- * attributes [0] IMPLICIT Attributes
- * NOTE: no OPTIONAL ... so it *must* be there
- */
- if (a->req_kludge)
- {
- M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes,
- i2d_X509_ATTRIBUTE,0);
- }
- else
- {
- M_ASN1_I2D_put_IMP_SET_type(X509_ATTRIBUTE,a->attributes,
- i2d_X509_ATTRIBUTE,0);
- }
-
- M_ASN1_I2D_finish();
- }
-
-X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,X509_REQ_INFO *,X509_REQ_INFO_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
- M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
-
- /* this is a *nasty* hack to allow for some CA's that
- * have been reported as requiring it.
- * It is not following the PKCS standards ...
- * PKCS#10 pg 5
- * attributes [0] IMPLICIT Attributes
- * NOTE: no OPTIONAL ... so it *must* be there
- */
- if (asn1_Finish(&c))
- ret->req_kludge=1;
- else
- {
- M_ASN1_D2I_get_IMP_set_type(X509_ATTRIBUTE,ret->attributes,
- d2i_X509_ATTRIBUTE,
- X509_ATTRIBUTE_free,0);
- }
-
- M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO);
- }
-
-X509_REQ_INFO *X509_REQ_INFO_new(void)
- {
- X509_REQ_INFO *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_REQ_INFO);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->subject,X509_NAME_new);
- M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
- M_ASN1_New(ret->attributes,sk_X509_ATTRIBUTE_new_null);
- ret->req_kludge=0;
- ret->asn1 = NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_REQ_INFO_NEW);
- }
-
-void X509_REQ_INFO_free(X509_REQ_INFO *a)
- {
- if (a == NULL) return;
- if(a->asn1) OPENSSL_free(a->asn1);
- M_ASN1_INTEGER_free(a->version);
- X509_NAME_free(a->subject);
- X509_PUBKEY_free(a->pubkey);
- sk_X509_ATTRIBUTE_pop_free(a->attributes,X509_ATTRIBUTE_free);
- OPENSSL_free(a);
- }
-
-int i2d_X509_REQ(X509_REQ *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
- M_ASN1_I2D_len(a->req_info, i2d_X509_REQ_INFO);
- M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->req_info, i2d_X509_REQ_INFO);
- M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-X509_REQ *d2i_X509_REQ(X509_REQ **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,X509_REQ *,X509_REQ_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->req_info,d2i_X509_REQ_INFO);
-
- /* Keep a copy of the original encoding for signature checking */
- ret->req_info->length = c.p - c.q;
- if(!(ret->req_info->asn1 = OPENSSL_malloc(ret->req_info->length))) {
- c.line=__LINE__;
- c.error = ERR_R_MALLOC_FAILURE;
- goto err;
- }
-
- memcpy(ret->req_info->asn1, c.q, ret->req_info->length);
-
- M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
- M_ASN1_D2I_Finish(a,X509_REQ_free,ASN1_F_D2I_X509_REQ);
- }
-
-X509_REQ *X509_REQ_new(void)
- {
- X509_REQ *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_REQ);
- ret->references=1;
- M_ASN1_New(ret->req_info,X509_REQ_INFO_new);
- M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
- M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_REQ_NEW);
- }
-
-void X509_REQ_free(X509_REQ *a)
- {
- int i;
-
- if (a == NULL) return;
-
- i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ);
-#ifdef REF_PRINT
- REF_PRINT("X509_REQ",a);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"X509_REQ_free, bad reference count\n");
- abort();
- }
-#endif
-
- X509_REQ_INFO_free(a->req_info);
- X509_ALGOR_free(a->sig_alg);
- M_ASN1_BIT_STRING_free(a->signature);
- OPENSSL_free(a);
- }
-
-
diff --git a/src/lib/libcrypto/asn1/x_sig.c b/src/lib/libcrypto/asn1/x_sig.c
deleted file mode 100644
index d79f147647..0000000000
--- a/src/lib/libcrypto/asn1/x_sig.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/asn1/x_sig.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_X509_SIG(X509_SIG *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->digest, i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->digest, i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-X509_SIG *d2i_X509_SIG(X509_SIG **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,X509_SIG *,X509_SIG_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
- M_ASN1_D2I_Finish(a,X509_SIG_free,ASN1_F_D2I_X509_SIG);
- }
-
-X509_SIG *X509_SIG_new(void)
- {
- X509_SIG *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_SIG);
- M_ASN1_New(ret->algor,X509_ALGOR_new);
- M_ASN1_New(ret->digest,M_ASN1_OCTET_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_SIG_NEW);
- }
-
-void X509_SIG_free(X509_SIG *a)
- {
- if (a == NULL) return;
- X509_ALGOR_free(a->algor);
- M_ASN1_OCTET_STRING_free(a->digest);
- OPENSSL_free(a);
- }
-
-
diff --git a/src/lib/libcrypto/asn1/x_spki.c b/src/lib/libcrypto/asn1/x_spki.c
deleted file mode 100644
index 4f01888f7d..0000000000
--- a/src/lib/libcrypto/asn1/x_spki.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* crypto/asn1/x_spki.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
- /* This module was send to me my Pat Richards <patr@x509.com> who
- * wrote it. It is under my Copyright with his permission
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY);
- M_ASN1_I2D_len(a->challenge, i2d_ASN1_IA5STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY);
- M_ASN1_I2D_put(a->challenge, i2d_ASN1_IA5STRING);
-
- M_ASN1_I2D_finish();
- }
-
-NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,NETSCAPE_SPKAC *,NETSCAPE_SPKAC_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
- M_ASN1_D2I_get(ret->challenge,d2i_ASN1_IA5STRING);
- M_ASN1_D2I_Finish(a,NETSCAPE_SPKAC_free,ASN1_F_D2I_NETSCAPE_SPKAC);
- }
-
-NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void)
- {
- NETSCAPE_SPKAC *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,NETSCAPE_SPKAC);
- M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
- M_ASN1_New(ret->challenge,M_ASN1_IA5STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKAC_NEW);
- }
-
-void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a)
- {
- if (a == NULL) return;
- X509_PUBKEY_free(a->pubkey);
- M_ASN1_IA5STRING_free(a->challenge);
- OPENSSL_free(a);
- }
-
-int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->spkac, i2d_NETSCAPE_SPKAC);
- M_ASN1_I2D_len(a->sig_algor, i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->spkac, i2d_NETSCAPE_SPKAC);
- M_ASN1_I2D_put(a->sig_algor, i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,NETSCAPE_SPKI *,NETSCAPE_SPKI_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->spkac,d2i_NETSCAPE_SPKAC);
- M_ASN1_D2I_get(ret->sig_algor,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
- M_ASN1_D2I_Finish(a,NETSCAPE_SPKI_free,ASN1_F_D2I_NETSCAPE_SPKI);
- }
-
-NETSCAPE_SPKI *NETSCAPE_SPKI_new(void)
- {
- NETSCAPE_SPKI *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,NETSCAPE_SPKI);
- M_ASN1_New(ret->spkac,NETSCAPE_SPKAC_new);
- M_ASN1_New(ret->sig_algor,X509_ALGOR_new);
- M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKI_NEW);
- }
-
-void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a)
- {
- if (a == NULL) return;
- NETSCAPE_SPKAC_free(a->spkac);
- X509_ALGOR_free(a->sig_algor);
- M_ASN1_BIT_STRING_free(a->signature);
- OPENSSL_free(a);
- }
-
diff --git a/src/lib/libcrypto/asn1/x_val.c b/src/lib/libcrypto/asn1/x_val.c
deleted file mode 100644
index 0f8f020b57..0000000000
--- a/src/lib/libcrypto/asn1/x_val.c
+++ /dev/null
@@ -1,109 +0,0 @@
-/* crypto/asn1/x_val.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_X509_VAL(X509_VAL *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->notBefore,i2d_ASN1_TIME);
- M_ASN1_I2D_len(a->notAfter,i2d_ASN1_TIME);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->notBefore,i2d_ASN1_TIME);
- M_ASN1_I2D_put(a->notAfter,i2d_ASN1_TIME);
-
- M_ASN1_I2D_finish();
- }
-
-X509_VAL *d2i_X509_VAL(X509_VAL **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,X509_VAL *,X509_VAL_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->notBefore,d2i_ASN1_TIME);
- M_ASN1_D2I_get(ret->notAfter,d2i_ASN1_TIME);
- M_ASN1_D2I_Finish(a,X509_VAL_free,ASN1_F_D2I_X509_VAL);
- }
-
-X509_VAL *X509_VAL_new(void)
- {
- X509_VAL *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_VAL);
- M_ASN1_New(ret->notBefore,M_ASN1_TIME_new);
- M_ASN1_New(ret->notAfter,M_ASN1_TIME_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_VAL_NEW);
- }
-
-void X509_VAL_free(X509_VAL *a)
- {
- if (a == NULL) return;
- M_ASN1_TIME_free(a->notBefore);
- M_ASN1_TIME_free(a->notAfter);
- OPENSSL_free(a);
- }
-
diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c
deleted file mode 100644
index 61ba856b17..0000000000
--- a/src/lib/libcrypto/asn1/x_x509.c
+++ /dev/null
@@ -1,216 +0,0 @@
-/* crypto/asn1/x_x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static int x509_meth_num = 0;
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_meth = NULL;
-
-static ASN1_METHOD meth={
- (int (*)()) i2d_X509,
- (char *(*)())d2i_X509,
- (char *(*)())X509_new,
- (void (*)()) X509_free};
-
-ASN1_METHOD *X509_asn1_meth(void)
- {
- return(&meth);
- }
-
-int i2d_X509(X509 *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->cert_info, i2d_X509_CINF);
- M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->cert_info, i2d_X509_CINF);
- M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-X509 *d2i_X509(X509 **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,X509 *,X509_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
- M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
- if (ret->name != NULL) OPENSSL_free(ret->name);
- ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
-
- M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
- }
-
-X509 *X509_new(void)
- {
- X509 *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509);
- ret->valid=0;
- ret->references=1;
- ret->name = NULL;
- ret->ex_flags = 0;
- ret->ex_pathlen = -1;
- ret->skid = NULL;
- ret->akid = NULL;
- ret->aux = NULL;
- M_ASN1_New(ret->cert_info,X509_CINF_new);
- M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
- M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
- CRYPTO_new_ex_data(x509_meth, ret, &ret->ex_data);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_NEW);
- }
-
-void X509_free(X509 *a)
- {
- int i;
-
- if (a == NULL) return;
-
- i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509);
-#ifdef REF_PRINT
- REF_PRINT("X509",a);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"X509_free, bad reference count\n");
- abort();
- }
-#endif
-
- CRYPTO_free_ex_data(x509_meth,a,&a->ex_data);
- X509_CINF_free(a->cert_info);
- X509_ALGOR_free(a->sig_alg);
- M_ASN1_BIT_STRING_free(a->signature);
- X509_CERT_AUX_free(a->aux);
- ASN1_OCTET_STRING_free(a->skid);
- AUTHORITY_KEYID_free(a->akid);
-
- if (a->name != NULL) OPENSSL_free(a->name);
- OPENSSL_free(a);
- }
-
-int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
- {
- x509_meth_num++;
- return(CRYPTO_get_ex_new_index(x509_meth_num-1,
- &x509_meth,argl,argp,new_func,dup_func,free_func));
- }
-
-int X509_set_ex_data(X509 *r, int idx, void *arg)
- {
- return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
- }
-
-void *X509_get_ex_data(X509 *r, int idx)
- {
- return(CRYPTO_get_ex_data(&r->ex_data,idx));
- }
-
-/* X509_AUX ASN1 routines. X509_AUX is the name given to
- * a certificate with extra info tagged on the end. Since these
- * functions set how a certificate is trusted they should only
- * be used when the certificate comes from a reliable source
- * such as local storage.
- *
- */
-
-X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length)
-{
- unsigned char *q;
- X509 *ret;
- /* Save start position */
- q = *pp;
- ret = d2i_X509(a, pp, length);
- /* If certificate unreadable then forget it */
- if(!ret) return NULL;
- /* update length */
- length -= *pp - q;
- if(!length) return ret;
- if(!d2i_X509_CERT_AUX(&ret->aux, pp, length)) goto err;
- return ret;
- err:
- X509_free(ret);
- return NULL;
-}
-
-int i2d_X509_AUX(X509 *a, unsigned char **pp)
-{
- int length;
- length = i2d_X509(a, pp);
- if(a) length += i2d_X509_CERT_AUX(a->aux, pp);
- return length;
-}
diff --git a/src/lib/libcrypto/asn1/x_x509a.c b/src/lib/libcrypto/asn1/x_x509a.c
deleted file mode 100644
index ebcce87bf2..0000000000
--- a/src/lib/libcrypto/asn1/x_x509a.c
+++ /dev/null
@@ -1,208 +0,0 @@
-/* a_x509a.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-/* X509_CERT_AUX routines. These are used to encode additional
- * user modifiable data about a certificate. This data is
- * appended to the X509 encoding when the *_X509_AUX routines
- * are used. This means that the "traditional" X509 routines
- * will simply ignore the extra data.
- */
-
-static X509_CERT_AUX *aux_get(X509 *x);
-
-X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a, X509_CERT_AUX *, X509_CERT_AUX_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
-
- M_ASN1_D2I_get_seq_opt_type(ASN1_OBJECT, ret->trust,
- d2i_ASN1_OBJECT, ASN1_OBJECT_free);
- M_ASN1_D2I_get_IMP_set_opt_type(ASN1_OBJECT, ret->reject,
- d2i_ASN1_OBJECT, ASN1_OBJECT_free, 0);
- M_ASN1_D2I_get_opt(ret->alias, d2i_ASN1_UTF8STRING, V_ASN1_UTF8STRING);
- M_ASN1_D2I_get_opt(ret->keyid, d2i_ASN1_OCTET_STRING, V_ASN1_OCTET_STRING);
- M_ASN1_D2I_get_IMP_set_opt_type(X509_ALGOR, ret->other,
- d2i_X509_ALGOR, X509_ALGOR_free, 1);
-
- M_ASN1_D2I_Finish(a, X509_CERT_AUX_free, ASN1_F_D2I_X509_CERT_AUX);
-}
-
-X509_CERT_AUX *X509_CERT_AUX_new()
-{
- X509_CERT_AUX *ret = NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, X509_CERT_AUX);
- ret->trust = NULL;
- ret->reject = NULL;
- ret->alias = NULL;
- ret->keyid = NULL;
- ret->other = NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_CERT_AUX_NEW);
-}
-
-void X509_CERT_AUX_free(X509_CERT_AUX *a)
-{
- if(a == NULL) return;
- sk_ASN1_OBJECT_pop_free(a->trust, ASN1_OBJECT_free);
- sk_ASN1_OBJECT_pop_free(a->reject, ASN1_OBJECT_free);
- ASN1_UTF8STRING_free(a->alias);
- ASN1_OCTET_STRING_free(a->keyid);
- sk_X509_ALGOR_pop_free(a->other, X509_ALGOR_free);
- OPENSSL_free(a);
-}
-
-int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT);
- M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0);
-
- M_ASN1_I2D_len(a->alias, i2d_ASN1_UTF8STRING);
- M_ASN1_I2D_len(a->keyid, i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT);
- M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0);
-
- M_ASN1_I2D_put(a->alias, i2d_ASN1_UTF8STRING);
- M_ASN1_I2D_put(a->keyid, i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1);
-
- M_ASN1_I2D_finish();
-}
-
-static X509_CERT_AUX *aux_get(X509 *x)
-{
- if(!x) return NULL;
- if(!x->aux && !(x->aux = X509_CERT_AUX_new())) return NULL;
- return x->aux;
-}
-
-int X509_alias_set1(X509 *x, unsigned char *name, int len)
-{
- X509_CERT_AUX *aux;
- if(!(aux = aux_get(x))) return 0;
- if(!aux->alias && !(aux->alias = ASN1_UTF8STRING_new())) return 0;
- return ASN1_STRING_set(aux->alias, name, len);
-}
-
-int X509_keyid_set1(X509 *x, unsigned char *id, int len)
-{
- X509_CERT_AUX *aux;
- if(!(aux = aux_get(x))) return 0;
- if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0;
- return ASN1_STRING_set(aux->keyid, id, len);
-}
-
-unsigned char *X509_alias_get0(X509 *x, int *len)
-{
- if(!x->aux || !x->aux->alias) return NULL;
- if(len) *len = x->aux->alias->length;
- return x->aux->alias->data;
-}
-
-int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
-{
- X509_CERT_AUX *aux;
- ASN1_OBJECT *objtmp;
- if(!(objtmp = OBJ_dup(obj))) return 0;
- if(!(aux = aux_get(x))) return 0;
- if(!aux->trust
- && !(aux->trust = sk_ASN1_OBJECT_new_null())) return 0;
- return sk_ASN1_OBJECT_push(aux->trust, objtmp);
-}
-
-int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
-{
- X509_CERT_AUX *aux;
- ASN1_OBJECT *objtmp;
- if(!(objtmp = OBJ_dup(obj))) return 0;
- if(!(aux = aux_get(x))) return 0;
- if(!aux->reject
- && !(aux->reject = sk_ASN1_OBJECT_new_null())) return 0;
- return sk_ASN1_OBJECT_push(aux->reject, objtmp);
-}
-
-void X509_trust_clear(X509 *x)
-{
- if(x->aux && x->aux->trust) {
- sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
- x->aux->trust = NULL;
- }
-}
-
-void X509_reject_clear(X509 *x)
-{
- if(x->aux && x->aux->reject) {
- sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
- x->aux->reject = NULL;
- }
-}
-
diff --git a/src/lib/libcrypto/bf/COPYRIGHT b/src/lib/libcrypto/bf/COPYRIGHT
deleted file mode 100644
index 6857223506..0000000000
--- a/src/lib/libcrypto/bf/COPYRIGHT
+++ /dev/null
@@ -1,46 +0,0 @@
-Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-All rights reserved.
-
-This package is an Blowfish implementation written
-by Eric Young (eay@cryptsoft.com).
-
-This library is free for commercial and non-commercial use as long as
-the following conditions are aheared to. The following conditions
-apply to all code found in this distribution.
-
-Copyright remains Eric Young's, and as such any Copyright notices in
-the code are not to be removed.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the copyright
- notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-3. All advertising materials mentioning features or use of this software
- must display the following acknowledgement:
- This product includes software developed by Eric Young (eay@cryptsoft.com)
-
-THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-The license and distribution terms for any publically available version or
-derivative of this code cannot be changed. i.e. this code cannot simply be
-copied and put under another distrubution license
-[including the GNU Public License.]
-
-The reason behind this being stated in this direct manner is past
-experience in code simply being copied and the attribution removed
-from it and then being distributed as part of other packages. This
-implementation was a non-trivial and unpaid effort.
diff --git a/src/lib/libcrypto/bf/INSTALL b/src/lib/libcrypto/bf/INSTALL
deleted file mode 100644
index 3b25923532..0000000000
--- a/src/lib/libcrypto/bf/INSTALL
+++ /dev/null
@@ -1,14 +0,0 @@
-This Eric Young's blowfish implementation, taken from his SSLeay library
-and made available as a separate library.
-
-The version number (0.7.2m) is the SSLeay version that this library was
-taken from.
-
-To build, just unpack and type make.
-If you are not using gcc, edit the Makefile.
-If you are compiling for an x86 box, try the assembler (it needs improving).
-There are also some compile time options that can improve performance,
-these are documented in the Makefile.
-
-eric 15-Apr-1997
-
diff --git a/src/lib/libcrypto/bf/README b/src/lib/libcrypto/bf/README
deleted file mode 100644
index f2712fd0e7..0000000000
--- a/src/lib/libcrypto/bf/README
+++ /dev/null
@@ -1,8 +0,0 @@
-This is a quick packaging up of my blowfish code into a library.
-It has been lifted from SSLeay.
-The copyright notices seem a little harsh because I have not spent the
-time to rewrite the conditions from the normal SSLeay ones.
-
-Basically if you just want to play with the library, not a problem.
-
-eric 15-Apr-1997
diff --git a/src/lib/libcrypto/bf/VERSION b/src/lib/libcrypto/bf/VERSION
deleted file mode 100644
index be995855e4..0000000000
--- a/src/lib/libcrypto/bf/VERSION
+++ /dev/null
@@ -1,6 +0,0 @@
-The version numbers will follow my SSL implementation
-
-0.7.2r - Some reasonable default compiler options from
- Peter Gutman <pgut001@cs.auckland.ac.nz>
-
-0.7.2m - the first release
diff --git a/src/lib/libcrypto/bf/asm/bf-586.pl b/src/lib/libcrypto/bf/asm/bf-586.pl
deleted file mode 100644
index b556642c94..0000000000
--- a/src/lib/libcrypto/bf/asm/bf-586.pl
+++ /dev/null
@@ -1,136 +0,0 @@
-#!/usr/local/bin/perl
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-require "cbc.pl";
-
-&asm_init($ARGV[0],"bf-586.pl",$ARGV[$#ARGV] eq "386");
-
-$BF_ROUNDS=16;
-$BF_OFF=($BF_ROUNDS+2)*4;
-$L="edi";
-$R="esi";
-$P="ebp";
-$tmp1="eax";
-$tmp2="ebx";
-$tmp3="ecx";
-$tmp4="edx";
-
-&BF_encrypt("BF_encrypt",1);
-&BF_encrypt("BF_decrypt",0);
-&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
-&asm_finish();
-
-sub BF_encrypt
- {
- local($name,$enc)=@_;
-
- &function_begin_B($name,"");
-
- &comment("");
-
- &push("ebp");
- &push("ebx");
- &mov($tmp2,&wparam(0));
- &mov($P,&wparam(1));
- &push("esi");
- &push("edi");
-
- &comment("Load the 2 words");
- &mov($L,&DWP(0,$tmp2,"",0));
- &mov($R,&DWP(4,$tmp2,"",0));
-
- &xor( $tmp1, $tmp1);
-
- # encrypting part
-
- if ($enc)
- {
- &mov($tmp2,&DWP(0,$P,"",0));
- &xor( $tmp3, $tmp3);
-
- &xor($L,$tmp2);
- for ($i=0; $i<$BF_ROUNDS; $i+=2)
- {
- &comment("");
- &comment("Round $i");
- &BF_ENCRYPT($i+1,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
-
- &comment("");
- &comment("Round ".sprintf("%d",$i+1));
- &BF_ENCRYPT($i+2,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
- }
- # &mov($tmp1,&wparam(0)); In last loop
- &mov($tmp4,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
- }
- else
- {
- &mov($tmp2,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
- &xor( $tmp3, $tmp3);
-
- &xor($L,$tmp2);
- for ($i=$BF_ROUNDS; $i>0; $i-=2)
- {
- &comment("");
- &comment("Round $i");
- &BF_ENCRYPT($i,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
- &comment("");
- &comment("Round ".sprintf("%d",$i-1));
- &BF_ENCRYPT($i-1,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
- }
- # &mov($tmp1,&wparam(0)); In last loop
- &mov($tmp4,&DWP(0,$P,"",0));
- }
-
- &xor($R,$tmp4);
- &mov(&DWP(4,$tmp1,"",0),$L);
-
- &mov(&DWP(0,$tmp1,"",0),$R);
- &function_end($name);
- }
-
-sub BF_ENCRYPT
- {
- local($i,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,$enc)=@_;
-
- &mov( $tmp4, &DWP(&n2a($i*4),$P,"",0)); # for next round
-
- &mov( $tmp2, $R);
- &xor( $L, $tmp4);
-
- &shr( $tmp2, 16);
- &mov( $tmp4, $R);
-
- &movb( &LB($tmp1), &HB($tmp2)); # A
- &and( $tmp2, 0xff); # B
-
- &movb( &LB($tmp3), &HB($tmp4)); # C
- &and( $tmp4, 0xff); # D
-
- &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
- &mov( $tmp2, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
-
- &add( $tmp2, $tmp1);
- &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp3,4));
-
- &xor( $tmp2, $tmp1);
- &mov( $tmp4, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp4,4));
-
- &add( $tmp2, $tmp4);
- if (($enc && ($i != 16)) || ((!$enc) && ($i != 1)))
- { &xor( $tmp1, $tmp1); }
- else
- {
- &comment("Load parameter 0 ($i) enc=$enc");
- &mov($tmp1,&wparam(0));
- } # In last loop
-
- &xor( $L, $tmp2);
- # delay
- }
-
-sub n2a
- {
- sprintf("%d",$_[0]);
- }
-
diff --git a/src/lib/libcrypto/bf/bf_cbc.c b/src/lib/libcrypto/bf/bf_cbc.c
deleted file mode 100644
index f949629dc6..0000000000
--- a/src/lib/libcrypto/bf/bf_cbc.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/* crypto/bf/bf_cbc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- const BF_KEY *schedule, unsigned char *ivec, int encrypt)
- {
- register BF_LONG tin0,tin1;
- register BF_LONG tout0,tout1,xor0,xor1;
- register long l=length;
- BF_LONG tin[2];
-
- if (encrypt)
- {
- n2l(ivec,tout0);
- n2l(ivec,tout1);
- ivec-=8;
- for (l-=8; l>=0; l-=8)
- {
- n2l(in,tin0);
- n2l(in,tin1);
- tin0^=tout0;
- tin1^=tout1;
- tin[0]=tin0;
- tin[1]=tin1;
- BF_encrypt(tin,schedule);
- tout0=tin[0];
- tout1=tin[1];
- l2n(tout0,out);
- l2n(tout1,out);
- }
- if (l != -8)
- {
- n2ln(in,tin0,tin1,l+8);
- tin0^=tout0;
- tin1^=tout1;
- tin[0]=tin0;
- tin[1]=tin1;
- BF_encrypt(tin,schedule);
- tout0=tin[0];
- tout1=tin[1];
- l2n(tout0,out);
- l2n(tout1,out);
- }
- l2n(tout0,ivec);
- l2n(tout1,ivec);
- }
- else
- {
- n2l(ivec,xor0);
- n2l(ivec,xor1);
- ivec-=8;
- for (l-=8; l>=0; l-=8)
- {
- n2l(in,tin0);
- n2l(in,tin1);
- tin[0]=tin0;
- tin[1]=tin1;
- BF_decrypt(tin,schedule);
- tout0=tin[0]^xor0;
- tout1=tin[1]^xor1;
- l2n(tout0,out);
- l2n(tout1,out);
- xor0=tin0;
- xor1=tin1;
- }
- if (l != -8)
- {
- n2l(in,tin0);
- n2l(in,tin1);
- tin[0]=tin0;
- tin[1]=tin1;
- BF_decrypt(tin,schedule);
- tout0=tin[0]^xor0;
- tout1=tin[1]^xor1;
- l2nn(tout0,tout1,out,l+8);
- xor0=tin0;
- xor1=tin1;
- }
- l2n(xor0,ivec);
- l2n(xor1,ivec);
- }
- tin0=tin1=tout0=tout1=xor0=xor1=0;
- tin[0]=tin[1]=0;
- }
-
diff --git a/src/lib/libcrypto/bf/bf_cfb64.c b/src/lib/libcrypto/bf/bf_cfb64.c
deleted file mode 100644
index 6451c8d407..0000000000
--- a/src/lib/libcrypto/bf/bf_cfb64.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/bf/bf_cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
- const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt)
- {
- register BF_LONG v0,v1,t;
- register int n= *num;
- register long l=length;
- BF_LONG ti[2];
- unsigned char *iv,c,cc;
-
- iv=(unsigned char *)ivec;
- if (encrypt)
- {
- while (l--)
- {
- if (n == 0)
- {
- n2l(iv,v0); ti[0]=v0;
- n2l(iv,v1); ti[1]=v1;
- BF_encrypt((BF_LONG *)ti,schedule);
- iv=(unsigned char *)ivec;
- t=ti[0]; l2n(t,iv);
- t=ti[1]; l2n(t,iv);
- iv=(unsigned char *)ivec;
- }
- c= *(in++)^iv[n];
- *(out++)=c;
- iv[n]=c;
- n=(n+1)&0x07;
- }
- }
- else
- {
- while (l--)
- {
- if (n == 0)
- {
- n2l(iv,v0); ti[0]=v0;
- n2l(iv,v1); ti[1]=v1;
- BF_encrypt((BF_LONG *)ti,schedule);
- iv=(unsigned char *)ivec;
- t=ti[0]; l2n(t,iv);
- t=ti[1]; l2n(t,iv);
- iv=(unsigned char *)ivec;
- }
- cc= *(in++);
- c=iv[n];
- iv[n]=cc;
- *(out++)=c^cc;
- n=(n+1)&0x07;
- }
- }
- v0=v1=ti[0]=ti[1]=t=c=cc=0;
- *num=n;
- }
-
diff --git a/src/lib/libcrypto/bf/bf_ecb.c b/src/lib/libcrypto/bf/bf_ecb.c
deleted file mode 100644
index 341991636f..0000000000
--- a/src/lib/libcrypto/bf/bf_ecb.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/bf/bf_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-#include <openssl/opensslv.h>
-
-/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
- * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
- * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
- */
-
-const char *BF_version="Blowfish" OPENSSL_VERSION_PTEXT;
-
-const char *BF_options(void)
- {
-#ifdef BF_PTR
- return("blowfish(ptr)");
-#elif defined(BF_PTR2)
- return("blowfish(ptr2)");
-#else
- return("blowfish(idx)");
-#endif
- }
-
-void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const BF_KEY *key, int encrypt)
- {
- BF_LONG l,d[2];
-
- n2l(in,l); d[0]=l;
- n2l(in,l); d[1]=l;
- if (encrypt)
- BF_encrypt(d,key);
- else
- BF_decrypt(d,key);
- l=d[0]; l2n(l,out);
- l=d[1]; l2n(l,out);
- l=d[0]=d[1]=0;
- }
-
diff --git a/src/lib/libcrypto/bf/bf_enc.c b/src/lib/libcrypto/bf/bf_enc.c
deleted file mode 100644
index b380acf959..0000000000
--- a/src/lib/libcrypto/bf/bf_enc.c
+++ /dev/null
@@ -1,306 +0,0 @@
-/* crypto/bf/bf_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
- * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
- * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
- */
-
-#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
-#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \
-to modify the code.
-#endif
-
-void BF_encrypt(BF_LONG *data, const BF_KEY *key)
- {
-#ifndef BF_PTR2
- register BF_LONG l,r;
- const register BF_LONG *p,*s;
-
- p=key->P;
- s= &(key->S[0]);
- l=data[0];
- r=data[1];
-
- l^=p[0];
- BF_ENC(r,l,s,p[ 1]);
- BF_ENC(l,r,s,p[ 2]);
- BF_ENC(r,l,s,p[ 3]);
- BF_ENC(l,r,s,p[ 4]);
- BF_ENC(r,l,s,p[ 5]);
- BF_ENC(l,r,s,p[ 6]);
- BF_ENC(r,l,s,p[ 7]);
- BF_ENC(l,r,s,p[ 8]);
- BF_ENC(r,l,s,p[ 9]);
- BF_ENC(l,r,s,p[10]);
- BF_ENC(r,l,s,p[11]);
- BF_ENC(l,r,s,p[12]);
- BF_ENC(r,l,s,p[13]);
- BF_ENC(l,r,s,p[14]);
- BF_ENC(r,l,s,p[15]);
- BF_ENC(l,r,s,p[16]);
-#if BF_ROUNDS == 20
- BF_ENC(r,l,s,p[17]);
- BF_ENC(l,r,s,p[18]);
- BF_ENC(r,l,s,p[19]);
- BF_ENC(l,r,s,p[20]);
-#endif
- r^=p[BF_ROUNDS+1];
-
- data[1]=l&0xffffffffL;
- data[0]=r&0xffffffffL;
-#else
- register BF_LONG l,r,t,*k;
-
- l=data[0];
- r=data[1];
- k=(BF_LONG*)key;
-
- l^=k[0];
- BF_ENC(r,l,k, 1);
- BF_ENC(l,r,k, 2);
- BF_ENC(r,l,k, 3);
- BF_ENC(l,r,k, 4);
- BF_ENC(r,l,k, 5);
- BF_ENC(l,r,k, 6);
- BF_ENC(r,l,k, 7);
- BF_ENC(l,r,k, 8);
- BF_ENC(r,l,k, 9);
- BF_ENC(l,r,k,10);
- BF_ENC(r,l,k,11);
- BF_ENC(l,r,k,12);
- BF_ENC(r,l,k,13);
- BF_ENC(l,r,k,14);
- BF_ENC(r,l,k,15);
- BF_ENC(l,r,k,16);
-#if BF_ROUNDS == 20
- BF_ENC(r,l,k,17);
- BF_ENC(l,r,k,18);
- BF_ENC(r,l,k,19);
- BF_ENC(l,r,k,20);
-#endif
- r^=k[BF_ROUNDS+1];
-
- data[1]=l&0xffffffffL;
- data[0]=r&0xffffffffL;
-#endif
- }
-
-#ifndef BF_DEFAULT_OPTIONS
-
-void BF_decrypt(BF_LONG *data, const BF_KEY *key)
- {
-#ifndef BF_PTR2
- register BF_LONG l,r;
- const register BF_LONG *p,*s;
-
- p=key->P;
- s= &(key->S[0]);
- l=data[0];
- r=data[1];
-
- l^=p[BF_ROUNDS+1];
-#if BF_ROUNDS == 20
- BF_ENC(r,l,s,p[20]);
- BF_ENC(l,r,s,p[19]);
- BF_ENC(r,l,s,p[18]);
- BF_ENC(l,r,s,p[17]);
-#endif
- BF_ENC(r,l,s,p[16]);
- BF_ENC(l,r,s,p[15]);
- BF_ENC(r,l,s,p[14]);
- BF_ENC(l,r,s,p[13]);
- BF_ENC(r,l,s,p[12]);
- BF_ENC(l,r,s,p[11]);
- BF_ENC(r,l,s,p[10]);
- BF_ENC(l,r,s,p[ 9]);
- BF_ENC(r,l,s,p[ 8]);
- BF_ENC(l,r,s,p[ 7]);
- BF_ENC(r,l,s,p[ 6]);
- BF_ENC(l,r,s,p[ 5]);
- BF_ENC(r,l,s,p[ 4]);
- BF_ENC(l,r,s,p[ 3]);
- BF_ENC(r,l,s,p[ 2]);
- BF_ENC(l,r,s,p[ 1]);
- r^=p[0];
-
- data[1]=l&0xffffffffL;
- data[0]=r&0xffffffffL;
-#else
- register BF_LONG l,r,t,*k;
-
- l=data[0];
- r=data[1];
- k=(BF_LONG *)key;
-
- l^=k[BF_ROUNDS+1];
-#if BF_ROUNDS == 20
- BF_ENC(r,l,k,20);
- BF_ENC(l,r,k,19);
- BF_ENC(r,l,k,18);
- BF_ENC(l,r,k,17);
-#endif
- BF_ENC(r,l,k,16);
- BF_ENC(l,r,k,15);
- BF_ENC(r,l,k,14);
- BF_ENC(l,r,k,13);
- BF_ENC(r,l,k,12);
- BF_ENC(l,r,k,11);
- BF_ENC(r,l,k,10);
- BF_ENC(l,r,k, 9);
- BF_ENC(r,l,k, 8);
- BF_ENC(l,r,k, 7);
- BF_ENC(r,l,k, 6);
- BF_ENC(l,r,k, 5);
- BF_ENC(r,l,k, 4);
- BF_ENC(l,r,k, 3);
- BF_ENC(r,l,k, 2);
- BF_ENC(l,r,k, 1);
- r^=k[0];
-
- data[1]=l&0xffffffffL;
- data[0]=r&0xffffffffL;
-#endif
- }
-
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- const BF_KEY *schedule, unsigned char *ivec, int encrypt)
- {
- register BF_LONG tin0,tin1;
- register BF_LONG tout0,tout1,xor0,xor1;
- register long l=length;
- BF_LONG tin[2];
-
- if (encrypt)
- {
- n2l(ivec,tout0);
- n2l(ivec,tout1);
- ivec-=8;
- for (l-=8; l>=0; l-=8)
- {
- n2l(in,tin0);
- n2l(in,tin1);
- tin0^=tout0;
- tin1^=tout1;
- tin[0]=tin0;
- tin[1]=tin1;
- BF_encrypt(tin,schedule);
- tout0=tin[0];
- tout1=tin[1];
- l2n(tout0,out);
- l2n(tout1,out);
- }
- if (l != -8)
- {
- n2ln(in,tin0,tin1,l+8);
- tin0^=tout0;
- tin1^=tout1;
- tin[0]=tin0;
- tin[1]=tin1;
- BF_encrypt(tin,schedule);
- tout0=tin[0];
- tout1=tin[1];
- l2n(tout0,out);
- l2n(tout1,out);
- }
- l2n(tout0,ivec);
- l2n(tout1,ivec);
- }
- else
- {
- n2l(ivec,xor0);
- n2l(ivec,xor1);
- ivec-=8;
- for (l-=8; l>=0; l-=8)
- {
- n2l(in,tin0);
- n2l(in,tin1);
- tin[0]=tin0;
- tin[1]=tin1;
- BF_decrypt(tin,schedule);
- tout0=tin[0]^xor0;
- tout1=tin[1]^xor1;
- l2n(tout0,out);
- l2n(tout1,out);
- xor0=tin0;
- xor1=tin1;
- }
- if (l != -8)
- {
- n2l(in,tin0);
- n2l(in,tin1);
- tin[0]=tin0;
- tin[1]=tin1;
- BF_decrypt(tin,schedule);
- tout0=tin[0]^xor0;
- tout1=tin[1]^xor1;
- l2nn(tout0,tout1,out,l+8);
- xor0=tin0;
- xor1=tin1;
- }
- l2n(xor0,ivec);
- l2n(xor1,ivec);
- }
- tin0=tin1=tout0=tout1=xor0=xor1=0;
- tin[0]=tin[1]=0;
- }
-
-#endif
diff --git a/src/lib/libcrypto/bf/bf_locl.h b/src/lib/libcrypto/bf/bf_locl.h
deleted file mode 100644
index cc7c3ec992..0000000000
--- a/src/lib/libcrypto/bf/bf_locl.h
+++ /dev/null
@@ -1,219 +0,0 @@
-/* crypto/bf/bf_locl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BF_LOCL_H
-#define HEADER_BF_LOCL_H
-#include <openssl/opensslconf.h> /* BF_PTR, BF_PTR2 */
-
-#undef c2l
-#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
- case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
- case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
- case 5: l2|=((unsigned long)(*(--(c)))); \
- case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
- case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
- case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
- case 1: l1|=((unsigned long)(*(--(c)))); \
- } \
- }
-
-#undef l2c
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
- } \
- }
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c)))) ; \
- case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
- case 6: l2|=((unsigned long)(*(--(c))))<<16; \
- case 5: l2|=((unsigned long)(*(--(c))))<<24; \
- case 4: l1 =((unsigned long)(*(--(c)))) ; \
- case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
- case 2: l1|=((unsigned long)(*(--(c))))<<16; \
- case 1: l1|=((unsigned long)(*(--(c))))<<24; \
- } \
- }
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
- } \
- }
-
-#undef n2l
-#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-/* This is actually a big endian algorithm, the most significant byte
- * is used to lookup array 0 */
-
-#if defined(BF_PTR2)
-
-/*
- * This is basically a special Intel version. Point is that Intel
- * doesn't have many registers, but offers a reach choice of addressing
- * modes. So we spare some registers by directly traversing BF_KEY
- * structure and hiring the most decorated addressing mode. The code
- * generated by EGCS is *perfectly* competitive with assembler
- * implementation!
- */
-#define BF_ENC(LL,R,KEY,Pi) (\
- LL^=KEY[Pi], \
- t= KEY[BF_ROUNDS+2 + 0 + ((R>>24)&0xFF)], \
- t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \
- t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \
- t+= KEY[BF_ROUNDS+2 + 768 + ((R )&0xFF)], \
- LL^=t \
- )
-
-#elif defined(BF_PTR)
-
-#ifndef BF_LONG_LOG2
-#define BF_LONG_LOG2 2 /* default to BF_LONG being 32 bits */
-#endif
-#define BF_M (0xFF<<BF_LONG_LOG2)
-#define BF_0 (24-BF_LONG_LOG2)
-#define BF_1 (16-BF_LONG_LOG2)
-#define BF_2 ( 8-BF_LONG_LOG2)
-#define BF_3 BF_LONG_LOG2 /* left shift */
-
-/*
- * This is normally very good on RISC platforms where normally you
- * have to explicitly "multiply" array index by sizeof(BF_LONG)
- * in order to calculate the effective address. This implementation
- * excuses CPU from this extra work. Power[PC] uses should have most
- * fun as (R>>BF_i)&BF_M gets folded into a single instruction, namely
- * rlwinm. So let'em double-check if their compiler does it.
- */
-
-#define BF_ENC(LL,R,S,P) ( \
- LL^=P, \
- LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \
- *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
- *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
- *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M))) \
- )
-#else
-
-/*
- * This is a *generic* version. Seem to perform best on platforms that
- * offer explicit support for extraction of 8-bit nibbles preferably
- * complemented with "multiplying" of array index by sizeof(BF_LONG).
- * For the moment of this writing the list comprises Alpha CPU featuring
- * extbl and s[48]addq instructions.
- */
-
-#define BF_ENC(LL,R,S,P) ( \
- LL^=P, \
- LL^=((( S[ ((int)(R>>24)&0xff)] + \
- S[0x0100+((int)(R>>16)&0xff)])^ \
- S[0x0200+((int)(R>> 8)&0xff)])+ \
- S[0x0300+((int)(R )&0xff)])&0xffffffffL \
- )
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/bf/bf_ofb64.c b/src/lib/libcrypto/bf/bf_ofb64.c
deleted file mode 100644
index f2a9ff6e41..0000000000
--- a/src/lib/libcrypto/bf/bf_ofb64.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/bf/bf_ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
- const BF_KEY *schedule, unsigned char *ivec, int *num)
- {
- register BF_LONG v0,v1,t;
- register int n= *num;
- register long l=length;
- unsigned char d[8];
- register char *dp;
- BF_LONG ti[2];
- unsigned char *iv;
- int save=0;
-
- iv=(unsigned char *)ivec;
- n2l(iv,v0);
- n2l(iv,v1);
- ti[0]=v0;
- ti[1]=v1;
- dp=(char *)d;
- l2n(v0,dp);
- l2n(v1,dp);
- while (l--)
- {
- if (n == 0)
- {
- BF_encrypt((BF_LONG *)ti,schedule);
- dp=(char *)d;
- t=ti[0]; l2n(t,dp);
- t=ti[1]; l2n(t,dp);
- save++;
- }
- *(out++)= *(in++)^d[n];
- n=(n+1)&0x07;
- }
- if (save)
- {
- v0=ti[0];
- v1=ti[1];
- iv=(unsigned char *)ivec;
- l2n(v0,iv);
- l2n(v1,iv);
- }
- t=v0=v1=ti[0]=ti[1]=0;
- *num=n;
- }
-
diff --git a/src/lib/libcrypto/bf/bf_pi.h b/src/lib/libcrypto/bf/bf_pi.h
deleted file mode 100644
index 9949513c68..0000000000
--- a/src/lib/libcrypto/bf/bf_pi.h
+++ /dev/null
@@ -1,325 +0,0 @@
-/* crypto/bf/bf_pi.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-static const BF_KEY bf_init= {
- {
- 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
- 0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L,
- 0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL,
- 0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L,
- 0x9216d5d9L, 0x8979fb1b
- },{
- 0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L,
- 0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L,
- 0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L,
- 0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL,
- 0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL,
- 0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L,
- 0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL,
- 0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL,
- 0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L,
- 0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L,
- 0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL,
- 0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL,
- 0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL,
- 0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L,
- 0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L,
- 0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L,
- 0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L,
- 0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L,
- 0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL,
- 0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L,
- 0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L,
- 0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L,
- 0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L,
- 0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL,
- 0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L,
- 0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL,
- 0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL,
- 0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L,
- 0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL,
- 0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L,
- 0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL,
- 0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L,
- 0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L,
- 0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL,
- 0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L,
- 0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L,
- 0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL,
- 0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L,
- 0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL,
- 0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L,
- 0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L,
- 0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL,
- 0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L,
- 0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L,
- 0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L,
- 0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L,
- 0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L,
- 0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL,
- 0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL,
- 0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L,
- 0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L,
- 0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L,
- 0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L,
- 0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL,
- 0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L,
- 0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL,
- 0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL,
- 0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L,
- 0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L,
- 0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L,
- 0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L,
- 0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L,
- 0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L,
- 0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL,
- 0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L,
- 0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L,
- 0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L,
- 0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL,
- 0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L,
- 0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L,
- 0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL,
- 0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L,
- 0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L,
- 0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L,
- 0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL,
- 0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL,
- 0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L,
- 0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L,
- 0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L,
- 0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L,
- 0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL,
- 0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL,
- 0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL,
- 0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L,
- 0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL,
- 0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L,
- 0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L,
- 0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL,
- 0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL,
- 0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L,
- 0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL,
- 0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L,
- 0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL,
- 0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL,
- 0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L,
- 0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L,
- 0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L,
- 0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L,
- 0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L,
- 0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L,
- 0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L,
- 0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL,
- 0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L,
- 0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL,
- 0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L,
- 0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L,
- 0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L,
- 0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L,
- 0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L,
- 0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L,
- 0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L,
- 0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L,
- 0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L,
- 0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L,
- 0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L,
- 0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L,
- 0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L,
- 0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L,
- 0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L,
- 0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L,
- 0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL,
- 0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL,
- 0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L,
- 0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL,
- 0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L,
- 0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L,
- 0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L,
- 0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L,
- 0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L,
- 0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L,
- 0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL,
- 0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L,
- 0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L,
- 0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L,
- 0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL,
- 0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL,
- 0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL,
- 0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L,
- 0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L,
- 0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL,
- 0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L,
- 0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL,
- 0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L,
- 0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL,
- 0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L,
- 0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL,
- 0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L,
- 0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL,
- 0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L,
- 0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L,
- 0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL,
- 0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L,
- 0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L,
- 0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L,
- 0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L,
- 0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL,
- 0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L,
- 0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL,
- 0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L,
- 0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL,
- 0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L,
- 0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL,
- 0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL,
- 0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL,
- 0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L,
- 0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L,
- 0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL,
- 0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL,
- 0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL,
- 0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL,
- 0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL,
- 0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L,
- 0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L,
- 0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L,
- 0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L,
- 0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL,
- 0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL,
- 0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L,
- 0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L,
- 0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L,
- 0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L,
- 0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L,
- 0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L,
- 0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L,
- 0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L,
- 0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L,
- 0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L,
- 0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL,
- 0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L,
- 0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL,
- 0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L,
- 0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L,
- 0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL,
- 0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL,
- 0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL,
- 0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L,
- 0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L,
- 0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L,
- 0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L,
- 0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L,
- 0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L,
- 0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L,
- 0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L,
- 0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L,
- 0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L,
- 0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L,
- 0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L,
- 0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL,
- 0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL,
- 0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L,
- 0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL,
- 0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL,
- 0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL,
- 0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L,
- 0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL,
- 0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL,
- 0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L,
- 0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L,
- 0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L,
- 0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L,
- 0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL,
- 0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL,
- 0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L,
- 0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L,
- 0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L,
- 0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL,
- 0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L,
- 0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L,
- 0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L,
- 0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL,
- 0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L,
- 0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L,
- 0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L,
- 0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL,
- 0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL,
- 0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L,
- 0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L,
- 0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L,
- 0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L,
- 0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL,
- 0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L,
- 0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL,
- 0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL,
- 0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L,
- 0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L,
- 0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL,
- 0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L,
- 0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL,
- 0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L,
- 0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL,
- 0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L,
- 0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L,
- 0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL,
- 0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L,
- 0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL,
- 0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L,
- }
- };
-
diff --git a/src/lib/libcrypto/bf/bf_skey.c b/src/lib/libcrypto/bf/bf_skey.c
deleted file mode 100644
index 4d6a232fe0..0000000000
--- a/src/lib/libcrypto/bf/bf_skey.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/* crypto/bf/bf_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-#include "bf_pi.h"
-
-void BF_set_key(BF_KEY *key, int len, const unsigned char *data)
- {
- int i;
- BF_LONG *p,ri,in[2];
- const unsigned char *d,*end;
-
-
- memcpy((char *)key,(char *)&bf_init,sizeof(BF_KEY));
- p=key->P;
-
- if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4;
-
- d=data;
- end= &(data[len]);
- for (i=0; i<(BF_ROUNDS+2); i++)
- {
- ri= *(d++);
- if (d >= end) d=data;
-
- ri<<=8;
- ri|= *(d++);
- if (d >= end) d=data;
-
- ri<<=8;
- ri|= *(d++);
- if (d >= end) d=data;
-
- ri<<=8;
- ri|= *(d++);
- if (d >= end) d=data;
-
- p[i]^=ri;
- }
-
- in[0]=0L;
- in[1]=0L;
- for (i=0; i<(BF_ROUNDS+2); i+=2)
- {
- BF_encrypt(in,key);
- p[i ]=in[0];
- p[i+1]=in[1];
- }
-
- p=key->S;
- for (i=0; i<4*256; i+=2)
- {
- BF_encrypt(in,key);
- p[i ]=in[0];
- p[i+1]=in[1];
- }
- }
-
diff --git a/src/lib/libcrypto/bf/blowfish.h b/src/lib/libcrypto/bf/blowfish.h
deleted file mode 100644
index 78acfd63b4..0000000000
--- a/src/lib/libcrypto/bf/blowfish.h
+++ /dev/null
@@ -1,125 +0,0 @@
-/* crypto/bf/blowfish.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BLOWFISH_H
-#define HEADER_BLOWFISH_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef NO_BF
-#error BF is disabled.
-#endif
-
-#define BF_ENCRYPT 1
-#define BF_DECRYPT 0
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! BF_LONG_LOG2 has to be defined along. !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#if defined(WIN16) || defined(__LP32__)
-#define BF_LONG unsigned long
-#elif defined(_CRAY) || defined(__ILP64__)
-#define BF_LONG unsigned long
-#define BF_LONG_LOG2 3
-/*
- * _CRAY note. I could declare short, but I have no idea what impact
- * does it have on performance on none-T3E machines. I could declare
- * int, but at least on C90 sizeof(int) can be chosen at compile time.
- * So I've chosen long...
- * <appro@fy.chalmers.se>
- */
-#else
-#define BF_LONG unsigned int
-#endif
-
-#define BF_ROUNDS 16
-#define BF_BLOCK 8
-
-typedef struct bf_key_st
- {
- BF_LONG P[BF_ROUNDS+2];
- BF_LONG S[4*256];
- } BF_KEY;
-
-
-void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
-
-void BF_encrypt(BF_LONG *data,const BF_KEY *key);
-void BF_decrypt(BF_LONG *data,const BF_KEY *key);
-
-void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const BF_KEY *key, int enc);
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- const BF_KEY *schedule, unsigned char *ivec, int enc);
-void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
- const BF_KEY *schedule, unsigned char *ivec, int *num, int enc);
-void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
- const BF_KEY *schedule, unsigned char *ivec, int *num);
-const char *BF_options(void);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/bio/b_dump.c b/src/lib/libcrypto/bio/b_dump.c
deleted file mode 100644
index 8397cfab6a..0000000000
--- a/src/lib/libcrypto/bio/b_dump.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/* crypto/bio/b_dump.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * Stolen from tjh's ssl/ssl_trc.c stuff.
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#define TRUNCATE
-#define DUMP_WIDTH 16
-#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4))
-
-int BIO_dump(BIO *bio, const char *s, int len)
- {
- return BIO_dump_indent(bio, s, len, 0);
- }
-
-int BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
- {
- int ret=0;
- char buf[288+1],tmp[20],str[128+1];
- int i,j,rows,trunc;
- unsigned char ch;
- int dump_width;
-
- trunc=0;
-
-#ifdef TRUNCATE
- for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--)
- trunc++;
-#endif
-
- if (indent < 0)
- indent = 0;
- if (indent)
- {
- if (indent > 128) indent=128;
- memset(str,' ',indent);
- }
- str[indent]='\0';
-
- dump_width=DUMP_WIDTH_LESS_INDENT(indent);
- rows=(len/dump_width);
- if ((rows*dump_width)<len)
- rows++;
- for(i=0;i<rows;i++)
- {
- buf[0]='\0'; /* start with empty string */
- strcpy(buf,str);
- sprintf(tmp,"%04x - ",i*dump_width);
- strcat(buf,tmp);
- for(j=0;j<dump_width;j++)
- {
- if (((i*dump_width)+j)>=len)
- {
- strcat(buf," ");
- }
- else
- {
- ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
- sprintf(tmp,"%02x%c",ch,j==7?'-':' ');
- strcat(buf,tmp);
- }
- }
- strcat(buf," ");
- for(j=0;j<dump_width;j++)
- {
- if (((i*dump_width)+j)>=len)
- break;
- ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
-#ifndef CHARSET_EBCDIC
- sprintf(tmp,"%c",((ch>=' ')&&(ch<='~'))?ch:'.');
-#else
- sprintf(tmp,"%c",((ch>=os_toascii[' '])&&(ch<=os_toascii['~']))
- ? os_toebcdic[ch]
- : '.');
-#endif
- strcat(buf,tmp);
- }
- strcat(buf,"\n");
- /* if this is the last call then update the ddt_dump thing so that
- * we will move the selection point in the debug window
- */
- ret+=BIO_write(bio,(char *)buf,strlen(buf));
- }
-#ifdef TRUNCATE
- if (trunc > 0)
- {
- sprintf(buf,"%s%04x - <SPACES/NULS>\n",str,len+trunc);
- ret+=BIO_write(bio,(char *)buf,strlen(buf));
- }
-#endif
- return(ret);
- }
diff --git a/src/lib/libcrypto/bio/b_print.c b/src/lib/libcrypto/bio/b_print.c
deleted file mode 100644
index 91a049406e..0000000000
--- a/src/lib/libcrypto/bio/b_print.c
+++ /dev/null
@@ -1,819 +0,0 @@
-/* crypto/bio/b_print.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * Stolen from tjh's ssl/ssl_trc.c stuff.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-#include <assert.h>
-#include <limits.h>
-#include "cryptlib.h"
-#ifndef NO_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#include <openssl/bn.h> /* To get BN_LLONG properly defined */
-#include <openssl/bio.h>
-
-#ifdef BN_LLONG
-# ifndef HAVE_LONG_LONG
-# define HAVE_LONG_LONG 1
-# endif
-#endif
-
-/***************************************************************************/
-
-/*
- * Copyright Patrick Powell 1995
- * This code is based on code written by Patrick Powell <papowell@astart.com>
- * It may be used for any purpose as long as this notice remains intact
- * on all source code distributions.
- */
-
-/*
- * This code contains numerious changes and enhancements which were
- * made by lots of contributors over the last years to Patrick Powell's
- * original code:
- *
- * o Patrick Powell <papowell@astart.com> (1995)
- * o Brandon Long <blong@fiction.net> (1996, for Mutt)
- * o Thomas Roessler <roessler@guug.de> (1998, for Mutt)
- * o Michael Elkins <me@cs.hmc.edu> (1998, for Mutt)
- * o Andrew Tridgell <tridge@samba.org> (1998, for Samba)
- * o Luke Mewburn <lukem@netbsd.org> (1999, for LukemFTP)
- * o Ralf S. Engelschall <rse@engelschall.com> (1999, for Pth)
- * o ... (for OpenSSL)
- */
-
-#if HAVE_LONG_DOUBLE
-#define LDOUBLE long double
-#else
-#define LDOUBLE double
-#endif
-
-#if HAVE_LONG_LONG
-# if defined(WIN32) && !defined(__GNUC__)
-# define LLONG _int64
-# else
-# define LLONG long long
-# endif
-#else
-#define LLONG long
-#endif
-
-static void fmtstr (char **, char **, size_t *, size_t *,
- const char *, int, int, int);
-static void fmtint (char **, char **, size_t *, size_t *,
- LLONG, int, int, int, int);
-static void fmtfp (char **, char **, size_t *, size_t *,
- LDOUBLE, int, int, int);
-static void doapr_outch (char **, char **, size_t *, size_t *, int);
-static void _dopr(char **sbuffer, char **buffer,
- size_t *maxlen, size_t *retlen, int *truncated,
- const char *format, va_list args);
-
-/* format read states */
-#define DP_S_DEFAULT 0
-#define DP_S_FLAGS 1
-#define DP_S_MIN 2
-#define DP_S_DOT 3
-#define DP_S_MAX 4
-#define DP_S_MOD 5
-#define DP_S_CONV 6
-#define DP_S_DONE 7
-
-/* format flags - Bits */
-#define DP_F_MINUS (1 << 0)
-#define DP_F_PLUS (1 << 1)
-#define DP_F_SPACE (1 << 2)
-#define DP_F_NUM (1 << 3)
-#define DP_F_ZERO (1 << 4)
-#define DP_F_UP (1 << 5)
-#define DP_F_UNSIGNED (1 << 6)
-
-/* conversion flags */
-#define DP_C_SHORT 1
-#define DP_C_LONG 2
-#define DP_C_LDOUBLE 3
-#define DP_C_LLONG 4
-
-/* some handy macros */
-#define char_to_int(p) (p - '0')
-#define OSSL_MAX(p,q) ((p >= q) ? p : q)
-
-static void
-_dopr(
- char **sbuffer,
- char **buffer,
- size_t *maxlen,
- size_t *retlen,
- int *truncated,
- const char *format,
- va_list args)
-{
- char ch;
- LLONG value;
- LDOUBLE fvalue;
- char *strvalue;
- int min;
- int max;
- int state;
- int flags;
- int cflags;
- size_t currlen;
-
- state = DP_S_DEFAULT;
- flags = currlen = cflags = min = 0;
- max = -1;
- ch = *format++;
-
- while (state != DP_S_DONE) {
- if (ch == '\0' || (buffer == NULL && currlen >= *maxlen))
- state = DP_S_DONE;
-
- switch (state) {
- case DP_S_DEFAULT:
- if (ch == '%')
- state = DP_S_FLAGS;
- else
- doapr_outch(sbuffer,buffer, &currlen, maxlen, ch);
- ch = *format++;
- break;
- case DP_S_FLAGS:
- switch (ch) {
- case '-':
- flags |= DP_F_MINUS;
- ch = *format++;
- break;
- case '+':
- flags |= DP_F_PLUS;
- ch = *format++;
- break;
- case ' ':
- flags |= DP_F_SPACE;
- ch = *format++;
- break;
- case '#':
- flags |= DP_F_NUM;
- ch = *format++;
- break;
- case '0':
- flags |= DP_F_ZERO;
- ch = *format++;
- break;
- default:
- state = DP_S_MIN;
- break;
- }
- break;
- case DP_S_MIN:
- if (isdigit((unsigned char)ch)) {
- min = 10 * min + char_to_int(ch);
- ch = *format++;
- } else if (ch == '*') {
- min = va_arg(args, int);
- ch = *format++;
- state = DP_S_DOT;
- } else
- state = DP_S_DOT;
- break;
- case DP_S_DOT:
- if (ch == '.') {
- state = DP_S_MAX;
- ch = *format++;
- } else
- state = DP_S_MOD;
- break;
- case DP_S_MAX:
- if (isdigit((unsigned char)ch)) {
- if (max < 0)
- max = 0;
- max = 10 * max + char_to_int(ch);
- ch = *format++;
- } else if (ch == '*') {
- max = va_arg(args, int);
- ch = *format++;
- state = DP_S_MOD;
- } else
- state = DP_S_MOD;
- break;
- case DP_S_MOD:
- switch (ch) {
- case 'h':
- cflags = DP_C_SHORT;
- ch = *format++;
- break;
- case 'l':
- if (*format == 'l') {
- cflags = DP_C_LLONG;
- format++;
- } else
- cflags = DP_C_LONG;
- ch = *format++;
- break;
- case 'q':
- cflags = DP_C_LLONG;
- ch = *format++;
- break;
- case 'L':
- cflags = DP_C_LDOUBLE;
- ch = *format++;
- break;
- default:
- break;
- }
- state = DP_S_CONV;
- break;
- case DP_S_CONV:
- switch (ch) {
- case 'd':
- case 'i':
- switch (cflags) {
- case DP_C_SHORT:
- value = (short int)va_arg(args, int);
- break;
- case DP_C_LONG:
- value = va_arg(args, long int);
- break;
- case DP_C_LLONG:
- value = va_arg(args, LLONG);
- break;
- default:
- value = va_arg(args, int);
- break;
- }
- fmtint(sbuffer, buffer, &currlen, maxlen,
- value, 10, min, max, flags);
- break;
- case 'X':
- flags |= DP_F_UP;
- /* FALLTHROUGH */
- case 'x':
- case 'o':
- case 'u':
- flags |= DP_F_UNSIGNED;
- switch (cflags) {
- case DP_C_SHORT:
- value = (unsigned short int)va_arg(args, unsigned int);
- break;
- case DP_C_LONG:
- value = (LLONG) va_arg(args,
- unsigned long int);
- break;
- case DP_C_LLONG:
- value = va_arg(args, unsigned LLONG);
- break;
- default:
- value = (LLONG) va_arg(args,
- unsigned int);
- break;
- }
- fmtint(sbuffer, buffer, &currlen, maxlen, value,
- ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
- min, max, flags);
- break;
- case 'f':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg(args, LDOUBLE);
- else
- fvalue = va_arg(args, double);
- fmtfp(sbuffer, buffer, &currlen, maxlen,
- fvalue, min, max, flags);
- break;
- case 'E':
- flags |= DP_F_UP;
- case 'e':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg(args, LDOUBLE);
- else
- fvalue = va_arg(args, double);
- break;
- case 'G':
- flags |= DP_F_UP;
- case 'g':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg(args, LDOUBLE);
- else
- fvalue = va_arg(args, double);
- break;
- case 'c':
- doapr_outch(sbuffer, buffer, &currlen, maxlen,
- va_arg(args, int));
- break;
- case 's':
- strvalue = va_arg(args, char *);
- if (max < 0) {
- if (buffer)
- max = INT_MAX;
- else
- max = *maxlen;
- }
- fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
- flags, min, max);
- break;
- case 'p':
- value = (long)va_arg(args, void *);
- fmtint(sbuffer, buffer, &currlen, maxlen,
- value, 16, min, max, flags);
- break;
- case 'n': /* XXX */
- if (cflags == DP_C_SHORT) {
- short int *num;
- num = va_arg(args, short int *);
- *num = currlen;
- } else if (cflags == DP_C_LONG) { /* XXX */
- long int *num;
- num = va_arg(args, long int *);
- *num = (long int) currlen;
- } else if (cflags == DP_C_LLONG) { /* XXX */
- LLONG *num;
- num = va_arg(args, LLONG *);
- *num = (LLONG) currlen;
- } else {
- int *num;
- num = va_arg(args, int *);
- *num = currlen;
- }
- break;
- case '%':
- doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
- break;
- case 'w':
- /* not supported yet, treat as next char */
- ch = *format++;
- break;
- default:
- /* unknown, skip */
- break;
- }
- ch = *format++;
- state = DP_S_DEFAULT;
- flags = cflags = min = 0;
- max = -1;
- break;
- case DP_S_DONE:
- break;
- default:
- break;
- }
- }
- *truncated = (currlen > *maxlen - 1);
- if (*truncated)
- currlen = *maxlen - 1;
- doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0');
- *retlen = currlen - 1;
- return;
-}
-
-static void
-fmtstr(
- char **sbuffer,
- char **buffer,
- size_t *currlen,
- size_t *maxlen,
- const char *value,
- int flags,
- int min,
- int max)
-{
- int padlen, strln;
- int cnt = 0;
-
- if (value == 0)
- value = "<NULL>";
- for (strln = 0; value[strln]; ++strln)
- ;
- padlen = min - strln;
- if (padlen < 0)
- padlen = 0;
- if (flags & DP_F_MINUS)
- padlen = -padlen;
-
- while ((padlen > 0) && (cnt < max)) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- --padlen;
- ++cnt;
- }
- while (*value && (cnt < max)) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, *value++);
- ++cnt;
- }
- while ((padlen < 0) && (cnt < max)) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- ++padlen;
- ++cnt;
- }
-}
-
-static void
-fmtint(
- char **sbuffer,
- char **buffer,
- size_t *currlen,
- size_t *maxlen,
- LLONG value,
- int base,
- int min,
- int max,
- int flags)
-{
- int signvalue = 0;
- unsigned LLONG uvalue;
- char convert[20];
- int place = 0;
- int spadlen = 0;
- int zpadlen = 0;
- int caps = 0;
-
- if (max < 0)
- max = 0;
- uvalue = value;
- if (!(flags & DP_F_UNSIGNED)) {
- if (value < 0) {
- signvalue = '-';
- uvalue = -value;
- } else if (flags & DP_F_PLUS)
- signvalue = '+';
- else if (flags & DP_F_SPACE)
- signvalue = ' ';
- }
- if (flags & DP_F_UP)
- caps = 1;
- do {
- convert[place++] =
- (caps ? "0123456789ABCDEF" : "0123456789abcdef")
- [uvalue % (unsigned) base];
- uvalue = (uvalue / (unsigned) base);
- } while (uvalue && (place < 20));
- if (place == 20)
- place--;
- convert[place] = 0;
-
- zpadlen = max - place;
- spadlen = min - OSSL_MAX(max, place) - (signvalue ? 1 : 0);
- if (zpadlen < 0)
- zpadlen = 0;
- if (spadlen < 0)
- spadlen = 0;
- if (flags & DP_F_ZERO) {
- zpadlen = OSSL_MAX(zpadlen, spadlen);
- spadlen = 0;
- }
- if (flags & DP_F_MINUS)
- spadlen = -spadlen;
-
- /* spaces */
- while (spadlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- --spadlen;
- }
-
- /* sign */
- if (signvalue)
- doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
-
- /* zeros */
- if (zpadlen > 0) {
- while (zpadlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
- --zpadlen;
- }
- }
- /* digits */
- while (place > 0)
- doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]);
-
- /* left justified spaces */
- while (spadlen < 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- ++spadlen;
- }
- return;
-}
-
-static LDOUBLE
-abs_val(LDOUBLE value)
-{
- LDOUBLE result = value;
- if (value < 0)
- result = -value;
- return result;
-}
-
-static LDOUBLE
-pow10(int exp)
-{
- LDOUBLE result = 1;
- while (exp) {
- result *= 10;
- exp--;
- }
- return result;
-}
-
-static long
-round(LDOUBLE value)
-{
- long intpart;
- intpart = (long) value;
- value = value - intpart;
- if (value >= 0.5)
- intpart++;
- return intpart;
-}
-
-static void
-fmtfp(
- char **sbuffer,
- char **buffer,
- size_t *currlen,
- size_t *maxlen,
- LDOUBLE fvalue,
- int min,
- int max,
- int flags)
-{
- int signvalue = 0;
- LDOUBLE ufvalue;
- char iconvert[20];
- char fconvert[20];
- int iplace = 0;
- int fplace = 0;
- int padlen = 0;
- int zpadlen = 0;
- int caps = 0;
- long intpart;
- long fracpart;
-
- if (max < 0)
- max = 6;
- ufvalue = abs_val(fvalue);
- if (fvalue < 0)
- signvalue = '-';
- else if (flags & DP_F_PLUS)
- signvalue = '+';
- else if (flags & DP_F_SPACE)
- signvalue = ' ';
-
- intpart = (long)ufvalue;
-
- /* sorry, we only support 9 digits past the decimal because of our
- conversion method */
- if (max > 9)
- max = 9;
-
- /* we "cheat" by converting the fractional part to integer by
- multiplying by a factor of 10 */
- fracpart = round((pow10(max)) * (ufvalue - intpart));
-
- if (fracpart >= pow10(max)) {
- intpart++;
- fracpart -= (long)pow10(max);
- }
-
- /* convert integer part */
- do {
- iconvert[iplace++] =
- (caps ? "0123456789ABCDEF"
- : "0123456789abcdef")[intpart % 10];
- intpart = (intpart / 10);
- } while (intpart && (iplace < 20));
- if (iplace == 20)
- iplace--;
- iconvert[iplace] = 0;
-
- /* convert fractional part */
- do {
- fconvert[fplace++] =
- (caps ? "0123456789ABCDEF"
- : "0123456789abcdef")[fracpart % 10];
- fracpart = (fracpart / 10);
- } while (fplace < max);
- if (fplace == 20)
- fplace--;
- fconvert[fplace] = 0;
-
- /* -1 for decimal point, another -1 if we are printing a sign */
- padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0);
- zpadlen = max - fplace;
- if (zpadlen < 0)
- zpadlen = 0;
- if (padlen < 0)
- padlen = 0;
- if (flags & DP_F_MINUS)
- padlen = -padlen;
-
- if ((flags & DP_F_ZERO) && (padlen > 0)) {
- if (signvalue) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
- --padlen;
- signvalue = 0;
- }
- while (padlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
- --padlen;
- }
- }
- while (padlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- --padlen;
- }
- if (signvalue)
- doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
-
- while (iplace > 0)
- doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]);
-
- /*
- * Decimal point. This should probably use locale to find the correct
- * char to print out.
- */
- if (max > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, '.');
-
- while (fplace > 0)
- doapr_outch(sbuffer, buffer, currlen, maxlen, fconvert[--fplace]);
- }
- while (zpadlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
- --zpadlen;
- }
-
- while (padlen < 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- ++padlen;
- }
-}
-
-static void
-doapr_outch(
- char **sbuffer,
- char **buffer,
- size_t *currlen,
- size_t *maxlen,
- int c)
-{
- /* If we haven't at least one buffer, someone has doe a big booboo */
- assert(*sbuffer != NULL || buffer != NULL);
-
- if (buffer) {
- while (*currlen >= *maxlen) {
- if (*buffer == NULL) {
- assert(*sbuffer != NULL);
- if (*maxlen == 0)
- *maxlen = 1024;
- *buffer = OPENSSL_malloc(*maxlen);
- if (*currlen > 0)
- memcpy(*buffer, *sbuffer, *currlen);
- *sbuffer = NULL;
- } else {
- *maxlen += 1024;
- *buffer = OPENSSL_realloc(*buffer, *maxlen);
- }
- }
- /* What to do if *buffer is NULL? */
- assert(*sbuffer != NULL || *buffer != NULL);
- }
-
- if (*currlen < *maxlen) {
- if (*sbuffer)
- (*sbuffer)[(*currlen)++] = (char)c;
- else
- (*buffer)[(*currlen)++] = (char)c;
- }
-
- return;
-}
-
-/***************************************************************************/
-
-int BIO_printf (BIO *bio, const char *format, ...)
- {
- va_list args;
- int ret;
-
- va_start(args, format);
-
- ret = BIO_vprintf(bio, format, args);
-
- va_end(args);
- return(ret);
- }
-
-int BIO_vprintf (BIO *bio, const char *format, va_list args)
- {
- int ret;
- size_t retlen;
- MS_STATIC char hugebuf[1024*10];
- char *hugebufp = hugebuf;
- size_t hugebufsize = sizeof(hugebuf);
- char *dynbuf = NULL;
- int ignored;
-
- dynbuf = NULL;
- CRYPTO_push_info("doapr()");
- _dopr(&hugebufp, &dynbuf, &hugebufsize,
- &retlen, &ignored, format, args);
- if (dynbuf)
- {
- ret=BIO_write(bio, dynbuf, (int)retlen);
- OPENSSL_free(dynbuf);
- }
- else
- {
- ret=BIO_write(bio, hugebuf, (int)retlen);
- }
- CRYPTO_pop_info();
- return(ret);
- }
-
-/* As snprintf is not available everywhere, we provide our own implementation.
- * This function has nothing to do with BIOs, but it's closely related
- * to BIO_printf, and we need *some* name prefix ...
- * (XXX the function should be renamed, but to what?) */
-int BIO_snprintf(char *buf, size_t n, const char *format, ...)
- {
- va_list args;
- int ret;
-
- va_start(args, format);
-
- ret = BIO_vsnprintf(buf, n, format, args);
-
- va_end(args);
- return(ret);
- }
-
-int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
- {
- size_t retlen;
- int truncated;
-
- _dopr(&buf, NULL, &n, &retlen, &truncated, format, args);
-
- if (truncated)
- /* In case of truncation, return -1 like traditional snprintf.
- * (Current drafts for ISO/IEC 9899 say snprintf should return
- * the number of characters that would have been written,
- * had the buffer been large enough.) */
- return -1;
- else
- return (retlen <= INT_MAX) ? retlen : -1;
- }
diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c
deleted file mode 100644
index 62cc3f1a0c..0000000000
--- a/src/lib/libcrypto/bio/b_sock.c
+++ /dev/null
@@ -1,722 +0,0 @@
-/* crypto/bio/b_sock.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_SOCK
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#ifdef WIN16
-#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
-#else
-#define SOCKET_PROTOCOL IPPROTO_TCP
-#endif
-
-#ifdef SO_MAXCONN
-#define MAX_LISTEN SOMAXCONN
-#elif defined(SO_MAXCONN)
-#define MAX_LISTEN SO_MAXCONN
-#else
-#define MAX_LISTEN 32
-#endif
-
-#ifdef WINDOWS
-static int wsa_init_done=0;
-#endif
-
-static unsigned long BIO_ghbn_hits=0L;
-static unsigned long BIO_ghbn_miss=0L;
-
-#define GHBN_NUM 4
-static struct ghbn_cache_st
- {
- char name[129];
- struct hostent *ent;
- unsigned long order;
- } ghbn_cache[GHBN_NUM];
-
-static int get_ip(const char *str,unsigned char *ip);
-static void ghbn_free(struct hostent *a);
-static struct hostent *ghbn_dup(struct hostent *a);
-int BIO_get_host_ip(const char *str, unsigned char *ip)
- {
- int i;
- int err = 1;
- int locked = 0;
- struct hostent *he;
-
- i=get_ip(str,ip);
- if (i < 0)
- {
- BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_INVALID_IP_ADDRESS);
- goto err;
- }
-
- /* At this point, we have something that is most probably correct
- in some way, so let's init the socket. */
- if (BIO_sock_init() != 1)
- return 0; /* don't generate another error code here */
-
- /* If the string actually contained an IP address, we need not do
- anything more */
- if (i > 0) return(1);
-
- /* do a gethostbyname */
- CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
- locked = 1;
- he=BIO_gethostbyname(str);
- if (he == NULL)
- {
- BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_BAD_HOSTNAME_LOOKUP);
- goto err;
- }
-
- /* cast to short because of win16 winsock definition */
- if ((short)he->h_addrtype != AF_INET)
- {
- BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
- goto err;
- }
- for (i=0; i<4; i++)
- ip[i]=he->h_addr_list[0][i];
- err = 0;
-
- err:
- if (locked)
- CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
- if (err)
- {
- ERR_add_error_data(2,"host=",str);
- return 0;
- }
- else
- return 1;
- }
-
-int BIO_get_port(const char *str, unsigned short *port_ptr)
- {
- int i;
- struct servent *s;
-
- if (str == NULL)
- {
- BIOerr(BIO_F_BIO_GET_PORT,BIO_R_NO_PORT_DEFINED);
- return(0);
- }
- i=atoi(str);
- if (i != 0)
- *port_ptr=(unsigned short)i;
- else
- {
- CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME);
- /* Note: under VMS with SOCKETSHR, it seems like the first
- * parameter is 'char *', instead of 'const char *'
- */
- s=getservbyname(
-#ifndef CONST_STRICT
- (char *)
-#endif
- str,"tcp");
- if(s != NULL)
- *port_ptr=ntohs((unsigned short)s->s_port);
- CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME);
- if(s == NULL)
- {
- if (strcmp(str,"http") == 0)
- *port_ptr=80;
- else if (strcmp(str,"telnet") == 0)
- *port_ptr=23;
- else if (strcmp(str,"socks") == 0)
- *port_ptr=1080;
- else if (strcmp(str,"https") == 0)
- *port_ptr=443;
- else if (strcmp(str,"ssl") == 0)
- *port_ptr=443;
- else if (strcmp(str,"ftp") == 0)
- *port_ptr=21;
- else if (strcmp(str,"gopher") == 0)
- *port_ptr=70;
-#if 0
- else if (strcmp(str,"wais") == 0)
- *port_ptr=21;
-#endif
- else
- {
- SYSerr(SYS_F_GETSERVBYNAME,get_last_socket_error());
- ERR_add_error_data(3,"service='",str,"'");
- return(0);
- }
- }
- }
- return(1);
- }
-
-int BIO_sock_error(int sock)
- {
- int j,i;
- int size;
-
- size=sizeof(int);
- /* Note: under Windows the third parameter is of type (char *)
- * whereas under other systems it is (void *) if you don't have
- * a cast it will choke the compiler: if you do have a cast then
- * you can either go for (char *) or (void *).
- */
- i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(void *)&j,(void *)&size);
- if (i < 0)
- return(1);
- else
- return(j);
- }
-
-long BIO_ghbn_ctrl(int cmd, int iarg, char *parg)
- {
- int i;
- char **p;
-
- switch (cmd)
- {
- case BIO_GHBN_CTRL_HITS:
- return(BIO_ghbn_hits);
- /* break; */
- case BIO_GHBN_CTRL_MISSES:
- return(BIO_ghbn_miss);
- /* break; */
- case BIO_GHBN_CTRL_CACHE_SIZE:
- return(GHBN_NUM);
- /* break; */
- case BIO_GHBN_CTRL_GET_ENTRY:
- if ((iarg >= 0) && (iarg <GHBN_NUM) &&
- (ghbn_cache[iarg].order > 0))
- {
- p=(char **)parg;
- if (p == NULL) return(0);
- *p=ghbn_cache[iarg].name;
- ghbn_cache[iarg].name[128]='\0';
- return(1);
- }
- return(0);
- /* break; */
- case BIO_GHBN_CTRL_FLUSH:
- for (i=0; i<GHBN_NUM; i++)
- ghbn_cache[i].order=0;
- break;
- default:
- return(0);
- }
- return(1);
- }
-
-static struct hostent *ghbn_dup(struct hostent *a)
- {
- struct hostent *ret;
- int i,j;
-
- MemCheck_off();
- ret=(struct hostent *)OPENSSL_malloc(sizeof(struct hostent));
- if (ret == NULL) return(NULL);
- memset(ret,0,sizeof(struct hostent));
-
- for (i=0; a->h_aliases[i] != NULL; i++)
- ;
- i++;
- ret->h_aliases = (char **)OPENSSL_malloc(i*sizeof(char *));
- if (ret->h_aliases == NULL)
- goto err;
- memset(ret->h_aliases, 0, i*sizeof(char *));
-
- for (i=0; a->h_addr_list[i] != NULL; i++)
- ;
- i++;
- ret->h_addr_list=(char **)OPENSSL_malloc(i*sizeof(char *));
- if (ret->h_addr_list == NULL)
- goto err;
- memset(ret->h_addr_list, 0, i*sizeof(char *));
-
- j=strlen(a->h_name)+1;
- if ((ret->h_name=OPENSSL_malloc(j)) == NULL) goto err;
- memcpy((char *)ret->h_name,a->h_name,j);
- for (i=0; a->h_aliases[i] != NULL; i++)
- {
- j=strlen(a->h_aliases[i])+1;
- if ((ret->h_aliases[i]=OPENSSL_malloc(j)) == NULL) goto err;
- memcpy(ret->h_aliases[i],a->h_aliases[i],j);
- }
- ret->h_length=a->h_length;
- ret->h_addrtype=a->h_addrtype;
- for (i=0; a->h_addr_list[i] != NULL; i++)
- {
- if ((ret->h_addr_list[i]=OPENSSL_malloc(a->h_length)) == NULL)
- goto err;
- memcpy(ret->h_addr_list[i],a->h_addr_list[i],a->h_length);
- }
- if (0)
- {
-err:
- if (ret != NULL)
- ghbn_free(ret);
- ret=NULL;
- }
- MemCheck_on();
- return(ret);
- }
-
-static void ghbn_free(struct hostent *a)
- {
- int i;
-
- if(a == NULL)
- return;
-
- if (a->h_aliases != NULL)
- {
- for (i=0; a->h_aliases[i] != NULL; i++)
- OPENSSL_free(a->h_aliases[i]);
- OPENSSL_free(a->h_aliases);
- }
- if (a->h_addr_list != NULL)
- {
- for (i=0; a->h_addr_list[i] != NULL; i++)
- OPENSSL_free(a->h_addr_list[i]);
- OPENSSL_free(a->h_addr_list);
- }
- if (a->h_name != NULL) OPENSSL_free(a->h_name);
- OPENSSL_free(a);
- }
-
-struct hostent *BIO_gethostbyname(const char *name)
- {
- struct hostent *ret;
- int i,lowi=0,j;
- unsigned long low= (unsigned long)-1;
-
-/* return(gethostbyname(name)); */
-
-#if 0 /* It doesn't make sense to use locking here: The function interface
- * is not thread-safe, because threads can never be sure when
- * some other thread destroys the data they were given a pointer to.
- */
- CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
-#endif
- j=strlen(name);
- if (j < 128)
- {
- for (i=0; i<GHBN_NUM; i++)
- {
- if (low > ghbn_cache[i].order)
- {
- low=ghbn_cache[i].order;
- lowi=i;
- }
- if (ghbn_cache[i].order > 0)
- {
- if (strncmp(name,ghbn_cache[i].name,128) == 0)
- break;
- }
- }
- }
- else
- i=GHBN_NUM;
-
- if (i == GHBN_NUM) /* no hit*/
- {
- BIO_ghbn_miss++;
- /* Note: under VMS with SOCKETSHR, it seems like the first
- * parameter is 'char *', instead of 'const char *'
- */
- ret=gethostbyname(
-#ifndef CONST_STRICT
- (char *)
-#endif
- name);
-
- if (ret == NULL)
- goto end;
- if (j > 128) /* too big to cache */
- {
-#if 0 /* If we were trying to make this function thread-safe (which
- * is bound to fail), we'd have to give up in this case
- * (or allocate more memory). */
- ret = NULL;
-#endif
- goto end;
- }
-
- /* else add to cache */
- if (ghbn_cache[lowi].ent != NULL)
- ghbn_free(ghbn_cache[lowi].ent); /* XXX not thread-safe */
- ghbn_cache[lowi].name[0] = '\0';
-
- if((ret=ghbn_cache[lowi].ent=ghbn_dup(ret)) == NULL)
- {
- BIOerr(BIO_F_BIO_GETHOSTBYNAME,ERR_R_MALLOC_FAILURE);
- goto end;
- }
- strncpy(ghbn_cache[lowi].name,name,128);
- ghbn_cache[lowi].order=BIO_ghbn_miss+BIO_ghbn_hits;
- }
- else
- {
- BIO_ghbn_hits++;
- ret= ghbn_cache[i].ent;
- ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits;
- }
-end:
-#if 0
- CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
-#endif
- return(ret);
- }
-
-int BIO_sock_init(void)
- {
-#ifdef WINDOWS
- static struct WSAData wsa_state;
-
- if (!wsa_init_done)
- {
- int err;
-
-#ifdef SIGINT
- signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
-#endif
- wsa_init_done=1;
- memset(&wsa_state,0,sizeof(wsa_state));
- if (WSAStartup(0x0101,&wsa_state)!=0)
- {
- err=WSAGetLastError();
- SYSerr(SYS_F_WSASTARTUP,err);
- BIOerr(BIO_F_BIO_SOCK_INIT,BIO_R_WSASTARTUP);
- return(-1);
- }
- }
-#endif /* WINDOWS */
- return(1);
- }
-
-void BIO_sock_cleanup(void)
- {
-#ifdef WINDOWS
- if (wsa_init_done)
- {
- wsa_init_done=0;
- WSACancelBlockingCall();
- WSACleanup();
- }
-#endif
- }
-
-#if !defined(VMS) || __VMS_VER >= 70000000
-
-int BIO_socket_ioctl(int fd, long type, unsigned long *arg)
- {
- int i;
-
- i=ioctlsocket(fd,type,arg);
- if (i < 0)
- SYSerr(SYS_F_IOCTLSOCKET,get_last_socket_error());
- return(i);
- }
-#endif /* __VMS_VER */
-
-/* The reason I have implemented this instead of using sscanf is because
- * Visual C 1.52c gives an unresolved external when linking a DLL :-( */
-static int get_ip(const char *str, unsigned char ip[4])
- {
- unsigned int tmp[4];
- int num=0,c,ok=0;
-
- tmp[0]=tmp[1]=tmp[2]=tmp[3]=0;
-
- for (;;)
- {
- c= *(str++);
- if ((c >= '0') && (c <= '9'))
- {
- ok=1;
- tmp[num]=tmp[num]*10+c-'0';
- if (tmp[num] > 255) return(-1);
- }
- else if (c == '.')
- {
- if (!ok) return(-1);
- if (num == 3) break;
- num++;
- ok=0;
- }
- else if ((num == 3) && ok)
- break;
- else
- return(0);
- }
- ip[0]=tmp[0];
- ip[1]=tmp[1];
- ip[2]=tmp[2];
- ip[3]=tmp[3];
- return(1);
- }
-
-int BIO_get_accept_socket(char *host, int bind_mode)
- {
- int ret=0;
- struct sockaddr_in server,client;
- int s=INVALID_SOCKET,cs;
- unsigned char ip[4];
- unsigned short port;
- char *str=NULL,*e;
- const char *h,*p;
- unsigned long l;
- int err_num;
-
- if (BIO_sock_init() != 1) return(INVALID_SOCKET);
-
- if ((str=BUF_strdup(host)) == NULL) return(INVALID_SOCKET);
-
- h=p=NULL;
- h=str;
- for (e=str; *e; e++)
- {
- if (*e == ':')
- {
- p= &(e[1]);
- *e='\0';
- }
- else if (*e == '/')
- {
- *e='\0';
- break;
- }
- }
-
- if (p == NULL)
- {
- p=h;
- h="*";
- }
-
- if (!BIO_get_port(p,&port)) goto err;
-
- memset((char *)&server,0,sizeof(server));
- server.sin_family=AF_INET;
- server.sin_port=htons(port);
-
- if (strcmp(h,"*") == 0)
- server.sin_addr.s_addr=INADDR_ANY;
- else
- {
- if (!BIO_get_host_ip(h,&(ip[0]))) goto err;
- l=(unsigned long)
- ((unsigned long)ip[0]<<24L)|
- ((unsigned long)ip[1]<<16L)|
- ((unsigned long)ip[2]<< 8L)|
- ((unsigned long)ip[3]);
- server.sin_addr.s_addr=htonl(l);
- }
-
-again:
- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
- if (s == INVALID_SOCKET)
- {
- SYSerr(SYS_F_SOCKET,get_last_socket_error());
- ERR_add_error_data(3,"port='",host,"'");
- BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_CREATE_SOCKET);
- goto err;
- }
-
-#ifdef SO_REUSEADDR
- if (bind_mode == BIO_BIND_REUSEADDR)
- {
- int i=1;
-
- ret=setsockopt(s,SOL_SOCKET,SO_REUSEADDR,(char *)&i,sizeof(i));
- bind_mode=BIO_BIND_NORMAL;
- }
-#endif
- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
- {
-#ifdef SO_REUSEADDR
- err_num=get_last_socket_error();
- if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) &&
- (err_num == EADDRINUSE))
- {
- memcpy((char *)&client,(char *)&server,sizeof(server));
- if (strcmp(h,"*") == 0)
- client.sin_addr.s_addr=htonl(0x7F000001);
- cs=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
- if (cs != INVALID_SOCKET)
- {
- int ii;
- ii=connect(cs,(struct sockaddr *)&client,
- sizeof(client));
- closesocket(cs);
- if (ii == INVALID_SOCKET)
- {
- bind_mode=BIO_BIND_REUSEADDR;
- closesocket(s);
- goto again;
- }
- /* else error */
- }
- /* else error */
- }
-#endif
- SYSerr(SYS_F_BIND,err_num);
- ERR_add_error_data(3,"port='",host,"'");
- BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET);
- goto err;
- }
- if (listen(s,MAX_LISTEN) == -1)
- {
- SYSerr(SYS_F_BIND,get_last_socket_error());
- ERR_add_error_data(3,"port='",host,"'");
- BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_LISTEN_SOCKET);
- goto err;
- }
- ret=1;
-err:
- if (str != NULL) OPENSSL_free(str);
- if ((ret == 0) && (s != INVALID_SOCKET))
- {
- closesocket(s);
- s= INVALID_SOCKET;
- }
- return(s);
- }
-
-int BIO_accept(int sock, char **addr)
- {
- int ret=INVALID_SOCKET;
- static struct sockaddr_in from;
- unsigned long l;
- unsigned short port;
- int len;
- char *p;
-
- memset((char *)&from,0,sizeof(from));
- len=sizeof(from);
- /* Note: under VMS with SOCKETSHR the fourth parameter is currently
- * of type (int *) whereas under other systems it is (void *) if
- * you don't have a cast it will choke the compiler: if you do
- * have a cast then you can either go for (int *) or (void *).
- */
- ret=accept(sock,(struct sockaddr *)&from,(void *)&len);
- if (ret == INVALID_SOCKET)
- {
- SYSerr(SYS_F_ACCEPT,get_last_socket_error());
- BIOerr(BIO_F_BIO_ACCEPT,BIO_R_ACCEPT_ERROR);
- goto end;
- }
-
- if (addr == NULL) goto end;
-
- l=ntohl(from.sin_addr.s_addr);
- port=ntohs(from.sin_port);
- if (*addr == NULL)
- {
- if ((p=OPENSSL_malloc(24)) == NULL)
- {
- BIOerr(BIO_F_BIO_ACCEPT,ERR_R_MALLOC_FAILURE);
- goto end;
- }
- *addr=p;
- }
- sprintf(*addr,"%d.%d.%d.%d:%d",
- (unsigned char)(l>>24L)&0xff,
- (unsigned char)(l>>16L)&0xff,
- (unsigned char)(l>> 8L)&0xff,
- (unsigned char)(l )&0xff,
- port);
-end:
- return(ret);
- }
-
-int BIO_set_tcp_ndelay(int s, int on)
- {
- int ret=0;
-#if defined(TCP_NODELAY) && (defined(IPPROTO_TCP) || defined(SOL_TCP))
- int opt;
-
-#ifdef SOL_TCP
- opt=SOL_TCP;
-#else
-#ifdef IPPROTO_TCP
- opt=IPPROTO_TCP;
-#endif
-#endif
-
- ret=setsockopt(s,opt,TCP_NODELAY,(char *)&on,sizeof(on));
-#endif
- return(ret == 0);
- }
-#endif
-
-int BIO_socket_nbio(int s, int mode)
- {
- int ret= -1;
- unsigned long l;
-
- l=mode;
-#ifdef FIONBIO
- ret=BIO_socket_ioctl(s,FIONBIO,&l);
-#endif
- return(ret == 0);
- }
diff --git a/src/lib/libcrypto/bio/bf_buff.c b/src/lib/libcrypto/bio/bf_buff.c
deleted file mode 100644
index c90238bae1..0000000000
--- a/src/lib/libcrypto/bio/bf_buff.c
+++ /dev/null
@@ -1,511 +0,0 @@
-/* crypto/bio/bf_buff.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-
-static int buffer_write(BIO *h, const char *buf,int num);
-static int buffer_read(BIO *h, char *buf, int size);
-static int buffer_puts(BIO *h, const char *str);
-static int buffer_gets(BIO *h, char *str, int size);
-static long buffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int buffer_new(BIO *h);
-static int buffer_free(BIO *data);
-static long buffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-#define DEFAULT_BUFFER_SIZE 4096
-
-static BIO_METHOD methods_buffer=
- {
- BIO_TYPE_BUFFER,
- "buffer",
- buffer_write,
- buffer_read,
- buffer_puts,
- buffer_gets,
- buffer_ctrl,
- buffer_new,
- buffer_free,
- buffer_callback_ctrl,
- };
-
-BIO_METHOD *BIO_f_buffer(void)
- {
- return(&methods_buffer);
- }
-
-static int buffer_new(BIO *bi)
- {
- BIO_F_BUFFER_CTX *ctx;
-
- ctx=(BIO_F_BUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_F_BUFFER_CTX));
- if (ctx == NULL) return(0);
- ctx->ibuf=(char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
- if (ctx->ibuf == NULL) { OPENSSL_free(ctx); return(0); }
- ctx->obuf=(char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
- if (ctx->obuf == NULL) { OPENSSL_free(ctx->ibuf); OPENSSL_free(ctx); return(0); }
- ctx->ibuf_size=DEFAULT_BUFFER_SIZE;
- ctx->obuf_size=DEFAULT_BUFFER_SIZE;
- ctx->ibuf_len=0;
- ctx->ibuf_off=0;
- ctx->obuf_len=0;
- ctx->obuf_off=0;
-
- bi->init=1;
- bi->ptr=(char *)ctx;
- bi->flags=0;
- return(1);
- }
-
-static int buffer_free(BIO *a)
- {
- BIO_F_BUFFER_CTX *b;
-
- if (a == NULL) return(0);
- b=(BIO_F_BUFFER_CTX *)a->ptr;
- if (b->ibuf != NULL) OPENSSL_free(b->ibuf);
- if (b->obuf != NULL) OPENSSL_free(b->obuf);
- OPENSSL_free(a->ptr);
- a->ptr=NULL;
- a->init=0;
- a->flags=0;
- return(1);
- }
-
-static int buffer_read(BIO *b, char *out, int outl)
- {
- int i,num=0;
- BIO_F_BUFFER_CTX *ctx;
-
- if (out == NULL) return(0);
- ctx=(BIO_F_BUFFER_CTX *)b->ptr;
-
- if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
- num=0;
- BIO_clear_retry_flags(b);
-
-start:
- i=ctx->ibuf_len;
- /* If there is stuff left over, grab it */
- if (i != 0)
- {
- if (i > outl) i=outl;
- memcpy(out,&(ctx->ibuf[ctx->ibuf_off]),i);
- ctx->ibuf_off+=i;
- ctx->ibuf_len-=i;
- num+=i;
- if (outl == i) return(num);
- outl-=i;
- out+=i;
- }
-
- /* We may have done a partial read. try to do more.
- * We have nothing in the buffer.
- * If we get an error and have read some data, just return it
- * and let them retry to get the error again.
- * copy direct to parent address space */
- if (outl > ctx->ibuf_size)
- {
- for (;;)
- {
- i=BIO_read(b->next_bio,out,outl);
- if (i <= 0)
- {
- BIO_copy_next_retry(b);
- if (i < 0) return((num > 0)?num:i);
- if (i == 0) return(num);
- }
- num+=i;
- if (outl == i) return(num);
- out+=i;
- outl-=i;
- }
- }
- /* else */
-
- /* we are going to be doing some buffering */
- i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size);
- if (i <= 0)
- {
- BIO_copy_next_retry(b);
- if (i < 0) return((num > 0)?num:i);
- if (i == 0) return(num);
- }
- ctx->ibuf_off=0;
- ctx->ibuf_len=i;
-
- /* Lets re-read using ourselves :-) */
- goto start;
- }
-
-static int buffer_write(BIO *b, const char *in, int inl)
- {
- int i,num=0;
- BIO_F_BUFFER_CTX *ctx;
-
- if ((in == NULL) || (inl <= 0)) return(0);
- ctx=(BIO_F_BUFFER_CTX *)b->ptr;
- if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-
- BIO_clear_retry_flags(b);
-start:
- i=ctx->obuf_size-(ctx->obuf_len+ctx->obuf_off);
- /* add to buffer and return */
- if (i >= inl)
- {
- memcpy(&(ctx->obuf[ctx->obuf_len]),in,inl);
- ctx->obuf_len+=inl;
- return(num+inl);
- }
- /* else */
- /* stuff already in buffer, so add to it first, then flush */
- if (ctx->obuf_len != 0)
- {
- if (i > 0) /* lets fill it up if we can */
- {
- memcpy(&(ctx->obuf[ctx->obuf_len]),in,i);
- in+=i;
- inl-=i;
- num+=i;
- ctx->obuf_len+=i;
- }
- /* we now have a full buffer needing flushing */
- for (;;)
- {
- i=BIO_write(b->next_bio,&(ctx->obuf[ctx->obuf_off]),
- ctx->obuf_len);
- if (i <= 0)
- {
- BIO_copy_next_retry(b);
-
- if (i < 0) return((num > 0)?num:i);
- if (i == 0) return(num);
- }
- ctx->obuf_off+=i;
- ctx->obuf_len-=i;
- if (ctx->obuf_len == 0) break;
- }
- }
- /* we only get here if the buffer has been flushed and we
- * still have stuff to write */
- ctx->obuf_off=0;
-
- /* we now have inl bytes to write */
- while (inl >= ctx->obuf_size)
- {
- i=BIO_write(b->next_bio,in,inl);
- if (i <= 0)
- {
- BIO_copy_next_retry(b);
- if (i < 0) return((num > 0)?num:i);
- if (i == 0) return(num);
- }
- num+=i;
- in+=i;
- inl-=i;
- if (inl == 0) return(num);
- }
-
- /* copy the rest into the buffer since we have only a small
- * amount left */
- goto start;
- }
-
-static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- BIO *dbio;
- BIO_F_BUFFER_CTX *ctx;
- long ret=1;
- char *p1,*p2;
- int r,i,*ip;
- int ibs,obs;
-
- ctx=(BIO_F_BUFFER_CTX *)b->ptr;
-
- switch (cmd)
- {
- case BIO_CTRL_RESET:
- ctx->ibuf_off=0;
- ctx->ibuf_len=0;
- ctx->obuf_off=0;
- ctx->obuf_len=0;
- if (b->next_bio == NULL) return(0);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_CTRL_INFO:
- ret=(long)ctx->obuf_len;
- break;
- case BIO_C_GET_BUFF_NUM_LINES:
- ret=0;
- p1=ctx->ibuf;
- for (i=ctx->ibuf_off; i<ctx->ibuf_len; i++)
- {
- if (p1[i] == '\n') ret++;
- }
- break;
- case BIO_CTRL_WPENDING:
- ret=(long)ctx->obuf_len;
- if (ret == 0)
- {
- if (b->next_bio == NULL) return(0);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- }
- break;
- case BIO_CTRL_PENDING:
- ret=(long)ctx->ibuf_len;
- if (ret == 0)
- {
- if (b->next_bio == NULL) return(0);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- }
- break;
- case BIO_C_SET_BUFF_READ_DATA:
- if (num > ctx->ibuf_size)
- {
- p1=OPENSSL_malloc((int)num);
- if (p1 == NULL) goto malloc_error;
- if (ctx->ibuf != NULL) OPENSSL_free(ctx->ibuf);
- ctx->ibuf=p1;
- }
- ctx->ibuf_off=0;
- ctx->ibuf_len=(int)num;
- memcpy(ctx->ibuf,ptr,(int)num);
- ret=1;
- break;
- case BIO_C_SET_BUFF_SIZE:
- if (ptr != NULL)
- {
- ip=(int *)ptr;
- if (*ip == 0)
- {
- ibs=(int)num;
- obs=ctx->obuf_size;
- }
- else /* if (*ip == 1) */
- {
- ibs=ctx->ibuf_size;
- obs=(int)num;
- }
- }
- else
- {
- ibs=(int)num;
- obs=(int)num;
- }
- p1=ctx->ibuf;
- p2=ctx->obuf;
- if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size))
- {
- p1=(char *)OPENSSL_malloc((int)num);
- if (p1 == NULL) goto malloc_error;
- }
- if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size))
- {
- p2=(char *)OPENSSL_malloc((int)num);
- if (p2 == NULL)
- {
- if (p1 != ctx->ibuf) OPENSSL_free(p1);
- goto malloc_error;
- }
- }
- if (ctx->ibuf != p1)
- {
- OPENSSL_free(ctx->ibuf);
- ctx->ibuf=p1;
- ctx->ibuf_off=0;
- ctx->ibuf_len=0;
- ctx->ibuf_size=ibs;
- }
- if (ctx->obuf != p2)
- {
- OPENSSL_free(ctx->obuf);
- ctx->obuf=p2;
- ctx->obuf_off=0;
- ctx->obuf_len=0;
- ctx->obuf_size=obs;
- }
- break;
- case BIO_C_DO_STATE_MACHINE:
- if (b->next_bio == NULL) return(0);
- BIO_clear_retry_flags(b);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- BIO_copy_next_retry(b);
- break;
-
- case BIO_CTRL_FLUSH:
- if (b->next_bio == NULL) return(0);
- if (ctx->obuf_len <= 0)
- {
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- }
-
- for (;;)
- {
- BIO_clear_retry_flags(b);
- if (ctx->obuf_len > ctx->obuf_off)
- {
- r=BIO_write(b->next_bio,
- &(ctx->obuf[ctx->obuf_off]),
- ctx->obuf_len-ctx->obuf_off);
-#if 0
-fprintf(stderr,"FLUSH [%3d] %3d -> %3d\n",ctx->obuf_off,ctx->obuf_len-ctx->obuf_off,r);
-#endif
- BIO_copy_next_retry(b);
- if (r <= 0) return((long)r);
- ctx->obuf_off+=r;
- }
- else
- {
- ctx->obuf_len=0;
- ctx->obuf_off=0;
- ret=1;
- break;
- }
- }
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_CTRL_DUP:
- dbio=(BIO *)ptr;
- if ( !BIO_set_read_buffer_size(dbio,ctx->ibuf_size) ||
- !BIO_set_write_buffer_size(dbio,ctx->obuf_size))
- ret=0;
- break;
- default:
- if (b->next_bio == NULL) return(0);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- }
- return(ret);
-malloc_error:
- BIOerr(BIO_F_BUFFER_CTRL,ERR_R_MALLOC_FAILURE);
- return(0);
- }
-
-static long buffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
- {
- long ret=1;
-
- if (b->next_bio == NULL) return(0);
- switch (cmd)
- {
- default:
- ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
- break;
- }
- return(ret);
- }
-
-static int buffer_gets(BIO *b, char *buf, int size)
- {
- BIO_F_BUFFER_CTX *ctx;
- int num=0,i,flag;
- char *p;
-
- ctx=(BIO_F_BUFFER_CTX *)b->ptr;
- size--; /* reserve space for a '\0' */
- BIO_clear_retry_flags(b);
-
- for (;;)
- {
- if (ctx->ibuf_len > 0)
- {
- p= &(ctx->ibuf[ctx->ibuf_off]);
- flag=0;
- for (i=0; (i<ctx->ibuf_len) && (i<size); i++)
- {
- *(buf++)=p[i];
- if (p[i] == '\n')
- {
- flag=1;
- i++;
- break;
- }
- }
- num+=i;
- size-=i;
- ctx->ibuf_len-=i;
- ctx->ibuf_off+=i;
- if ((flag) || (i == size))
- {
- *buf='\0';
- return(num);
- }
- }
- else /* read another chunk */
- {
- i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size);
- if (i <= 0)
- {
- BIO_copy_next_retry(b);
- if (i < 0) return((num > 0)?num:i);
- if (i == 0) return(num);
- }
- ctx->ibuf_len=i;
- ctx->ibuf_off=0;
- }
- }
- }
-
-static int buffer_puts(BIO *b, const char *str)
- {
- return(buffer_write(b,str,strlen(str)));
- }
-
diff --git a/src/lib/libcrypto/bio/bf_lbuf.c b/src/lib/libcrypto/bio/bf_lbuf.c
deleted file mode 100644
index 7bcf8ed941..0000000000
--- a/src/lib/libcrypto/bio/bf_lbuf.c
+++ /dev/null
@@ -1,397 +0,0 @@
-/* crypto/bio/bf_buff.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-
-static int linebuffer_write(BIO *h, const char *buf,int num);
-static int linebuffer_read(BIO *h, char *buf, int size);
-static int linebuffer_puts(BIO *h, const char *str);
-static int linebuffer_gets(BIO *h, char *str, int size);
-static long linebuffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int linebuffer_new(BIO *h);
-static int linebuffer_free(BIO *data);
-static long linebuffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-/* A 10k maximum should be enough for most purposes */
-#define DEFAULT_LINEBUFFER_SIZE 1024*10
-
-/* #define DEBUG */
-
-static BIO_METHOD methods_linebuffer=
- {
- BIO_TYPE_LINEBUFFER,
- "linebuffer",
- linebuffer_write,
- linebuffer_read,
- linebuffer_puts,
- linebuffer_gets,
- linebuffer_ctrl,
- linebuffer_new,
- linebuffer_free,
- linebuffer_callback_ctrl,
- };
-
-BIO_METHOD *BIO_f_linebuffer(void)
- {
- return(&methods_linebuffer);
- }
-
-typedef struct bio_linebuffer_ctx_struct
- {
- char *obuf; /* the output char array */
- int obuf_size; /* how big is the output buffer */
- int obuf_len; /* how many bytes are in it */
- } BIO_LINEBUFFER_CTX;
-
-static int linebuffer_new(BIO *bi)
- {
- BIO_LINEBUFFER_CTX *ctx;
-
- ctx=(BIO_LINEBUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_LINEBUFFER_CTX));
- if (ctx == NULL) return(0);
- ctx->obuf=(char *)OPENSSL_malloc(DEFAULT_LINEBUFFER_SIZE);
- if (ctx->obuf == NULL) { OPENSSL_free(ctx); return(0); }
- ctx->obuf_size=DEFAULT_LINEBUFFER_SIZE;
- ctx->obuf_len=0;
-
- bi->init=1;
- bi->ptr=(char *)ctx;
- bi->flags=0;
- return(1);
- }
-
-static int linebuffer_free(BIO *a)
- {
- BIO_LINEBUFFER_CTX *b;
-
- if (a == NULL) return(0);
- b=(BIO_LINEBUFFER_CTX *)a->ptr;
- if (b->obuf != NULL) OPENSSL_free(b->obuf);
- OPENSSL_free(a->ptr);
- a->ptr=NULL;
- a->init=0;
- a->flags=0;
- return(1);
- }
-
-static int linebuffer_read(BIO *b, char *out, int outl)
- {
- int ret=0;
-
- if (out == NULL) return(0);
- if (b->next_bio == NULL) return(0);
- ret=BIO_read(b->next_bio,out,outl);
- BIO_clear_retry_flags(b);
- BIO_copy_next_retry(b);
- return(ret);
- }
-
-static int linebuffer_write(BIO *b, const char *in, int inl)
- {
- int i,num=0,foundnl;
- BIO_LINEBUFFER_CTX *ctx;
-
- if ((in == NULL) || (inl <= 0)) return(0);
- ctx=(BIO_LINEBUFFER_CTX *)b->ptr;
- if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-
- BIO_clear_retry_flags(b);
-
- do
- {
- const char *p;
-
- for(p = in; p < in + inl && *p != '\n'; p++)
- ;
- if (*p == '\n')
- {
- p++;
- foundnl = 1;
- }
- else
- foundnl = 0;
-
- /* If a NL was found and we already have text in the save
- buffer, concatenate them and write */
- while ((foundnl || p - in > ctx->obuf_size - ctx->obuf_len)
- && ctx->obuf_len > 0)
- {
- int orig_olen = ctx->obuf_len;
-
- i = ctx->obuf_size - ctx->obuf_len;
- if (p - in > 0)
- {
- if (i >= p - in)
- {
- memcpy(&(ctx->obuf[ctx->obuf_len]),
- in,p - in);
- ctx->obuf_len += p - in;
- inl -= p - in;
- num += p - in;
- in = p;
- }
- else
- {
- memcpy(&(ctx->obuf[ctx->obuf_len]),
- in,i);
- ctx->obuf_len += i;
- inl -= i;
- in += i;
- num += i;
- }
- }
-
-#ifdef DEBUG
-BIO_write(b->next_bio, "<*<", 3);
-#endif
- i=BIO_write(b->next_bio,
- ctx->obuf, ctx->obuf_len);
- if (i <= 0)
- {
- ctx->obuf_len = orig_olen;
- BIO_copy_next_retry(b);
-
-#ifdef DEBUG
-BIO_write(b->next_bio, ">*>", 3);
-#endif
- if (i < 0) return((num > 0)?num:i);
- if (i == 0) return(num);
- }
-#ifdef DEBUG
-BIO_write(b->next_bio, ">*>", 3);
-#endif
- if (i < ctx->obuf_len)
- memmove(ctx->obuf, ctx->obuf + i,
- ctx->obuf_len - i);
- ctx->obuf_len-=i;
- }
-
- /* Now that the save buffer is emptied, let's write the input
- buffer if a NL was found and there is anything to write. */
- if ((foundnl || p - in > ctx->obuf_size) && p - in > 0)
- {
-#ifdef DEBUG
-BIO_write(b->next_bio, "<*<", 3);
-#endif
- i=BIO_write(b->next_bio,in,p - in);
- if (i <= 0)
- {
- BIO_copy_next_retry(b);
-#ifdef DEBUG
-BIO_write(b->next_bio, ">*>", 3);
-#endif
- if (i < 0) return((num > 0)?num:i);
- if (i == 0) return(num);
- }
-#ifdef DEBUG
-BIO_write(b->next_bio, ">*>", 3);
-#endif
- num+=i;
- in+=i;
- inl-=i;
- }
- }
- while(foundnl && inl > 0);
- /* We've written as much as we can. The rest of the input buffer, if
- any, is text that doesn't and with a NL and therefore needs to be
- saved for the next trip. */
- if (inl > 0)
- {
- memcpy(&(ctx->obuf[ctx->obuf_len]), in, inl);
- ctx->obuf_len += inl;
- num += inl;
- }
- return num;
- }
-
-static long linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- BIO *dbio;
- BIO_LINEBUFFER_CTX *ctx;
- long ret=1;
- char *p;
- int r;
- int obs;
-
- ctx=(BIO_LINEBUFFER_CTX *)b->ptr;
-
- switch (cmd)
- {
- case BIO_CTRL_RESET:
- ctx->obuf_len=0;
- if (b->next_bio == NULL) return(0);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_CTRL_INFO:
- ret=(long)ctx->obuf_len;
- break;
- case BIO_CTRL_WPENDING:
- ret=(long)ctx->obuf_len;
- if (ret == 0)
- {
- if (b->next_bio == NULL) return(0);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- }
- break;
- case BIO_C_SET_BUFF_SIZE:
- obs=(int)num;
- p=ctx->obuf;
- if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size))
- {
- p=(char *)OPENSSL_malloc((int)num);
- if (p == NULL)
- goto malloc_error;
- }
- if (ctx->obuf != p)
- {
- if (ctx->obuf_len > obs)
- {
- ctx->obuf_len = obs;
- }
- memcpy(p, ctx->obuf, ctx->obuf_len);
- OPENSSL_free(ctx->obuf);
- ctx->obuf=p;
- ctx->obuf_size=obs;
- }
- break;
- case BIO_C_DO_STATE_MACHINE:
- if (b->next_bio == NULL) return(0);
- BIO_clear_retry_flags(b);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- BIO_copy_next_retry(b);
- break;
-
- case BIO_CTRL_FLUSH:
- if (b->next_bio == NULL) return(0);
- if (ctx->obuf_len <= 0)
- {
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- }
-
- for (;;)
- {
- BIO_clear_retry_flags(b);
- if (ctx->obuf_len > 0)
- {
- r=BIO_write(b->next_bio,
- ctx->obuf, ctx->obuf_len);
-#if 0
-fprintf(stderr,"FLUSH %3d -> %3d\n",ctx->obuf_len,r);
-#endif
- BIO_copy_next_retry(b);
- if (r <= 0) return((long)r);
- if (r < ctx->obuf_len)
- memmove(ctx->obuf, ctx->obuf + r,
- ctx->obuf_len - r);
- ctx->obuf_len-=r;
- }
- else
- {
- ctx->obuf_len=0;
- ret=1;
- break;
- }
- }
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_CTRL_DUP:
- dbio=(BIO *)ptr;
- if ( !BIO_set_write_buffer_size(dbio,ctx->obuf_size))
- ret=0;
- break;
- default:
- if (b->next_bio == NULL) return(0);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- }
- return(ret);
-malloc_error:
- BIOerr(BIO_F_LINEBUFFER_CTRL,ERR_R_MALLOC_FAILURE);
- return(0);
- }
-
-static long linebuffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
- {
- long ret=1;
-
- if (b->next_bio == NULL) return(0);
- switch (cmd)
- {
- default:
- ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
- break;
- }
- return(ret);
- }
-
-static int linebuffer_gets(BIO *b, char *buf, int size)
- {
- if (b->next_bio == NULL) return(0);
- return(BIO_gets(b->next_bio,buf,size));
- }
-
-static int linebuffer_puts(BIO *b, const char *str)
- {
- return(linebuffer_write(b,str,strlen(str)));
- }
-
diff --git a/src/lib/libcrypto/bio/bf_nbio.c b/src/lib/libcrypto/bio/bf_nbio.c
deleted file mode 100644
index 413ef5c4c5..0000000000
--- a/src/lib/libcrypto/bio/bf_nbio.c
+++ /dev/null
@@ -1,256 +0,0 @@
-/* crypto/bio/bf_nbio.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-
-/* BIO_put and BIO_get both add to the digest,
- * BIO_gets returns the digest */
-
-static int nbiof_write(BIO *h,const char *buf,int num);
-static int nbiof_read(BIO *h,char *buf,int size);
-static int nbiof_puts(BIO *h,const char *str);
-static int nbiof_gets(BIO *h,char *str,int size);
-static long nbiof_ctrl(BIO *h,int cmd,long arg1,void *arg2);
-static int nbiof_new(BIO *h);
-static int nbiof_free(BIO *data);
-static long nbiof_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
-typedef struct nbio_test_st
- {
- /* only set if we sent a 'should retry' error */
- int lrn;
- int lwn;
- } NBIO_TEST;
-
-static BIO_METHOD methods_nbiof=
- {
- BIO_TYPE_NBIO_TEST,
- "non-blocking IO test filter",
- nbiof_write,
- nbiof_read,
- nbiof_puts,
- nbiof_gets,
- nbiof_ctrl,
- nbiof_new,
- nbiof_free,
- nbiof_callback_ctrl,
- };
-
-BIO_METHOD *BIO_f_nbio_test(void)
- {
- return(&methods_nbiof);
- }
-
-static int nbiof_new(BIO *bi)
- {
- NBIO_TEST *nt;
-
- nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST));
- nt->lrn= -1;
- nt->lwn= -1;
- bi->ptr=(char *)nt;
- bi->init=1;
- bi->flags=0;
- return(1);
- }
-
-static int nbiof_free(BIO *a)
- {
- if (a == NULL) return(0);
- if (a->ptr != NULL)
- OPENSSL_free(a->ptr);
- a->ptr=NULL;
- a->init=0;
- a->flags=0;
- return(1);
- }
-
-static int nbiof_read(BIO *b, char *out, int outl)
- {
- NBIO_TEST *nt;
- int ret=0;
-#if 0
- int num;
- unsigned char n;
-#endif
-
- if (out == NULL) return(0);
- if (b->next_bio == NULL) return(0);
- nt=(NBIO_TEST *)b->ptr;
-
- BIO_clear_retry_flags(b);
-#if 0
- RAND_pseudo_bytes(&n,1);
- num=(n&0x07);
-
- if (outl > num) outl=num;
-
- if (num == 0)
- {
- ret= -1;
- BIO_set_retry_read(b);
- }
- else
-#endif
- {
- ret=BIO_read(b->next_bio,out,outl);
- if (ret < 0)
- BIO_copy_next_retry(b);
- }
- return(ret);
- }
-
-static int nbiof_write(BIO *b, const char *in, int inl)
- {
- NBIO_TEST *nt;
- int ret=0;
- int num;
- unsigned char n;
-
- if ((in == NULL) || (inl <= 0)) return(0);
- if (b->next_bio == NULL) return(0);
- nt=(NBIO_TEST *)b->ptr;
-
- BIO_clear_retry_flags(b);
-
-#if 1
- if (nt->lwn > 0)
- {
- num=nt->lwn;
- nt->lwn=0;
- }
- else
- {
- RAND_pseudo_bytes(&n,1);
- num=(n&7);
- }
-
- if (inl > num) inl=num;
-
- if (num == 0)
- {
- ret= -1;
- BIO_set_retry_write(b);
- }
- else
-#endif
- {
- ret=BIO_write(b->next_bio,in,inl);
- if (ret < 0)
- {
- BIO_copy_next_retry(b);
- nt->lwn=inl;
- }
- }
- return(ret);
- }
-
-static long nbiof_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- long ret;
-
- if (b->next_bio == NULL) return(0);
- switch (cmd)
- {
- case BIO_C_DO_STATE_MACHINE:
- BIO_clear_retry_flags(b);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- BIO_copy_next_retry(b);
- break;
- case BIO_CTRL_DUP:
- ret=0L;
- break;
- default:
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- }
- return(ret);
- }
-
-static long nbiof_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
- {
- long ret=1;
-
- if (b->next_bio == NULL) return(0);
- switch (cmd)
- {
- default:
- ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
- break;
- }
- return(ret);
- }
-
-static int nbiof_gets(BIO *bp, char *buf, int size)
- {
- if (bp->next_bio == NULL) return(0);
- return(BIO_gets(bp->next_bio,buf,size));
- }
-
-
-static int nbiof_puts(BIO *bp, const char *str)
- {
- if (bp->next_bio == NULL) return(0);
- return(BIO_puts(bp->next_bio,str));
- }
-
-
diff --git a/src/lib/libcrypto/bio/bf_null.c b/src/lib/libcrypto/bio/bf_null.c
deleted file mode 100644
index 2678a1a85d..0000000000
--- a/src/lib/libcrypto/bio/bf_null.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/* crypto/bio/bf_null.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-
-/* BIO_put and BIO_get both add to the digest,
- * BIO_gets returns the digest */
-
-static int nullf_write(BIO *h, const char *buf, int num);
-static int nullf_read(BIO *h, char *buf, int size);
-static int nullf_puts(BIO *h, const char *str);
-static int nullf_gets(BIO *h, char *str, int size);
-static long nullf_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int nullf_new(BIO *h);
-static int nullf_free(BIO *data);
-static long nullf_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-static BIO_METHOD methods_nullf=
- {
- BIO_TYPE_NULL_FILTER,
- "NULL filter",
- nullf_write,
- nullf_read,
- nullf_puts,
- nullf_gets,
- nullf_ctrl,
- nullf_new,
- nullf_free,
- nullf_callback_ctrl,
- };
-
-BIO_METHOD *BIO_f_null(void)
- {
- return(&methods_nullf);
- }
-
-static int nullf_new(BIO *bi)
- {
- bi->init=1;
- bi->ptr=NULL;
- bi->flags=0;
- return(1);
- }
-
-static int nullf_free(BIO *a)
- {
- if (a == NULL) return(0);
-/* a->ptr=NULL;
- a->init=0;
- a->flags=0;*/
- return(1);
- }
-
-static int nullf_read(BIO *b, char *out, int outl)
- {
- int ret=0;
-
- if (out == NULL) return(0);
- if (b->next_bio == NULL) return(0);
- ret=BIO_read(b->next_bio,out,outl);
- BIO_clear_retry_flags(b);
- BIO_copy_next_retry(b);
- return(ret);
- }
-
-static int nullf_write(BIO *b, const char *in, int inl)
- {
- int ret=0;
-
- if ((in == NULL) || (inl <= 0)) return(0);
- if (b->next_bio == NULL) return(0);
- ret=BIO_write(b->next_bio,in,inl);
- BIO_clear_retry_flags(b);
- BIO_copy_next_retry(b);
- return(ret);
- }
-
-static long nullf_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- long ret;
-
- if (b->next_bio == NULL) return(0);
- switch(cmd)
- {
- case BIO_C_DO_STATE_MACHINE:
- BIO_clear_retry_flags(b);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- BIO_copy_next_retry(b);
- break;
- case BIO_CTRL_DUP:
- ret=0L;
- break;
- default:
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- }
- return(ret);
- }
-
-static long nullf_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
- {
- long ret=1;
-
- if (b->next_bio == NULL) return(0);
- switch (cmd)
- {
- default:
- ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
- break;
- }
- return(ret);
- }
-
-static int nullf_gets(BIO *bp, char *buf, int size)
- {
- if (bp->next_bio == NULL) return(0);
- return(BIO_gets(bp->next_bio,buf,size));
- }
-
-
-static int nullf_puts(BIO *bp, const char *str)
- {
- if (bp->next_bio == NULL) return(0);
- return(BIO_puts(bp->next_bio,str));
- }
-
-
diff --git a/src/lib/libcrypto/bio/bio.h b/src/lib/libcrypto/bio/bio.h
deleted file mode 100644
index 97003b503c..0000000000
--- a/src/lib/libcrypto/bio/bio.h
+++ /dev/null
@@ -1,687 +0,0 @@
-/* crypto/bio/bio.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BIO_H
-#define HEADER_BIO_H
-
-#ifndef NO_FP_API
-# include <stdio.h>
-#endif
-#include <stdarg.h>
-
-#include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* These are the 'types' of BIOs */
-#define BIO_TYPE_NONE 0
-#define BIO_TYPE_MEM (1|0x0400)
-#define BIO_TYPE_FILE (2|0x0400)
-
-#define BIO_TYPE_FD (4|0x0400|0x0100)
-#define BIO_TYPE_SOCKET (5|0x0400|0x0100)
-#define BIO_TYPE_NULL (6|0x0400)
-#define BIO_TYPE_SSL (7|0x0200)
-#define BIO_TYPE_MD (8|0x0200) /* passive filter */
-#define BIO_TYPE_BUFFER (9|0x0200) /* filter */
-#define BIO_TYPE_CIPHER (10|0x0200) /* filter */
-#define BIO_TYPE_BASE64 (11|0x0200) /* filter */
-#define BIO_TYPE_CONNECT (12|0x0400|0x0100) /* socket - connect */
-#define BIO_TYPE_ACCEPT (13|0x0400|0x0100) /* socket for accept */
-#define BIO_TYPE_PROXY_CLIENT (14|0x0200) /* client proxy BIO */
-#define BIO_TYPE_PROXY_SERVER (15|0x0200) /* server proxy BIO */
-#define BIO_TYPE_NBIO_TEST (16|0x0200) /* server proxy BIO */
-#define BIO_TYPE_NULL_FILTER (17|0x0200)
-#define BIO_TYPE_BER (18|0x0200) /* BER -> bin filter */
-#define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */
-#define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */
-
-#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */
-#define BIO_TYPE_FILTER 0x0200
-#define BIO_TYPE_SOURCE_SINK 0x0400
-
-/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
- * BIO_set_fp(in,stdin,BIO_NOCLOSE); */
-#define BIO_NOCLOSE 0x00
-#define BIO_CLOSE 0x01
-
-/* These are used in the following macros and are passed to
- * BIO_ctrl() */
-#define BIO_CTRL_RESET 1 /* opt - rewind/zero etc */
-#define BIO_CTRL_EOF 2 /* opt - are we at the eof */
-#define BIO_CTRL_INFO 3 /* opt - extra tit-bits */
-#define BIO_CTRL_SET 4 /* man - set the 'IO' type */
-#define BIO_CTRL_GET 5 /* man - get the 'IO' type */
-#define BIO_CTRL_PUSH 6 /* opt - internal, used to signify change */
-#define BIO_CTRL_POP 7 /* opt - internal, used to signify change */
-#define BIO_CTRL_GET_CLOSE 8 /* man - set the 'close' on free */
-#define BIO_CTRL_SET_CLOSE 9 /* man - set the 'close' on free */
-#define BIO_CTRL_PENDING 10 /* opt - is their more data buffered */
-#define BIO_CTRL_FLUSH 11 /* opt - 'flush' buffered output */
-#define BIO_CTRL_DUP 12 /* man - extra stuff for 'duped' BIO */
-#define BIO_CTRL_WPENDING 13 /* opt - number of bytes still to write */
-/* callback is int cb(BIO *bio,state,ret); */
-#define BIO_CTRL_SET_CALLBACK 14 /* opt - set callback function */
-#define BIO_CTRL_GET_CALLBACK 15 /* opt - set callback function */
-
-#define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */
-
-/* modifiers */
-#define BIO_FP_READ 0x02
-#define BIO_FP_WRITE 0x04
-#define BIO_FP_APPEND 0x08
-#define BIO_FP_TEXT 0x10
-
-#define BIO_FLAGS_READ 0x01
-#define BIO_FLAGS_WRITE 0x02
-#define BIO_FLAGS_IO_SPECIAL 0x04
-#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
-#define BIO_FLAGS_SHOULD_RETRY 0x08
-
-/* Used in BIO_gethostbyname() */
-#define BIO_GHBN_CTRL_HITS 1
-#define BIO_GHBN_CTRL_MISSES 2
-#define BIO_GHBN_CTRL_CACHE_SIZE 3
-#define BIO_GHBN_CTRL_GET_ENTRY 4
-#define BIO_GHBN_CTRL_FLUSH 5
-
-/* Mostly used in the SSL BIO */
-/* Not used anymore
- * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
- * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
- * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
- */
-
-#define BIO_FLAGS_BASE64_NO_NL 0x100
-
-/* This is used with memory BIOs: it means we shouldn't free up or change the
- * data in any way.
- */
-#define BIO_FLAGS_MEM_RDONLY 0x200
-
-#define BIO_set_flags(b,f) ((b)->flags|=(f))
-#define BIO_get_flags(b) ((b)->flags)
-#define BIO_set_retry_special(b) \
- ((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_set_retry_read(b) \
- ((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_set_retry_write(b) \
- ((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
-
-/* These are normally used internally in BIOs */
-#define BIO_clear_flags(b,f) ((b)->flags&= ~(f))
-#define BIO_clear_retry_flags(b) \
- ((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_get_retry_flags(b) \
- ((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-
-/* These should be used by the application to tell why we should retry */
-#define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ)
-#define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE)
-#define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL)
-#define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS)
-#define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY)
-
-/* The next two are used in conjunction with the
- * BIO_should_io_special() condition. After this returns true,
- * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO
- * stack and return the 'reason' for the special and the offending BIO.
- * Given a BIO, BIO_get_retry_reason(bio) will return the code. */
-/* Returned from the SSL bio when the certificate retrieval code had an error */
-#define BIO_RR_SSL_X509_LOOKUP 0x01
-/* Returned from the connect BIO when a connect would have blocked */
-#define BIO_RR_CONNECT 0x02
-
-/* These are passed by the BIO callback */
-#define BIO_CB_FREE 0x01
-#define BIO_CB_READ 0x02
-#define BIO_CB_WRITE 0x03
-#define BIO_CB_PUTS 0x04
-#define BIO_CB_GETS 0x05
-#define BIO_CB_CTRL 0x06
-
-/* The callback is called before and after the underling operation,
- * The BIO_CB_RETURN flag indicates if it is after the call */
-#define BIO_CB_RETURN 0x80
-#define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
-#define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
-#define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
-
-#define BIO_set_callback(b,cb) ((b)->callback=(cb))
-#define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg))
-#define BIO_get_callback_arg(b) ((b)->cb_arg)
-#define BIO_get_callback(b) ((b)->callback)
-#define BIO_method_name(b) ((b)->method->name)
-#define BIO_method_type(b) ((b)->method->type)
-
-typedef struct bio_st BIO;
-
-typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
-
-#ifndef WIN16
-typedef struct bio_method_st
- {
- int type;
- const char *name;
- int (*bwrite)(BIO *, const char *, int);
- int (*bread)(BIO *, char *, int);
- int (*bputs)(BIO *, const char *);
- int (*bgets)(BIO *, char *, int);
- long (*ctrl)(BIO *, int, long, void *);
- int (*create)(BIO *);
- int (*destroy)(BIO *);
- long (*callback_ctrl)(BIO *, int, bio_info_cb *);
- } BIO_METHOD;
-#else
-typedef struct bio_method_st
- {
- int type;
- const char *name;
- int (_far *bwrite)();
- int (_far *bread)();
- int (_far *bputs)();
- int (_far *bgets)();
- long (_far *ctrl)();
- int (_far *create)();
- int (_far *destroy)();
- long (_fat *callback_ctrl)();
- } BIO_METHOD;
-#endif
-
-struct bio_st
- {
- BIO_METHOD *method;
- /* bio, mode, argp, argi, argl, ret */
- long (*callback)(struct bio_st *,int,const char *,int, long,long);
- char *cb_arg; /* first argument for the callback */
-
- int init;
- int shutdown;
- int flags; /* extra storage */
- int retry_reason;
- int num;
- void *ptr;
- struct bio_st *next_bio; /* used by filter BIOs */
- struct bio_st *prev_bio; /* used by filter BIOs */
- int references;
- unsigned long num_read;
- unsigned long num_write;
-
- CRYPTO_EX_DATA ex_data;
- };
-
-DECLARE_STACK_OF(BIO)
-
-typedef struct bio_f_buffer_ctx_struct
- {
- /* BIO *bio; */ /* this is now in the BIO struct */
- int ibuf_size; /* how big is the input buffer */
- int obuf_size; /* how big is the output buffer */
-
- char *ibuf; /* the char array */
- int ibuf_len; /* how many bytes are in it */
- int ibuf_off; /* write/read offset */
-
- char *obuf; /* the char array */
- int obuf_len; /* how many bytes are in it */
- int obuf_off; /* write/read offset */
- } BIO_F_BUFFER_CTX;
-
-/* connect BIO stuff */
-#define BIO_CONN_S_BEFORE 1
-#define BIO_CONN_S_GET_IP 2
-#define BIO_CONN_S_GET_PORT 3
-#define BIO_CONN_S_CREATE_SOCKET 4
-#define BIO_CONN_S_CONNECT 5
-#define BIO_CONN_S_OK 6
-#define BIO_CONN_S_BLOCKED_CONNECT 7
-#define BIO_CONN_S_NBIO 8
-/*#define BIO_CONN_get_param_hostname BIO_ctrl */
-
-#define BIO_C_SET_CONNECT 100
-#define BIO_C_DO_STATE_MACHINE 101
-#define BIO_C_SET_NBIO 102
-#define BIO_C_SET_PROXY_PARAM 103
-#define BIO_C_SET_FD 104
-#define BIO_C_GET_FD 105
-#define BIO_C_SET_FILE_PTR 106
-#define BIO_C_GET_FILE_PTR 107
-#define BIO_C_SET_FILENAME 108
-#define BIO_C_SET_SSL 109
-#define BIO_C_GET_SSL 110
-#define BIO_C_SET_MD 111
-#define BIO_C_GET_MD 112
-#define BIO_C_GET_CIPHER_STATUS 113
-#define BIO_C_SET_BUF_MEM 114
-#define BIO_C_GET_BUF_MEM_PTR 115
-#define BIO_C_GET_BUFF_NUM_LINES 116
-#define BIO_C_SET_BUFF_SIZE 117
-#define BIO_C_SET_ACCEPT 118
-#define BIO_C_SSL_MODE 119
-#define BIO_C_GET_MD_CTX 120
-#define BIO_C_GET_PROXY_PARAM 121
-#define BIO_C_SET_BUFF_READ_DATA 122 /* data to read first */
-#define BIO_C_GET_CONNECT 123
-#define BIO_C_GET_ACCEPT 124
-#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
-#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
-#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
-#define BIO_C_FILE_SEEK 128
-#define BIO_C_GET_CIPHER_CTX 129
-#define BIO_C_SET_BUF_MEM_EOF_RETURN 130/*return end of input value*/
-#define BIO_C_SET_BIND_MODE 131
-#define BIO_C_GET_BIND_MODE 132
-#define BIO_C_FILE_TELL 133
-#define BIO_C_GET_SOCKS 134
-#define BIO_C_SET_SOCKS 135
-
-#define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */
-#define BIO_C_GET_WRITE_BUF_SIZE 137
-#define BIO_C_MAKE_BIO_PAIR 138
-#define BIO_C_DESTROY_BIO_PAIR 139
-#define BIO_C_GET_WRITE_GUARANTEE 140
-#define BIO_C_GET_READ_REQUEST 141
-#define BIO_C_SHUTDOWN_WR 142
-#define BIO_C_NREAD0 143
-#define BIO_C_NREAD 144
-#define BIO_C_NWRITE0 145
-#define BIO_C_NWRITE 146
-#define BIO_C_RESET_READ_REQUEST 147
-
-
-#define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
-#define BIO_get_app_data(s) BIO_get_ex_data(s,0)
-
-/* BIO_s_connect() and BIO_s_socks4a_connect() */
-#define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
-#define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
-#define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
-#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
-#define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
-#define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
-#define BIO_get_conn_ip(b,ip) BIO_ptr_ctrl(b,BIO_C_SET_CONNECT,2)
-#define BIO_get_conn_int_port(b,port) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,port)
-
-
-#define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
-
-/* BIO_s_accept_socket() */
-#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
-#define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
-/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
-#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL)
-#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
-
-#define BIO_BIND_NORMAL 0
-#define BIO_BIND_REUSEADDR_IF_UNUSED 1
-#define BIO_BIND_REUSEADDR 2
-#define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
-#define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
-
-#define BIO_do_connect(b) BIO_do_handshake(b)
-#define BIO_do_accept(b) BIO_do_handshake(b)
-#define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
-
-/* BIO_s_proxy_client() */
-#define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
-#define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
-/* BIO_set_nbio(b,n) */
-#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
-/* BIO *BIO_get_filter_bio(BIO *bio); */
-#define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
-#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
-#define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
-
-#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
-#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
-#define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
-#define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
-
-#define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
-#define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
-
-#define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
-#define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
-
-#define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
-#define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
-
-/* name is cast to lose const, but might be better to route through a function
- so we can do it safely */
-#ifdef CONST_STRICT
-/* If you are wondering why this isn't defined, its because CONST_STRICT is
- * purely a compile-time kludge to allow const to be checked.
- */
-int BIO_read_filename(BIO *b,const char *name);
-#else
-#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_READ,(char *)name)
-#endif
-#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_WRITE,name)
-#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_APPEND,name)
-#define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
-
-/* WARNING WARNING, this ups the reference count on the read bio of the
- * SSL structure. This is because the ssl read BIO is now pointed to by
- * the next_bio field in the bio. So when you free the BIO, make sure
- * you are doing a BIO_free_all() to catch the underlying BIO. */
-#define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
-#define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
-#define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
-#define BIO_set_ssl_renegotiate_bytes(b,num) \
- BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
-#define BIO_get_num_renegotiates(b) \
- BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL);
-#define BIO_set_ssl_renegotiate_timeout(b,seconds) \
- BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
-
-/* defined in evp.h */
-/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
-
-#define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
-#define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
-#define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
-#define BIO_set_mem_eof_return(b,v) \
- BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
-
-/* For the BIO_f_buffer() type */
-#define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
-#define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
-#define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
-#define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
-#define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
-
-/* Don't use the next one unless you know what you are doing :-) */
-#define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
-
-#define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
-#define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
-#define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
-#define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
-#define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
-#define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
-/* ...pending macros have inappropriate return type */
-size_t BIO_ctrl_pending(BIO *b);
-size_t BIO_ctrl_wpending(BIO *b);
-#define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
-#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0,(bio_info_cb **)(cbp))
-#define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,(bio_info_cb *)(cb))
-
-/* For the BIO_f_buffer() type */
-#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
-
-/* For BIO_s_bio() */
-#define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
-#define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
-#define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
-#define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
-#define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
-/* macros with inappropriate type -- but ...pending macros use int too: */
-#define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
-#define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
-size_t BIO_ctrl_get_write_guarantee(BIO *b);
-size_t BIO_ctrl_get_read_request(BIO *b);
-int BIO_ctrl_reset_read_request(BIO *b);
-
-/* These two aren't currently implemented */
-/* int BIO_get_ex_num(BIO *bio); */
-/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
-int BIO_set_ex_data(BIO *bio,int idx,void *data);
-void *BIO_get_ex_data(BIO *bio,int idx);
-int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-unsigned long BIO_number_read(BIO *bio);
-unsigned long BIO_number_written(BIO *bio);
-
-# ifndef NO_FP_API
-# if defined(WIN16) && defined(_WINDLL)
-BIO_METHOD *BIO_s_file_internal(void);
-BIO *BIO_new_file_internal(char *filename, char *mode);
-BIO *BIO_new_fp_internal(FILE *stream, int close_flag);
-# define BIO_s_file BIO_s_file_internal
-# define BIO_new_file BIO_new_file_internal
-# define BIO_new_fp BIO_new_fp_internal
-# else /* FP_API */
-BIO_METHOD *BIO_s_file(void );
-BIO *BIO_new_file(const char *filename, const char *mode);
-BIO *BIO_new_fp(FILE *stream, int close_flag);
-# define BIO_s_file_internal BIO_s_file
-# define BIO_new_file_internal BIO_new_file
-# define BIO_new_fp_internal BIO_s_file
-# endif /* FP_API */
-# endif
-BIO * BIO_new(BIO_METHOD *type);
-int BIO_set(BIO *a,BIO_METHOD *type);
-int BIO_free(BIO *a);
-void BIO_vfree(BIO *a);
-int BIO_read(BIO *b, void *data, int len);
-int BIO_gets(BIO *bp,char *buf, int size);
-int BIO_write(BIO *b, const void *data, int len);
-int BIO_puts(BIO *bp,const char *buf);
-long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
-long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long));
-char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
-long BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg);
-BIO * BIO_push(BIO *b,BIO *append);
-BIO * BIO_pop(BIO *b);
-void BIO_free_all(BIO *a);
-BIO * BIO_find_type(BIO *b,int bio_type);
-BIO * BIO_next(BIO *b);
-BIO * BIO_get_retry_BIO(BIO *bio, int *reason);
-int BIO_get_retry_reason(BIO *bio);
-BIO * BIO_dup_chain(BIO *in);
-
-int BIO_nread0(BIO *bio, char **buf);
-int BIO_nread(BIO *bio, char **buf, int num);
-int BIO_nwrite0(BIO *bio, char **buf);
-int BIO_nwrite(BIO *bio, char **buf, int num);
-
-#ifndef WIN16
-long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
- long argl,long ret);
-#else
-long _far _loadds BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
- long argl,long ret);
-#endif
-
-BIO_METHOD *BIO_s_mem(void);
-BIO *BIO_new_mem_buf(void *buf, int len);
-BIO_METHOD *BIO_s_socket(void);
-BIO_METHOD *BIO_s_connect(void);
-BIO_METHOD *BIO_s_accept(void);
-BIO_METHOD *BIO_s_fd(void);
-BIO_METHOD *BIO_s_log(void);
-BIO_METHOD *BIO_s_bio(void);
-BIO_METHOD *BIO_s_null(void);
-BIO_METHOD *BIO_f_null(void);
-BIO_METHOD *BIO_f_buffer(void);
-#ifdef VMS
-BIO_METHOD *BIO_f_linebuffer(void);
-#endif
-BIO_METHOD *BIO_f_nbio_test(void);
-/* BIO_METHOD *BIO_f_ber(void); */
-
-int BIO_sock_should_retry(int i);
-int BIO_sock_non_fatal_error(int error);
-int BIO_fd_should_retry(int i);
-int BIO_fd_non_fatal_error(int error);
-int BIO_dump(BIO *b,const char *bytes,int len);
-int BIO_dump_indent(BIO *b,const char *bytes,int len,int indent);
-
-struct hostent *BIO_gethostbyname(const char *name);
-/* We might want a thread-safe interface too:
- * struct hostent *BIO_gethostbyname_r(const char *name,
- * struct hostent *result, void *buffer, size_t buflen);
- * or something similar (caller allocates a struct hostent,
- * pointed to by "result", and additional buffer space for the various
- * substructures; if the buffer does not suffice, NULL is returned
- * and an appropriate error code is set).
- */
-int BIO_sock_error(int sock);
-int BIO_socket_ioctl(int fd, long type, unsigned long *arg);
-int BIO_socket_nbio(int fd,int mode);
-int BIO_get_port(const char *str, unsigned short *port_ptr);
-int BIO_get_host_ip(const char *str, unsigned char *ip);
-int BIO_get_accept_socket(char *host_port,int mode);
-int BIO_accept(int sock,char **ip_port);
-int BIO_sock_init(void );
-void BIO_sock_cleanup(void);
-int BIO_set_tcp_ndelay(int sock,int turn_on);
-
-void ERR_load_BIO_strings(void );
-
-BIO *BIO_new_socket(int sock, int close_flag);
-BIO *BIO_new_fd(int fd, int close_flag);
-BIO *BIO_new_connect(char *host_port);
-BIO *BIO_new_accept(char *host_port);
-
-int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
- BIO **bio2, size_t writebuf2);
-/* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
- * Otherwise returns 0 and sets *bio1 and *bio2 to NULL.
- * Size 0 uses default value.
- */
-
-void BIO_copy_next_retry(BIO *b);
-
-long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
-
-int BIO_printf(BIO *bio, const char *format, ...);
-int BIO_vprintf(BIO *bio, const char *format, va_list args);
-int BIO_snprintf(char *buf, size_t n, const char *format, ...);
-int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the BIO functions. */
-
-/* Function codes. */
-#define BIO_F_ACPT_STATE 100
-#define BIO_F_BIO_ACCEPT 101
-#define BIO_F_BIO_BER_GET_HEADER 102
-#define BIO_F_BIO_CTRL 103
-#define BIO_F_BIO_GETHOSTBYNAME 120
-#define BIO_F_BIO_GETS 104
-#define BIO_F_BIO_GET_ACCEPT_SOCKET 105
-#define BIO_F_BIO_GET_HOST_IP 106
-#define BIO_F_BIO_GET_PORT 107
-#define BIO_F_BIO_MAKE_PAIR 121
-#define BIO_F_BIO_NEW 108
-#define BIO_F_BIO_NEW_FILE 109
-#define BIO_F_BIO_NEW_MEM_BUF 126
-#define BIO_F_BIO_NREAD 123
-#define BIO_F_BIO_NREAD0 124
-#define BIO_F_BIO_NWRITE 125
-#define BIO_F_BIO_NWRITE0 122
-#define BIO_F_BIO_PUTS 110
-#define BIO_F_BIO_READ 111
-#define BIO_F_BIO_SOCK_INIT 112
-#define BIO_F_BIO_WRITE 113
-#define BIO_F_BUFFER_CTRL 114
-#define BIO_F_CONN_CTRL 127
-#define BIO_F_CONN_STATE 115
-#define BIO_F_FILE_CTRL 116
-#define BIO_F_LINEBUFFER_CTRL 129
-#define BIO_F_MEM_READ 128
-#define BIO_F_MEM_WRITE 117
-#define BIO_F_SSL_NEW 118
-#define BIO_F_WSASTARTUP 119
-
-/* Reason codes. */
-#define BIO_R_ACCEPT_ERROR 100
-#define BIO_R_BAD_FOPEN_MODE 101
-#define BIO_R_BAD_HOSTNAME_LOOKUP 102
-#define BIO_R_BROKEN_PIPE 124
-#define BIO_R_CONNECT_ERROR 103
-#define BIO_R_EOF_ON_MEMORY_BIO 127
-#define BIO_R_ERROR_SETTING_NBIO 104
-#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
-#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
-#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
-#define BIO_R_INVALID_ARGUMENT 125
-#define BIO_R_INVALID_IP_ADDRESS 108
-#define BIO_R_IN_USE 123
-#define BIO_R_KEEPALIVE 109
-#define BIO_R_NBIO_CONNECT_ERROR 110
-#define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111
-#define BIO_R_NO_HOSTNAME_SPECIFIED 112
-#define BIO_R_NO_PORT_DEFINED 113
-#define BIO_R_NO_PORT_SPECIFIED 114
-#define BIO_R_NULL_PARAMETER 115
-#define BIO_R_TAG_MISMATCH 116
-#define BIO_R_UNABLE_TO_BIND_SOCKET 117
-#define BIO_R_UNABLE_TO_CREATE_SOCKET 118
-#define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
-#define BIO_R_UNINITIALIZED 120
-#define BIO_R_UNSUPPORTED_METHOD 121
-#define BIO_R_WRITE_TO_READ_ONLY_BIO 126
-#define BIO_R_WSASTARTUP 122
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/bio/bio_cb.c b/src/lib/libcrypto/bio/bio_cb.c
deleted file mode 100644
index 37c7c22666..0000000000
--- a/src/lib/libcrypto/bio/bio_cb.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/bio/bio_cb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-
-long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
- int argi, long argl, long ret)
- {
- BIO *b;
- MS_STATIC char buf[256];
- char *p;
- long r=1;
-
- if (BIO_CB_RETURN & cmd)
- r=ret;
-
- sprintf(buf,"BIO[%08lX]:",(unsigned long)bio);
- p= &(buf[14]);
- switch (cmd)
- {
- case BIO_CB_FREE:
- sprintf(p,"Free - %s\n",bio->method->name);
- break;
- case BIO_CB_READ:
- if (bio->method->type & BIO_TYPE_DESCRIPTOR)
- sprintf(p,"read(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
- else
- sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name);
- break;
- case BIO_CB_WRITE:
- if (bio->method->type & BIO_TYPE_DESCRIPTOR)
- sprintf(p,"write(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
- else
- sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name);
- break;
- case BIO_CB_PUTS:
- sprintf(p,"puts() - %s\n",bio->method->name);
- break;
- case BIO_CB_GETS:
- sprintf(p,"gets(%d) - %s\n",argi,bio->method->name);
- break;
- case BIO_CB_CTRL:
- sprintf(p,"ctrl(%d) - %s\n",argi,bio->method->name);
- break;
- case BIO_CB_RETURN|BIO_CB_READ:
- sprintf(p,"read return %ld\n",ret);
- break;
- case BIO_CB_RETURN|BIO_CB_WRITE:
- sprintf(p,"write return %ld\n",ret);
- break;
- case BIO_CB_RETURN|BIO_CB_GETS:
- sprintf(p,"gets return %ld\n",ret);
- break;
- case BIO_CB_RETURN|BIO_CB_PUTS:
- sprintf(p,"puts return %ld\n",ret);
- break;
- case BIO_CB_RETURN|BIO_CB_CTRL:
- sprintf(p,"ctrl return %ld\n",ret);
- break;
- default:
- sprintf(p,"bio callback - unknown type (%d)\n",cmd);
- break;
- }
-
- b=(BIO *)bio->cb_arg;
- if (b != NULL)
- BIO_write(b,buf,strlen(buf));
-#if !defined(NO_STDIO) && !defined(WIN16)
- else
- fputs(buf,stderr);
-#endif
- return(r);
- }
diff --git a/src/lib/libcrypto/bio/bio_err.c b/src/lib/libcrypto/bio/bio_err.c
deleted file mode 100644
index bb815fb1e6..0000000000
--- a/src/lib/libcrypto/bio/bio_err.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* crypto/bio/bio_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/bio.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA BIO_str_functs[]=
- {
-{ERR_PACK(0,BIO_F_ACPT_STATE,0), "ACPT_STATE"},
-{ERR_PACK(0,BIO_F_BIO_ACCEPT,0), "BIO_accept"},
-{ERR_PACK(0,BIO_F_BIO_BER_GET_HEADER,0), "BIO_BER_GET_HEADER"},
-{ERR_PACK(0,BIO_F_BIO_CTRL,0), "BIO_ctrl"},
-{ERR_PACK(0,BIO_F_BIO_GETHOSTBYNAME,0), "BIO_gethostbyname"},
-{ERR_PACK(0,BIO_F_BIO_GETS,0), "BIO_gets"},
-{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0), "BIO_get_accept_socket"},
-{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0), "BIO_get_host_ip"},
-{ERR_PACK(0,BIO_F_BIO_GET_PORT,0), "BIO_get_port"},
-{ERR_PACK(0,BIO_F_BIO_MAKE_PAIR,0), "BIO_MAKE_PAIR"},
-{ERR_PACK(0,BIO_F_BIO_NEW,0), "BIO_new"},
-{ERR_PACK(0,BIO_F_BIO_NEW_FILE,0), "BIO_new_file"},
-{ERR_PACK(0,BIO_F_BIO_NEW_MEM_BUF,0), "BIO_new_mem_buf"},
-{ERR_PACK(0,BIO_F_BIO_NREAD,0), "BIO_nread"},
-{ERR_PACK(0,BIO_F_BIO_NREAD0,0), "BIO_nread0"},
-{ERR_PACK(0,BIO_F_BIO_NWRITE,0), "BIO_nwrite"},
-{ERR_PACK(0,BIO_F_BIO_NWRITE0,0), "BIO_nwrite0"},
-{ERR_PACK(0,BIO_F_BIO_PUTS,0), "BIO_puts"},
-{ERR_PACK(0,BIO_F_BIO_READ,0), "BIO_read"},
-{ERR_PACK(0,BIO_F_BIO_SOCK_INIT,0), "BIO_sock_init"},
-{ERR_PACK(0,BIO_F_BIO_WRITE,0), "BIO_write"},
-{ERR_PACK(0,BIO_F_BUFFER_CTRL,0), "BUFFER_CTRL"},
-{ERR_PACK(0,BIO_F_CONN_CTRL,0), "CONN_CTRL"},
-{ERR_PACK(0,BIO_F_CONN_STATE,0), "CONN_STATE"},
-{ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"},
-{ERR_PACK(0,BIO_F_LINEBUFFER_CTRL,0), "LINEBUFFER_CTRL"},
-{ERR_PACK(0,BIO_F_MEM_READ,0), "MEM_READ"},
-{ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"},
-{ERR_PACK(0,BIO_F_SSL_NEW,0), "SSL_new"},
-{ERR_PACK(0,BIO_F_WSASTARTUP,0), "WSASTARTUP"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA BIO_str_reasons[]=
- {
-{BIO_R_ACCEPT_ERROR ,"accept error"},
-{BIO_R_BAD_FOPEN_MODE ,"bad fopen mode"},
-{BIO_R_BAD_HOSTNAME_LOOKUP ,"bad hostname lookup"},
-{BIO_R_BROKEN_PIPE ,"broken pipe"},
-{BIO_R_CONNECT_ERROR ,"connect error"},
-{BIO_R_EOF_ON_MEMORY_BIO ,"EOF on memory BIO"},
-{BIO_R_ERROR_SETTING_NBIO ,"error setting nbio"},
-{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET,"error setting nbio on accepted socket"},
-{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET,"error setting nbio on accept socket"},
-{BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ,"gethostbyname addr is not af inet"},
-{BIO_R_INVALID_ARGUMENT ,"invalid argument"},
-{BIO_R_INVALID_IP_ADDRESS ,"invalid ip address"},
-{BIO_R_IN_USE ,"in use"},
-{BIO_R_KEEPALIVE ,"keepalive"},
-{BIO_R_NBIO_CONNECT_ERROR ,"nbio connect error"},
-{BIO_R_NO_ACCEPT_PORT_SPECIFIED ,"no accept port specified"},
-{BIO_R_NO_HOSTNAME_SPECIFIED ,"no hostname specified"},
-{BIO_R_NO_PORT_DEFINED ,"no port defined"},
-{BIO_R_NO_PORT_SPECIFIED ,"no port specified"},
-{BIO_R_NULL_PARAMETER ,"null parameter"},
-{BIO_R_TAG_MISMATCH ,"tag mismatch"},
-{BIO_R_UNABLE_TO_BIND_SOCKET ,"unable to bind socket"},
-{BIO_R_UNABLE_TO_CREATE_SOCKET ,"unable to create socket"},
-{BIO_R_UNABLE_TO_LISTEN_SOCKET ,"unable to listen socket"},
-{BIO_R_UNINITIALIZED ,"uninitialized"},
-{BIO_R_UNSUPPORTED_METHOD ,"unsupported method"},
-{BIO_R_WRITE_TO_READ_ONLY_BIO ,"write to read only BIO"},
-{BIO_R_WSASTARTUP ,"WSAStartup"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_BIO_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_BIO,BIO_str_functs);
- ERR_load_strings(ERR_LIB_BIO,BIO_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/bio/bio_lib.c b/src/lib/libcrypto/bio/bio_lib.c
deleted file mode 100644
index 381afc9b8e..0000000000
--- a/src/lib/libcrypto/bio/bio_lib.c
+++ /dev/null
@@ -1,542 +0,0 @@
-/* crypto/bio/bio_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/stack.h>
-
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *bio_meth=NULL;
-static int bio_meth_num=0;
-
-BIO *BIO_new(BIO_METHOD *method)
- {
- BIO *ret=NULL;
-
- ret=(BIO *)OPENSSL_malloc(sizeof(BIO));
- if (ret == NULL)
- {
- BIOerr(BIO_F_BIO_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- if (!BIO_set(ret,method))
- {
- OPENSSL_free(ret);
- ret=NULL;
- }
- return(ret);
- }
-
-int BIO_set(BIO *bio, BIO_METHOD *method)
- {
- bio->method=method;
- bio->callback=NULL;
- bio->cb_arg=NULL;
- bio->init=0;
- bio->shutdown=1;
- bio->flags=0;
- bio->retry_reason=0;
- bio->num=0;
- bio->ptr=NULL;
- bio->prev_bio=NULL;
- bio->next_bio=NULL;
- bio->references=1;
- bio->num_read=0L;
- bio->num_write=0L;
- CRYPTO_new_ex_data(bio_meth,bio,&bio->ex_data);
- if (method->create != NULL)
- if (!method->create(bio))
- return(0);
- return(1);
- }
-
-int BIO_free(BIO *a)
- {
- int ret=0,i;
-
- if (a == NULL) return(0);
-
- i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_BIO);
-#ifdef REF_PRINT
- REF_PRINT("BIO",a);
-#endif
- if (i > 0) return(1);
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"BIO_free, bad reference count\n");
- abort();
- }
-#endif
- if ((a->callback != NULL) &&
- ((i=(int)a->callback(a,BIO_CB_FREE,NULL,0,0L,1L)) <= 0))
- return(i);
-
- CRYPTO_free_ex_data(bio_meth,a,&a->ex_data);
-
- if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
- ret=a->method->destroy(a);
- OPENSSL_free(a);
- return(1);
- }
-
-void BIO_vfree(BIO *a)
- { BIO_free(a); }
-
-int BIO_read(BIO *b, void *out, int outl)
- {
- int i;
- long (*cb)();
-
- if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL))
- {
- BIOerr(BIO_F_BIO_READ,BIO_R_UNSUPPORTED_METHOD);
- return(-2);
- }
-
- cb=b->callback;
- if ((cb != NULL) &&
- ((i=(int)cb(b,BIO_CB_READ,out,outl,0L,1L)) <= 0))
- return(i);
-
- if (!b->init)
- {
- BIOerr(BIO_F_BIO_READ,BIO_R_UNINITIALIZED);
- return(-2);
- }
-
- i=b->method->bread(b,out,outl);
-
- if (i > 0) b->num_read+=(unsigned long)i;
-
- if (cb != NULL)
- i=(int)cb(b,BIO_CB_READ|BIO_CB_RETURN,out,outl,
- 0L,(long)i);
- return(i);
- }
-
-int BIO_write(BIO *b, const void *in, int inl)
- {
- int i;
- long (*cb)();
-
- if (b == NULL)
- return(0);
-
- cb=b->callback;
- if ((b->method == NULL) || (b->method->bwrite == NULL))
- {
- BIOerr(BIO_F_BIO_WRITE,BIO_R_UNSUPPORTED_METHOD);
- return(-2);
- }
-
- if ((cb != NULL) &&
- ((i=(int)cb(b,BIO_CB_WRITE,in,inl,0L,1L)) <= 0))
- return(i);
-
- if (!b->init)
- {
- BIOerr(BIO_F_BIO_WRITE,BIO_R_UNINITIALIZED);
- return(-2);
- }
-
- i=b->method->bwrite(b,in,inl);
-
- if (i > 0) b->num_write+=(unsigned long)i;
-
- if (cb != NULL)
- i=(int)cb(b,BIO_CB_WRITE|BIO_CB_RETURN,in,inl,
- 0L,(long)i);
- return(i);
- }
-
-int BIO_puts(BIO *b, const char *in)
- {
- int i;
- long (*cb)();
-
- if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL))
- {
- BIOerr(BIO_F_BIO_PUTS,BIO_R_UNSUPPORTED_METHOD);
- return(-2);
- }
-
- cb=b->callback;
-
- if ((cb != NULL) &&
- ((i=(int)cb(b,BIO_CB_PUTS,in,0,0L,1L)) <= 0))
- return(i);
-
- if (!b->init)
- {
- BIOerr(BIO_F_BIO_PUTS,BIO_R_UNINITIALIZED);
- return(-2);
- }
-
- i=b->method->bputs(b,in);
-
- if (i > 0) b->num_write+=(unsigned long)i;
-
- if (cb != NULL)
- i=(int)cb(b,BIO_CB_PUTS|BIO_CB_RETURN,in,0,
- 0L,(long)i);
- return(i);
- }
-
-int BIO_gets(BIO *b, char *in, int inl)
- {
- int i;
- long (*cb)();
-
- if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL))
- {
- BIOerr(BIO_F_BIO_GETS,BIO_R_UNSUPPORTED_METHOD);
- return(-2);
- }
-
- cb=b->callback;
-
- if ((cb != NULL) &&
- ((i=(int)cb(b,BIO_CB_GETS,in,inl,0L,1L)) <= 0))
- return(i);
-
- if (!b->init)
- {
- BIOerr(BIO_F_BIO_GETS,BIO_R_UNINITIALIZED);
- return(-2);
- }
-
- i=b->method->bgets(b,in,inl);
-
- if (cb != NULL)
- i=(int)cb(b,BIO_CB_GETS|BIO_CB_RETURN,in,inl,
- 0L,(long)i);
- return(i);
- }
-
-long BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg)
- {
- int i;
-
- i=iarg;
- return(BIO_ctrl(b,cmd,larg,(char *)&i));
- }
-
-char *BIO_ptr_ctrl(BIO *b, int cmd, long larg)
- {
- char *p=NULL;
-
- if (BIO_ctrl(b,cmd,larg,(char *)&p) <= 0)
- return(NULL);
- else
- return(p);
- }
-
-long BIO_ctrl(BIO *b, int cmd, long larg, void *parg)
- {
- long ret;
- long (*cb)();
-
- if (b == NULL) return(0);
-
- if ((b->method == NULL) || (b->method->ctrl == NULL))
- {
- BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD);
- return(-2);
- }
-
- cb=b->callback;
-
- if ((cb != NULL) &&
- ((ret=cb(b,BIO_CB_CTRL,parg,cmd,larg,1L)) <= 0))
- return(ret);
-
- ret=b->method->ctrl(b,cmd,larg,parg);
-
- if (cb != NULL)
- ret=cb(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd,
- larg,ret);
- return(ret);
- }
-
-long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long))
- {
- long ret;
- long (*cb)();
-
- if (b == NULL) return(0);
-
- if ((b->method == NULL) || (b->method->callback_ctrl == NULL))
- {
- BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD);
- return(-2);
- }
-
- cb=b->callback;
-
- if ((cb != NULL) &&
- ((ret=cb(b,BIO_CB_CTRL,(void *)&fp,cmd,0,1L)) <= 0))
- return(ret);
-
- ret=b->method->callback_ctrl(b,cmd,fp);
-
- if (cb != NULL)
- ret=cb(b,BIO_CB_CTRL|BIO_CB_RETURN,(void *)&fp,cmd,
- 0,ret);
- return(ret);
- }
-
-/* It is unfortunate to duplicate in functions what the BIO_(w)pending macros
- * do; but those macros have inappropriate return type, and for interfacing
- * from other programming languages, C macros aren't much of a help anyway. */
-size_t BIO_ctrl_pending(BIO *bio)
- {
- return BIO_ctrl(bio, BIO_CTRL_PENDING, 0, NULL);
- }
-
-size_t BIO_ctrl_wpending(BIO *bio)
- {
- return BIO_ctrl(bio, BIO_CTRL_WPENDING, 0, NULL);
- }
-
-
-/* put the 'bio' on the end of b's list of operators */
-BIO *BIO_push(BIO *b, BIO *bio)
- {
- BIO *lb;
-
- if (b == NULL) return(bio);
- lb=b;
- while (lb->next_bio != NULL)
- lb=lb->next_bio;
- lb->next_bio=bio;
- if (bio != NULL)
- bio->prev_bio=lb;
- /* called to do internal processing */
- BIO_ctrl(b,BIO_CTRL_PUSH,0,NULL);
- return(b);
- }
-
-/* Remove the first and return the rest */
-BIO *BIO_pop(BIO *b)
- {
- BIO *ret;
-
- if (b == NULL) return(NULL);
- ret=b->next_bio;
-
- if (b->prev_bio != NULL)
- b->prev_bio->next_bio=b->next_bio;
- if (b->next_bio != NULL)
- b->next_bio->prev_bio=b->prev_bio;
-
- b->next_bio=NULL;
- b->prev_bio=NULL;
- BIO_ctrl(b,BIO_CTRL_POP,0,NULL);
- return(ret);
- }
-
-BIO *BIO_get_retry_BIO(BIO *bio, int *reason)
- {
- BIO *b,*last;
-
- b=last=bio;
- for (;;)
- {
- if (!BIO_should_retry(b)) break;
- last=b;
- b=b->next_bio;
- if (b == NULL) break;
- }
- if (reason != NULL) *reason=last->retry_reason;
- return(last);
- }
-
-int BIO_get_retry_reason(BIO *bio)
- {
- return(bio->retry_reason);
- }
-
-BIO *BIO_find_type(BIO *bio, int type)
- {
- int mt,mask;
-
- if(!bio) return NULL;
- mask=type&0xff;
- do {
- if (bio->method != NULL)
- {
- mt=bio->method->type;
-
- if (!mask)
- {
- if (mt & type) return(bio);
- }
- else if (mt == type)
- return(bio);
- }
- bio=bio->next_bio;
- } while (bio != NULL);
- return(NULL);
- }
-
-BIO *BIO_next(BIO *b)
- {
- if(!b) return NULL;
- return b->next_bio;
- }
-
-void BIO_free_all(BIO *bio)
- {
- BIO *b;
- int ref;
-
- while (bio != NULL)
- {
- b=bio;
- ref=b->references;
- bio=bio->next_bio;
- BIO_free(b);
- /* Since ref count > 1, don't free anyone else. */
- if (ref > 1) break;
- }
- }
-
-BIO *BIO_dup_chain(BIO *in)
- {
- BIO *ret=NULL,*eoc=NULL,*bio,*new;
-
- for (bio=in; bio != NULL; bio=bio->next_bio)
- {
- if ((new=BIO_new(bio->method)) == NULL) goto err;
- new->callback=bio->callback;
- new->cb_arg=bio->cb_arg;
- new->init=bio->init;
- new->shutdown=bio->shutdown;
- new->flags=bio->flags;
-
- /* This will let SSL_s_sock() work with stdin/stdout */
- new->num=bio->num;
-
- if (!BIO_dup_state(bio,(char *)new))
- {
- BIO_free(new);
- goto err;
- }
-
- /* copy app data */
- if (!CRYPTO_dup_ex_data(bio_meth,&new->ex_data,&bio->ex_data))
- goto err;
-
- if (ret == NULL)
- {
- eoc=new;
- ret=eoc;
- }
- else
- {
- BIO_push(eoc,new);
- eoc=new;
- }
- }
- return(ret);
-err:
- if (ret != NULL)
- BIO_free(ret);
- return(NULL);
- }
-
-void BIO_copy_next_retry(BIO *b)
- {
- BIO_set_flags(b,BIO_get_retry_flags(b->next_bio));
- b->retry_reason=b->next_bio->retry_reason;
- }
-
-int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
- {
- bio_meth_num++;
- return(CRYPTO_get_ex_new_index(bio_meth_num-1,&bio_meth,
- argl,argp,new_func,dup_func,free_func));
- }
-
-int BIO_set_ex_data(BIO *bio, int idx, void *data)
- {
- return(CRYPTO_set_ex_data(&(bio->ex_data),idx,data));
- }
-
-void *BIO_get_ex_data(BIO *bio, int idx)
- {
- return(CRYPTO_get_ex_data(&(bio->ex_data),idx));
- }
-
-unsigned long BIO_number_read(BIO *bio)
-{
- if(bio) return bio->num_read;
- return 0;
-}
-
-unsigned long BIO_number_written(BIO *bio)
-{
- if(bio) return bio->num_write;
- return 0;
-}
-
-IMPLEMENT_STACK_OF(BIO)
diff --git a/src/lib/libcrypto/bio/bss_acpt.c b/src/lib/libcrypto/bio/bss_acpt.c
deleted file mode 100644
index 4da5822062..0000000000
--- a/src/lib/libcrypto/bio/bss_acpt.c
+++ /dev/null
@@ -1,467 +0,0 @@
-/* crypto/bio/bss_acpt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_SOCK
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#ifdef WIN16
-#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
-#else
-#define SOCKET_PROTOCOL IPPROTO_TCP
-#endif
-
-#if (defined(VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-#undef FIONBIO
-#endif
-
-typedef struct bio_accept_st
- {
- int state;
- char *param_addr;
-
- int accept_sock;
- int accept_nbio;
-
- char *addr;
- int nbio;
- /* If 0, it means normal, if 1, do a connect on bind failure,
- * and if there is no-one listening, bind with SO_REUSEADDR.
- * If 2, always use SO_REUSEADDR. */
- int bind_mode;
- BIO *bio_chain;
- } BIO_ACCEPT;
-
-static int acpt_write(BIO *h, const char *buf, int num);
-static int acpt_read(BIO *h, char *buf, int size);
-static int acpt_puts(BIO *h, const char *str);
-static long acpt_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int acpt_new(BIO *h);
-static int acpt_free(BIO *data);
-static int acpt_state(BIO *b, BIO_ACCEPT *c);
-static void acpt_close_socket(BIO *data);
-BIO_ACCEPT *BIO_ACCEPT_new(void );
-void BIO_ACCEPT_free(BIO_ACCEPT *a);
-
-#define ACPT_S_BEFORE 1
-#define ACPT_S_GET_ACCEPT_SOCKET 2
-#define ACPT_S_OK 3
-
-static BIO_METHOD methods_acceptp=
- {
- BIO_TYPE_ACCEPT,
- "socket accept",
- acpt_write,
- acpt_read,
- acpt_puts,
- NULL, /* connect_gets, */
- acpt_ctrl,
- acpt_new,
- acpt_free,
- NULL,
- };
-
-BIO_METHOD *BIO_s_accept(void)
- {
- return(&methods_acceptp);
- }
-
-static int acpt_new(BIO *bi)
- {
- BIO_ACCEPT *ba;
-
- bi->init=0;
- bi->num=INVALID_SOCKET;
- bi->flags=0;
- if ((ba=BIO_ACCEPT_new()) == NULL)
- return(0);
- bi->ptr=(char *)ba;
- ba->state=ACPT_S_BEFORE;
- bi->shutdown=1;
- return(1);
- }
-
-BIO_ACCEPT *BIO_ACCEPT_new(void)
- {
- BIO_ACCEPT *ret;
-
- if ((ret=(BIO_ACCEPT *)OPENSSL_malloc(sizeof(BIO_ACCEPT))) == NULL)
- return(NULL);
-
- memset(ret,0,sizeof(BIO_ACCEPT));
- ret->accept_sock=INVALID_SOCKET;
- ret->bind_mode=BIO_BIND_NORMAL;
- return(ret);
- }
-
-void BIO_ACCEPT_free(BIO_ACCEPT *a)
- {
- if(a == NULL)
- return;
-
- if (a->param_addr != NULL) OPENSSL_free(a->param_addr);
- if (a->addr != NULL) OPENSSL_free(a->addr);
- if (a->bio_chain != NULL) BIO_free(a->bio_chain);
- OPENSSL_free(a);
- }
-
-static void acpt_close_socket(BIO *bio)
- {
- BIO_ACCEPT *c;
-
- c=(BIO_ACCEPT *)bio->ptr;
- if (c->accept_sock != INVALID_SOCKET)
- {
- shutdown(c->accept_sock,2);
- closesocket(c->accept_sock);
- c->accept_sock=INVALID_SOCKET;
- bio->num=INVALID_SOCKET;
- }
- }
-
-static int acpt_free(BIO *a)
- {
- BIO_ACCEPT *data;
-
- if (a == NULL) return(0);
- data=(BIO_ACCEPT *)a->ptr;
-
- if (a->shutdown)
- {
- acpt_close_socket(a);
- BIO_ACCEPT_free(data);
- a->ptr=NULL;
- a->flags=0;
- a->init=0;
- }
- return(1);
- }
-
-static int acpt_state(BIO *b, BIO_ACCEPT *c)
- {
- BIO *bio=NULL,*dbio;
- int s= -1;
- int i;
-
-again:
- switch (c->state)
- {
- case ACPT_S_BEFORE:
- if (c->param_addr == NULL)
- {
- BIOerr(BIO_F_ACPT_STATE,BIO_R_NO_ACCEPT_PORT_SPECIFIED);
- return(-1);
- }
- s=BIO_get_accept_socket(c->param_addr,c->bind_mode);
- if (s == INVALID_SOCKET)
- return(-1);
-
- if (c->accept_nbio)
- {
- if (!BIO_socket_nbio(s,1))
- {
- closesocket(s);
- BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET);
- return(-1);
- }
- }
- c->accept_sock=s;
- b->num=s;
- c->state=ACPT_S_GET_ACCEPT_SOCKET;
- return(1);
- /* break; */
- case ACPT_S_GET_ACCEPT_SOCKET:
- if (b->next_bio != NULL)
- {
- c->state=ACPT_S_OK;
- goto again;
- }
- i=BIO_accept(c->accept_sock,&(c->addr));
- if (i < 0) return(i);
- bio=BIO_new_socket(i,BIO_CLOSE);
- if (bio == NULL) goto err;
-
- BIO_set_callback(bio,BIO_get_callback(b));
- BIO_set_callback_arg(bio,BIO_get_callback_arg(b));
-
- if (c->nbio)
- {
- if (!BIO_socket_nbio(i,1))
- {
- BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET);
- goto err;
- }
- }
-
- /* If the accept BIO has an bio_chain, we dup it and
- * put the new socket at the end. */
- if (c->bio_chain != NULL)
- {
- if ((dbio=BIO_dup_chain(c->bio_chain)) == NULL)
- goto err;
- if (!BIO_push(dbio,bio)) goto err;
- bio=dbio;
- }
- if (BIO_push(b,bio) == NULL) goto err;
-
- c->state=ACPT_S_OK;
- return(1);
-err:
- if (bio != NULL)
- BIO_free(bio);
- else if (s >= 0)
- closesocket(s);
- return(0);
- /* break; */
- case ACPT_S_OK:
- if (b->next_bio == NULL)
- {
- c->state=ACPT_S_GET_ACCEPT_SOCKET;
- goto again;
- }
- return(1);
- /* break; */
- default:
- return(0);
- /* break; */
- }
-
- }
-
-static int acpt_read(BIO *b, char *out, int outl)
- {
- int ret=0;
- BIO_ACCEPT *data;
-
- BIO_clear_retry_flags(b);
- data=(BIO_ACCEPT *)b->ptr;
-
- while (b->next_bio == NULL)
- {
- ret=acpt_state(b,data);
- if (ret <= 0) return(ret);
- }
-
- ret=BIO_read(b->next_bio,out,outl);
- BIO_copy_next_retry(b);
- return(ret);
- }
-
-static int acpt_write(BIO *b, const char *in, int inl)
- {
- int ret;
- BIO_ACCEPT *data;
-
- BIO_clear_retry_flags(b);
- data=(BIO_ACCEPT *)b->ptr;
-
- while (b->next_bio == NULL)
- {
- ret=acpt_state(b,data);
- if (ret <= 0) return(ret);
- }
-
- ret=BIO_write(b->next_bio,in,inl);
- BIO_copy_next_retry(b);
- return(ret);
- }
-
-static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- BIO *dbio;
- int *ip;
- long ret=1;
- BIO_ACCEPT *data;
- char **pp;
-
- data=(BIO_ACCEPT *)b->ptr;
-
- switch (cmd)
- {
- case BIO_CTRL_RESET:
- ret=0;
- data->state=ACPT_S_BEFORE;
- acpt_close_socket(b);
- b->flags=0;
- break;
- case BIO_C_DO_STATE_MACHINE:
- /* use this one to start the connection */
- ret=(long)acpt_state(b,data);
- break;
- case BIO_C_SET_ACCEPT:
- if (ptr != NULL)
- {
- if (num == 0)
- {
- b->init=1;
- if (data->param_addr != NULL)
- OPENSSL_free(data->param_addr);
- data->param_addr=BUF_strdup(ptr);
- }
- else if (num == 1)
- {
- data->accept_nbio=(ptr != NULL);
- }
- else if (num == 2)
- {
- if (data->bio_chain != NULL)
- BIO_free(data->bio_chain);
- data->bio_chain=(BIO *)ptr;
- }
- }
- break;
- case BIO_C_SET_NBIO:
- data->nbio=(int)num;
- break;
- case BIO_C_SET_FD:
- b->init=1;
- b->num= *((int *)ptr);
- data->accept_sock=b->num;
- data->state=ACPT_S_GET_ACCEPT_SOCKET;
- b->shutdown=(int)num;
- b->init=1;
- break;
- case BIO_C_GET_FD:
- if (b->init)
- {
- ip=(int *)ptr;
- if (ip != NULL)
- *ip=data->accept_sock;
- ret=data->accept_sock;
- }
- else
- ret= -1;
- break;
- case BIO_C_GET_ACCEPT:
- if (b->init)
- {
- if (ptr != NULL)
- {
- pp=(char **)ptr;
- *pp=data->param_addr;
- }
- else
- ret= -1;
- }
- else
- ret= -1;
- break;
- case BIO_CTRL_GET_CLOSE:
- ret=b->shutdown;
- break;
- case BIO_CTRL_SET_CLOSE:
- b->shutdown=(int)num;
- break;
- case BIO_CTRL_PENDING:
- case BIO_CTRL_WPENDING:
- ret=0;
- break;
- case BIO_CTRL_FLUSH:
- break;
- case BIO_C_SET_BIND_MODE:
- data->bind_mode=(int)num;
- break;
- case BIO_C_GET_BIND_MODE:
- ret=(long)data->bind_mode;
- break;
- case BIO_CTRL_DUP:
- dbio=(BIO *)ptr;
-/* if (data->param_port) EAY EAY
- BIO_set_port(dbio,data->param_port);
- if (data->param_hostname)
- BIO_set_hostname(dbio,data->param_hostname);
- BIO_set_nbio(dbio,data->nbio); */
- break;
-
- default:
- ret=0;
- break;
- }
- return(ret);
- }
-
-static int acpt_puts(BIO *bp, const char *str)
- {
- int n,ret;
-
- n=strlen(str);
- ret=acpt_write(bp,str,n);
- return(ret);
- }
-
-BIO *BIO_new_accept(char *str)
- {
- BIO *ret;
-
- ret=BIO_new(BIO_s_accept());
- if (ret == NULL) return(NULL);
- if (BIO_set_accept_port(ret,str))
- return(ret);
- else
- {
- BIO_free(ret);
- return(NULL);
- }
- }
-
-#endif
diff --git a/src/lib/libcrypto/bio/bss_bio.c b/src/lib/libcrypto/bio/bss_bio.c
deleted file mode 100644
index 78c6ab4fdd..0000000000
--- a/src/lib/libcrypto/bio/bss_bio.c
+++ /dev/null
@@ -1,857 +0,0 @@
-/* crypto/bio/bss_bio.c -*- Mode: C; c-file-style: "eay" -*- */
-
-/* Special method for a BIO where the other endpoint is also a BIO
- * of this kind, handled by the same thread (i.e. the "peer" is actually
- * ourselves, wearing a different hat).
- * Such "BIO pairs" are mainly for using the SSL library with I/O interfaces
- * for which no specific BIO method is available.
- * See ssl/ssltest.c for some hints on how this can be used. */
-
-#ifndef BIO_PAIR_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <assert.h>
-#include <limits.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/err.h>
-#include <openssl/crypto.h>
-
-#include "openssl/e_os.h"
-#ifndef SSIZE_MAX
-# define SSIZE_MAX INT_MAX
-#endif
-
-static int bio_new(BIO *bio);
-static int bio_free(BIO *bio);
-static int bio_read(BIO *bio, char *buf, int size);
-static int bio_write(BIO *bio, const char *buf, int num);
-static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr);
-static int bio_puts(BIO *bio, const char *str);
-
-static int bio_make_pair(BIO *bio1, BIO *bio2);
-static void bio_destroy_pair(BIO *bio);
-
-static BIO_METHOD methods_biop =
-{
- BIO_TYPE_BIO,
- "BIO pair",
- bio_write,
- bio_read,
- bio_puts,
- NULL /* no bio_gets */,
- bio_ctrl,
- bio_new,
- bio_free,
- NULL /* no bio_callback_ctrl */
-};
-
-BIO_METHOD *BIO_s_bio(void)
- {
- return &methods_biop;
- }
-
-struct bio_bio_st
-{
- BIO *peer; /* NULL if buf == NULL.
- * If peer != NULL, then peer->ptr is also a bio_bio_st,
- * and its "peer" member points back to us.
- * peer != NULL iff init != 0 in the BIO. */
-
- /* This is for what we write (i.e. reading uses peer's struct): */
- int closed; /* valid iff peer != NULL */
- size_t len; /* valid iff buf != NULL; 0 if peer == NULL */
- size_t offset; /* valid iff buf != NULL; 0 if len == 0 */
- size_t size;
- char *buf; /* "size" elements (if != NULL) */
-
- size_t request; /* valid iff peer != NULL; 0 if len != 0,
- * otherwise set by peer to number of bytes
- * it (unsuccessfully) tried to read,
- * never more than buffer space (size-len) warrants. */
-};
-
-static int bio_new(BIO *bio)
- {
- struct bio_bio_st *b;
-
- b = OPENSSL_malloc(sizeof *b);
- if (b == NULL)
- return 0;
-
- b->peer = NULL;
- b->size = 17*1024; /* enough for one TLS record (just a default) */
- b->buf = NULL;
-
- bio->ptr = b;
- return 1;
- }
-
-
-static int bio_free(BIO *bio)
- {
- struct bio_bio_st *b;
-
- if (bio == NULL)
- return 0;
- b = bio->ptr;
-
- assert(b != NULL);
-
- if (b->peer)
- bio_destroy_pair(bio);
-
- if (b->buf != NULL)
- {
- OPENSSL_free(b->buf);
- }
-
- OPENSSL_free(b);
-
- return 1;
- }
-
-
-
-static int bio_read(BIO *bio, char *buf, int size_)
- {
- size_t size = size_;
- size_t rest;
- struct bio_bio_st *b, *peer_b;
-
- BIO_clear_retry_flags(bio);
-
- if (!bio->init)
- return 0;
-
- b = bio->ptr;
- assert(b != NULL);
- assert(b->peer != NULL);
- peer_b = b->peer->ptr;
- assert(peer_b != NULL);
- assert(peer_b->buf != NULL);
-
- peer_b->request = 0; /* will be set in "retry_read" situation */
-
- if (buf == NULL || size == 0)
- return 0;
-
- if (peer_b->len == 0)
- {
- if (peer_b->closed)
- return 0; /* writer has closed, and no data is left */
- else
- {
- BIO_set_retry_read(bio); /* buffer is empty */
- if (size <= peer_b->size)
- peer_b->request = size;
- else
- /* don't ask for more than the peer can
- * deliver in one write */
- peer_b->request = peer_b->size;
- return -1;
- }
- }
-
- /* we can read */
- if (peer_b->len < size)
- size = peer_b->len;
-
- /* now read "size" bytes */
-
- rest = size;
-
- assert(rest > 0);
- do /* one or two iterations */
- {
- size_t chunk;
-
- assert(rest <= peer_b->len);
- if (peer_b->offset + rest <= peer_b->size)
- chunk = rest;
- else
- /* wrap around ring buffer */
- chunk = peer_b->size - peer_b->offset;
- assert(peer_b->offset + chunk <= peer_b->size);
-
- memcpy(buf, peer_b->buf + peer_b->offset, chunk);
-
- peer_b->len -= chunk;
- if (peer_b->len)
- {
- peer_b->offset += chunk;
- assert(peer_b->offset <= peer_b->size);
- if (peer_b->offset == peer_b->size)
- peer_b->offset = 0;
- buf += chunk;
- }
- else
- {
- /* buffer now empty, no need to advance "buf" */
- assert(chunk == rest);
- peer_b->offset = 0;
- }
- rest -= chunk;
- }
- while (rest);
-
- return size;
- }
-
-/* non-copying interface: provide pointer to available data in buffer
- * bio_nread0: return number of available bytes
- * bio_nread: also advance index
- * (example usage: bio_nread0(), read from buffer, bio_nread()
- * or just bio_nread(), read from buffer)
- */
-/* WARNING: The non-copying interface is largely untested as of yet
- * and may contain bugs. */
-static ssize_t bio_nread0(BIO *bio, char **buf)
- {
- struct bio_bio_st *b, *peer_b;
- ssize_t num;
-
- BIO_clear_retry_flags(bio);
-
- if (!bio->init)
- return 0;
-
- b = bio->ptr;
- assert(b != NULL);
- assert(b->peer != NULL);
- peer_b = b->peer->ptr;
- assert(peer_b != NULL);
- assert(peer_b->buf != NULL);
-
- peer_b->request = 0;
-
- if (peer_b->len == 0)
- {
- char dummy;
-
- /* avoid code duplication -- nothing available for reading */
- return bio_read(bio, &dummy, 1); /* returns 0 or -1 */
- }
-
- num = peer_b->len;
- if (peer_b->size < peer_b->offset + num)
- /* no ring buffer wrap-around for non-copying interface */
- num = peer_b->size - peer_b->offset;
- assert(num > 0);
-
- if (buf != NULL)
- *buf = peer_b->buf + peer_b->offset;
- return num;
- }
-
-static ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
- {
- struct bio_bio_st *b, *peer_b;
- ssize_t num, available;
-
- if (num_ > SSIZE_MAX)
- num = SSIZE_MAX;
- else
- num = (ssize_t)num_;
-
- available = bio_nread0(bio, buf);
- if (num > available)
- num = available;
- if (num <= 0)
- return num;
-
- b = bio->ptr;
- peer_b = b->peer->ptr;
-
- peer_b->len -= num;
- if (peer_b->len)
- {
- peer_b->offset += num;
- assert(peer_b->offset <= peer_b->size);
- if (peer_b->offset == peer_b->size)
- peer_b->offset = 0;
- }
- else
- peer_b->offset = 0;
-
- return num;
- }
-
-
-static int bio_write(BIO *bio, const char *buf, int num_)
- {
- size_t num = num_;
- size_t rest;
- struct bio_bio_st *b;
-
- BIO_clear_retry_flags(bio);
-
- if (!bio->init || buf == NULL || num == 0)
- return 0;
-
- b = bio->ptr;
- assert(b != NULL);
- assert(b->peer != NULL);
- assert(b->buf != NULL);
-
- b->request = 0;
- if (b->closed)
- {
- /* we already closed */
- BIOerr(BIO_F_BIO_WRITE, BIO_R_BROKEN_PIPE);
- return -1;
- }
-
- assert(b->len <= b->size);
-
- if (b->len == b->size)
- {
- BIO_set_retry_write(bio); /* buffer is full */
- return -1;
- }
-
- /* we can write */
- if (num > b->size - b->len)
- num = b->size - b->len;
-
- /* now write "num" bytes */
-
- rest = num;
-
- assert(rest > 0);
- do /* one or two iterations */
- {
- size_t write_offset;
- size_t chunk;
-
- assert(b->len + rest <= b->size);
-
- write_offset = b->offset + b->len;
- if (write_offset >= b->size)
- write_offset -= b->size;
- /* b->buf[write_offset] is the first byte we can write to. */
-
- if (write_offset + rest <= b->size)
- chunk = rest;
- else
- /* wrap around ring buffer */
- chunk = b->size - write_offset;
-
- memcpy(b->buf + write_offset, buf, chunk);
-
- b->len += chunk;
-
- assert(b->len <= b->size);
-
- rest -= chunk;
- buf += chunk;
- }
- while (rest);
-
- return num;
- }
-
-/* non-copying interface: provide pointer to region to write to
- * bio_nwrite0: check how much space is available
- * bio_nwrite: also increase length
- * (example usage: bio_nwrite0(), write to buffer, bio_nwrite()
- * or just bio_nwrite(), write to buffer)
- */
-static ssize_t bio_nwrite0(BIO *bio, char **buf)
- {
- struct bio_bio_st *b;
- size_t num;
- size_t write_offset;
-
- BIO_clear_retry_flags(bio);
-
- if (!bio->init)
- return 0;
-
- b = bio->ptr;
- assert(b != NULL);
- assert(b->peer != NULL);
- assert(b->buf != NULL);
-
- b->request = 0;
- if (b->closed)
- {
- BIOerr(BIO_F_BIO_NWRITE0, BIO_R_BROKEN_PIPE);
- return -1;
- }
-
- assert(b->len <= b->size);
-
- if (b->len == b->size)
- {
- BIO_set_retry_write(bio);
- return -1;
- }
-
- num = b->size - b->len;
- write_offset = b->offset + b->len;
- if (write_offset >= b->size)
- write_offset -= b->size;
- if (write_offset + num > b->size)
- /* no ring buffer wrap-around for non-copying interface
- * (to fulfil the promise by BIO_ctrl_get_write_guarantee,
- * BIO_nwrite may have to be called twice) */
- num = b->size - write_offset;
-
- if (buf != NULL)
- *buf = b->buf + write_offset;
- assert(write_offset + num <= b->size);
-
- return num;
- }
-
-static ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
- {
- struct bio_bio_st *b;
- ssize_t num, space;
-
- if (num_ > SSIZE_MAX)
- num = SSIZE_MAX;
- else
- num = (ssize_t)num_;
-
- space = bio_nwrite0(bio, buf);
- if (num > space)
- num = space;
- if (num <= 0)
- return num;
- b = bio->ptr;
- assert(b != NULL);
- b->len += num;
- assert(b->len <= b->size);
-
- return num;
- }
-
-
-static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
- {
- long ret;
- struct bio_bio_st *b = bio->ptr;
-
- assert(b != NULL);
-
- switch (cmd)
- {
- /* specific CTRL codes */
-
- case BIO_C_SET_WRITE_BUF_SIZE:
- if (b->peer)
- {
- BIOerr(BIO_F_BIO_CTRL, BIO_R_IN_USE);
- ret = 0;
- }
- else if (num == 0)
- {
- BIOerr(BIO_F_BIO_CTRL, BIO_R_INVALID_ARGUMENT);
- ret = 0;
- }
- else
- {
- size_t new_size = num;
-
- if (b->size != new_size)
- {
- if (b->buf)
- {
- OPENSSL_free(b->buf);
- b->buf = NULL;
- }
- b->size = new_size;
- }
- ret = 1;
- }
- break;
-
- case BIO_C_GET_WRITE_BUF_SIZE:
- num = (long) b->size;
-
- case BIO_C_MAKE_BIO_PAIR:
- {
- BIO *other_bio = ptr;
-
- if (bio_make_pair(bio, other_bio))
- ret = 1;
- else
- ret = 0;
- }
- break;
-
- case BIO_C_DESTROY_BIO_PAIR:
- /* Effects both BIOs in the pair -- call just once!
- * Or let BIO_free(bio1); BIO_free(bio2); do the job. */
- bio_destroy_pair(bio);
- ret = 1;
- break;
-
- case BIO_C_GET_WRITE_GUARANTEE:
- /* How many bytes can the caller feed to the next write
- * without having to keep any? */
- if (b->peer == NULL || b->closed)
- ret = 0;
- else
- ret = (long) b->size - b->len;
- break;
-
- case BIO_C_GET_READ_REQUEST:
- /* If the peer unsuccessfully tried to read, how many bytes
- * were requested? (As with BIO_CTRL_PENDING, that number
- * can usually be treated as boolean.) */
- ret = (long) b->request;
- break;
-
- case BIO_C_RESET_READ_REQUEST:
- /* Reset request. (Can be useful after read attempts
- * at the other side that are meant to be non-blocking,
- * e.g. when probing SSL_read to see if any data is
- * available.) */
- b->request = 0;
- ret = 1;
- break;
-
- case BIO_C_SHUTDOWN_WR:
- /* similar to shutdown(..., SHUT_WR) */
- b->closed = 1;
- ret = 1;
- break;
-
- case BIO_C_NREAD0:
- /* prepare for non-copying read */
- ret = (long) bio_nread0(bio, ptr);
- break;
-
- case BIO_C_NREAD:
- /* non-copying read */
- ret = (long) bio_nread(bio, ptr, (size_t) num);
- break;
-
- case BIO_C_NWRITE0:
- /* prepare for non-copying write */
- ret = (long) bio_nwrite0(bio, ptr);
- break;
-
- case BIO_C_NWRITE:
- /* non-copying write */
- ret = (long) bio_nwrite(bio, ptr, (size_t) num);
- break;
-
-
- /* standard CTRL codes follow */
-
- case BIO_CTRL_RESET:
- if (b->buf != NULL)
- {
- b->len = 0;
- b->offset = 0;
- }
- ret = 0;
- break;
-
- case BIO_CTRL_GET_CLOSE:
- ret = bio->shutdown;
- break;
-
- case BIO_CTRL_SET_CLOSE:
- bio->shutdown = (int) num;
- ret = 1;
- break;
-
- case BIO_CTRL_PENDING:
- if (b->peer != NULL)
- {
- struct bio_bio_st *peer_b = b->peer->ptr;
-
- ret = (long) peer_b->len;
- }
- else
- ret = 0;
- break;
-
- case BIO_CTRL_WPENDING:
- if (b->buf != NULL)
- ret = (long) b->len;
- else
- ret = 0;
- break;
-
- case BIO_CTRL_DUP:
- /* See BIO_dup_chain for circumstances we have to expect. */
- {
- BIO *other_bio = ptr;
- struct bio_bio_st *other_b;
-
- assert(other_bio != NULL);
- other_b = other_bio->ptr;
- assert(other_b != NULL);
-
- assert(other_b->buf == NULL); /* other_bio is always fresh */
-
- other_b->size = b->size;
- }
-
- ret = 1;
- break;
-
- case BIO_CTRL_FLUSH:
- ret = 1;
- break;
-
- case BIO_CTRL_EOF:
- {
- BIO *other_bio = ptr;
-
- if (other_bio)
- {
- struct bio_bio_st *other_b = other_bio->ptr;
-
- assert(other_b != NULL);
- ret = other_b->len == 0 && other_b->closed;
- }
- else
- ret = 1;
- }
- break;
-
- default:
- ret = 0;
- }
- return ret;
- }
-
-static int bio_puts(BIO *bio, const char *str)
- {
- return bio_write(bio, str, strlen(str));
- }
-
-
-static int bio_make_pair(BIO *bio1, BIO *bio2)
- {
- struct bio_bio_st *b1, *b2;
-
- assert(bio1 != NULL);
- assert(bio2 != NULL);
-
- b1 = bio1->ptr;
- b2 = bio2->ptr;
-
- if (b1->peer != NULL || b2->peer != NULL)
- {
- BIOerr(BIO_F_BIO_MAKE_PAIR, BIO_R_IN_USE);
- return 0;
- }
-
- if (b1->buf == NULL)
- {
- b1->buf = OPENSSL_malloc(b1->size);
- if (b1->buf == NULL)
- {
- BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- b1->len = 0;
- b1->offset = 0;
- }
-
- if (b2->buf == NULL)
- {
- b2->buf = OPENSSL_malloc(b2->size);
- if (b2->buf == NULL)
- {
- BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- b2->len = 0;
- b2->offset = 0;
- }
-
- b1->peer = bio2;
- b1->closed = 0;
- b1->request = 0;
- b2->peer = bio1;
- b2->closed = 0;
- b2->request = 0;
-
- bio1->init = 1;
- bio2->init = 1;
-
- return 1;
- }
-
-static void bio_destroy_pair(BIO *bio)
- {
- struct bio_bio_st *b = bio->ptr;
-
- if (b != NULL)
- {
- BIO *peer_bio = b->peer;
-
- if (peer_bio != NULL)
- {
- struct bio_bio_st *peer_b = peer_bio->ptr;
-
- assert(peer_b != NULL);
- assert(peer_b->peer == bio);
-
- peer_b->peer = NULL;
- peer_bio->init = 0;
- assert(peer_b->buf != NULL);
- peer_b->len = 0;
- peer_b->offset = 0;
-
- b->peer = NULL;
- bio->init = 0;
- assert(b->buf != NULL);
- b->len = 0;
- b->offset = 0;
- }
- }
- }
-
-
-/* Exported convenience functions */
-int BIO_new_bio_pair(BIO **bio1_p, size_t writebuf1,
- BIO **bio2_p, size_t writebuf2)
- {
- BIO *bio1 = NULL, *bio2 = NULL;
- long r;
- int ret = 0;
-
- bio1 = BIO_new(BIO_s_bio());
- if (bio1 == NULL)
- goto err;
- bio2 = BIO_new(BIO_s_bio());
- if (bio2 == NULL)
- goto err;
-
- if (writebuf1)
- {
- r = BIO_set_write_buf_size(bio1, writebuf1);
- if (!r)
- goto err;
- }
- if (writebuf2)
- {
- r = BIO_set_write_buf_size(bio2, writebuf2);
- if (!r)
- goto err;
- }
-
- r = BIO_make_bio_pair(bio1, bio2);
- if (!r)
- goto err;
- ret = 1;
-
- err:
- if (ret == 0)
- {
- if (bio1)
- {
- BIO_free(bio1);
- bio1 = NULL;
- }
- if (bio2)
- {
- BIO_free(bio2);
- bio2 = NULL;
- }
- }
-
- *bio1_p = bio1;
- *bio2_p = bio2;
- return ret;
- }
-
-size_t BIO_ctrl_get_write_guarantee(BIO *bio)
- {
- return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL);
- }
-
-size_t BIO_ctrl_get_read_request(BIO *bio)
- {
- return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL);
- }
-
-int BIO_ctrl_reset_read_request(BIO *bio)
- {
- return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0);
- }
-
-
-/* BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now
- * (conceivably some other BIOs could allow non-copying reads and writes too.)
- */
-int BIO_nread0(BIO *bio, char **buf)
- {
- long ret;
-
- if (!bio->init)
- {
- BIOerr(BIO_F_BIO_NREAD0, BIO_R_UNINITIALIZED);
- return -2;
- }
-
- ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf);
- if (ret > INT_MAX)
- return INT_MAX;
- else
- return (int) ret;
- }
-
-int BIO_nread(BIO *bio, char **buf, int num)
- {
- int ret;
-
- if (!bio->init)
- {
- BIOerr(BIO_F_BIO_NREAD, BIO_R_UNINITIALIZED);
- return -2;
- }
-
- ret = (int) BIO_ctrl(bio, BIO_C_NREAD, num, buf);
- if (ret > 0)
- bio->num_read += ret;
- return ret;
- }
-
-int BIO_nwrite0(BIO *bio, char **buf)
- {
- long ret;
-
- if (!bio->init)
- {
- BIOerr(BIO_F_BIO_NWRITE0, BIO_R_UNINITIALIZED);
- return -2;
- }
-
- ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf);
- if (ret > INT_MAX)
- return INT_MAX;
- else
- return (int) ret;
- }
-
-int BIO_nwrite(BIO *bio, char **buf, int num)
- {
- int ret;
-
- if (!bio->init)
- {
- BIOerr(BIO_F_BIO_NWRITE, BIO_R_UNINITIALIZED);
- return -2;
- }
-
- ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf);
- if (ret > 0)
- bio->num_read += ret;
- return ret;
- }
diff --git a/src/lib/libcrypto/bio/bss_conn.c b/src/lib/libcrypto/bio/bss_conn.c
deleted file mode 100644
index a6b77a2cb9..0000000000
--- a/src/lib/libcrypto/bio/bss_conn.c
+++ /dev/null
@@ -1,651 +0,0 @@
-/* crypto/bio/bss_conn.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_SOCK
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#ifdef WIN16
-#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
-#else
-#define SOCKET_PROTOCOL IPPROTO_TCP
-#endif
-
-#if (defined(VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-#undef FIONBIO
-#endif
-
-
-typedef struct bio_connect_st
- {
- int state;
-
- char *param_hostname;
- char *param_port;
- int nbio;
-
- unsigned char ip[4];
- unsigned short port;
-
- struct sockaddr_in them;
-
- /* int socket; this will be kept in bio->num so that it is
- * compatible with the bss_sock bio */
-
- /* called when the connection is initially made
- * callback(BIO,state,ret); The callback should return
- * 'ret'. state is for compatibility with the ssl info_callback */
- int (*info_callback)();
- } BIO_CONNECT;
-
-static int conn_write(BIO *h, const char *buf, int num);
-static int conn_read(BIO *h, char *buf, int size);
-static int conn_puts(BIO *h, const char *str);
-static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int conn_new(BIO *h);
-static int conn_free(BIO *data);
-static long conn_callback_ctrl(BIO *h, int cmd, bio_info_cb *);
-
-static int conn_state(BIO *b, BIO_CONNECT *c);
-static void conn_close_socket(BIO *data);
-BIO_CONNECT *BIO_CONNECT_new(void );
-void BIO_CONNECT_free(BIO_CONNECT *a);
-
-static BIO_METHOD methods_connectp=
- {
- BIO_TYPE_CONNECT,
- "socket connect",
- conn_write,
- conn_read,
- conn_puts,
- NULL, /* connect_gets, */
- conn_ctrl,
- conn_new,
- conn_free,
- conn_callback_ctrl,
- };
-
-static int conn_state(BIO *b, BIO_CONNECT *c)
- {
- int ret= -1,i;
- unsigned long l;
- char *p,*q;
- int (*cb)()=NULL;
-
- if (c->info_callback != NULL)
- cb=c->info_callback;
-
- for (;;)
- {
- switch (c->state)
- {
- case BIO_CONN_S_BEFORE:
- p=c->param_hostname;
- if (p == NULL)
- {
- BIOerr(BIO_F_CONN_STATE,BIO_R_NO_HOSTNAME_SPECIFIED);
- goto exit_loop;
- }
- for ( ; *p != '\0'; p++)
- {
- if ((*p == ':') || (*p == '/')) break;
- }
-
- i= *p;
- if ((i == ':') || (i == '/'))
- {
-
- *(p++)='\0';
- if (i == ':')
- {
- for (q=p; *q; q++)
- if (*q == '/')
- {
- *q='\0';
- break;
- }
- if (c->param_port != NULL)
- OPENSSL_free(c->param_port);
- c->param_port=BUF_strdup(p);
- }
- }
-
- if (c->param_port == NULL)
- {
- BIOerr(BIO_F_CONN_STATE,BIO_R_NO_PORT_SPECIFIED);
- ERR_add_error_data(2,"host=",c->param_hostname);
- goto exit_loop;
- }
- c->state=BIO_CONN_S_GET_IP;
- break;
-
- case BIO_CONN_S_GET_IP:
- if (BIO_get_host_ip(c->param_hostname,&(c->ip[0])) <= 0)
- goto exit_loop;
- c->state=BIO_CONN_S_GET_PORT;
- break;
-
- case BIO_CONN_S_GET_PORT:
- if (c->param_port == NULL)
- {
- /* abort(); */
- goto exit_loop;
- }
- else if (BIO_get_port(c->param_port,&c->port) <= 0)
- goto exit_loop;
- c->state=BIO_CONN_S_CREATE_SOCKET;
- break;
-
- case BIO_CONN_S_CREATE_SOCKET:
- /* now setup address */
- memset((char *)&c->them,0,sizeof(c->them));
- c->them.sin_family=AF_INET;
- c->them.sin_port=htons((unsigned short)c->port);
- l=(unsigned long)
- ((unsigned long)c->ip[0]<<24L)|
- ((unsigned long)c->ip[1]<<16L)|
- ((unsigned long)c->ip[2]<< 8L)|
- ((unsigned long)c->ip[3]);
- c->them.sin_addr.s_addr=htonl(l);
- c->state=BIO_CONN_S_CREATE_SOCKET;
-
- ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
- if (ret == INVALID_SOCKET)
- {
- SYSerr(SYS_F_SOCKET,get_last_socket_error());
- ERR_add_error_data(4,"host=",c->param_hostname,
- ":",c->param_port);
- BIOerr(BIO_F_CONN_STATE,BIO_R_UNABLE_TO_CREATE_SOCKET);
- goto exit_loop;
- }
- b->num=ret;
- c->state=BIO_CONN_S_NBIO;
- break;
-
- case BIO_CONN_S_NBIO:
- if (c->nbio)
- {
- if (!BIO_socket_nbio(b->num,1))
- {
- BIOerr(BIO_F_CONN_STATE,BIO_R_ERROR_SETTING_NBIO);
- ERR_add_error_data(4,"host=",
- c->param_hostname,
- ":",c->param_port);
- goto exit_loop;
- }
- }
- c->state=BIO_CONN_S_CONNECT;
-
-#if defined(SO_KEEPALIVE) && !defined(MPE)
- i=1;
- i=setsockopt(b->num,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
- if (i < 0)
- {
- SYSerr(SYS_F_SOCKET,get_last_socket_error());
- ERR_add_error_data(4,"host=",c->param_hostname,
- ":",c->param_port);
- BIOerr(BIO_F_CONN_STATE,BIO_R_KEEPALIVE);
- goto exit_loop;
- }
-#endif
- break;
-
- case BIO_CONN_S_CONNECT:
- BIO_clear_retry_flags(b);
- ret=connect(b->num,
- (struct sockaddr *)&c->them,
- sizeof(c->them));
- b->retry_reason=0;
- if (ret < 0)
- {
- if (BIO_sock_should_retry(ret))
- {
- BIO_set_retry_special(b);
- c->state=BIO_CONN_S_BLOCKED_CONNECT;
- b->retry_reason=BIO_RR_CONNECT;
- }
- else
- {
- SYSerr(SYS_F_CONNECT,get_last_socket_error());
- ERR_add_error_data(4,"host=",
- c->param_hostname,
- ":",c->param_port);
- BIOerr(BIO_F_CONN_STATE,BIO_R_CONNECT_ERROR);
- }
- goto exit_loop;
- }
- else
- c->state=BIO_CONN_S_OK;
- break;
-
- case BIO_CONN_S_BLOCKED_CONNECT:
- i=BIO_sock_error(b->num);
- if (i)
- {
- BIO_clear_retry_flags(b);
- SYSerr(SYS_F_CONNECT,i);
- ERR_add_error_data(4,"host=",
- c->param_hostname,
- ":",c->param_port);
- BIOerr(BIO_F_CONN_STATE,BIO_R_NBIO_CONNECT_ERROR);
- ret=0;
- goto exit_loop;
- }
- else
- c->state=BIO_CONN_S_OK;
- break;
-
- case BIO_CONN_S_OK:
- ret=1;
- goto exit_loop;
- default:
- /* abort(); */
- goto exit_loop;
- }
-
- if (cb != NULL)
- {
- if (!(ret=cb((BIO *)b,c->state,ret)))
- goto end;
- }
- }
-
- /* Loop does not exit */
-exit_loop:
- if (cb != NULL)
- ret=cb((BIO *)b,c->state,ret);
-end:
- return(ret);
- }
-
-BIO_CONNECT *BIO_CONNECT_new(void)
- {
- BIO_CONNECT *ret;
-
- if ((ret=(BIO_CONNECT *)OPENSSL_malloc(sizeof(BIO_CONNECT))) == NULL)
- return(NULL);
- ret->state=BIO_CONN_S_BEFORE;
- ret->param_hostname=NULL;
- ret->param_port=NULL;
- ret->info_callback=NULL;
- ret->nbio=0;
- ret->ip[0]=0;
- ret->ip[1]=0;
- ret->ip[2]=0;
- ret->ip[3]=0;
- ret->port=0;
- memset((char *)&ret->them,0,sizeof(ret->them));
- return(ret);
- }
-
-void BIO_CONNECT_free(BIO_CONNECT *a)
- {
- if(a == NULL)
- return;
-
- if (a->param_hostname != NULL)
- OPENSSL_free(a->param_hostname);
- if (a->param_port != NULL)
- OPENSSL_free(a->param_port);
- OPENSSL_free(a);
- }
-
-BIO_METHOD *BIO_s_connect(void)
- {
- return(&methods_connectp);
- }
-
-static int conn_new(BIO *bi)
- {
- bi->init=0;
- bi->num=INVALID_SOCKET;
- bi->flags=0;
- if ((bi->ptr=(char *)BIO_CONNECT_new()) == NULL)
- return(0);
- else
- return(1);
- }
-
-static void conn_close_socket(BIO *bio)
- {
- BIO_CONNECT *c;
-
- c=(BIO_CONNECT *)bio->ptr;
- if (bio->num != INVALID_SOCKET)
- {
- /* Only do a shutdown if things were established */
- if (c->state == BIO_CONN_S_OK)
- shutdown(bio->num,2);
- closesocket(bio->num);
- bio->num=INVALID_SOCKET;
- }
- }
-
-static int conn_free(BIO *a)
- {
- BIO_CONNECT *data;
-
- if (a == NULL) return(0);
- data=(BIO_CONNECT *)a->ptr;
-
- if (a->shutdown)
- {
- conn_close_socket(a);
- BIO_CONNECT_free(data);
- a->ptr=NULL;
- a->flags=0;
- a->init=0;
- }
- return(1);
- }
-
-static int conn_read(BIO *b, char *out, int outl)
- {
- int ret=0;
- BIO_CONNECT *data;
-
- data=(BIO_CONNECT *)b->ptr;
- if (data->state != BIO_CONN_S_OK)
- {
- ret=conn_state(b,data);
- if (ret <= 0)
- return(ret);
- }
-
- if (out != NULL)
- {
- clear_socket_error();
- ret=readsocket(b->num,out,outl);
- BIO_clear_retry_flags(b);
- if (ret <= 0)
- {
- if (BIO_sock_should_retry(ret))
- BIO_set_retry_read(b);
- }
- }
- return(ret);
- }
-
-static int conn_write(BIO *b, const char *in, int inl)
- {
- int ret;
- BIO_CONNECT *data;
-
- data=(BIO_CONNECT *)b->ptr;
- if (data->state != BIO_CONN_S_OK)
- {
- ret=conn_state(b,data);
- if (ret <= 0) return(ret);
- }
-
- clear_socket_error();
- ret=writesocket(b->num,in,inl);
- BIO_clear_retry_flags(b);
- if (ret <= 0)
- {
- if (BIO_sock_should_retry(ret))
- BIO_set_retry_write(b);
- }
- return(ret);
- }
-
-static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- BIO *dbio;
- int *ip;
- const char **pptr;
- long ret=1;
- BIO_CONNECT *data;
-
- data=(BIO_CONNECT *)b->ptr;
-
- switch (cmd)
- {
- case BIO_CTRL_RESET:
- ret=0;
- data->state=BIO_CONN_S_BEFORE;
- conn_close_socket(b);
- b->flags=0;
- break;
- case BIO_C_DO_STATE_MACHINE:
- /* use this one to start the connection */
- if (!data->state != BIO_CONN_S_OK)
- ret=(long)conn_state(b,data);
- else
- ret=1;
- break;
- case BIO_C_GET_CONNECT:
- if (ptr != NULL)
- {
- pptr=(const char **)ptr;
- if (num == 0)
- {
- *pptr=data->param_hostname;
-
- }
- else if (num == 1)
- {
- *pptr=data->param_port;
- }
- else if (num == 2)
- {
- *pptr= (char *)&(data->ip[0]);
- }
- else if (num == 3)
- {
- *((int *)ptr)=data->port;
- }
- if ((!b->init) || (ptr == NULL))
- *pptr="not initialized";
- ret=1;
- }
- break;
- case BIO_C_SET_CONNECT:
- if (ptr != NULL)
- {
- b->init=1;
- if (num == 0)
- {
- if (data->param_hostname != NULL)
- OPENSSL_free(data->param_hostname);
- data->param_hostname=BUF_strdup(ptr);
- }
- else if (num == 1)
- {
- if (data->param_port != NULL)
- OPENSSL_free(data->param_port);
- data->param_port=BUF_strdup(ptr);
- }
- else if (num == 2)
- {
- char buf[16];
- char *p = ptr;
-
- sprintf(buf,"%d.%d.%d.%d",
- p[0],p[1],p[2],p[3]);
- if (data->param_hostname != NULL)
- OPENSSL_free(data->param_hostname);
- data->param_hostname=BUF_strdup(buf);
- memcpy(&(data->ip[0]),ptr,4);
- }
- else if (num == 3)
- {
- char buf[16];
-
- sprintf(buf,"%d",*(int *)ptr);
- if (data->param_port != NULL)
- OPENSSL_free(data->param_port);
- data->param_port=BUF_strdup(buf);
- data->port= *(int *)ptr;
- }
- }
- break;
- case BIO_C_SET_NBIO:
- data->nbio=(int)num;
- break;
- case BIO_C_GET_FD:
- if (b->init)
- {
- ip=(int *)ptr;
- if (ip != NULL)
- *ip=b->num;
- ret=b->num;
- }
- else
- ret= -1;
- break;
- case BIO_CTRL_GET_CLOSE:
- ret=b->shutdown;
- break;
- case BIO_CTRL_SET_CLOSE:
- b->shutdown=(int)num;
- break;
- case BIO_CTRL_PENDING:
- case BIO_CTRL_WPENDING:
- ret=0;
- break;
- case BIO_CTRL_FLUSH:
- break;
- case BIO_CTRL_DUP:
- {
- dbio=(BIO *)ptr;
- if (data->param_port)
- BIO_set_conn_port(dbio,data->param_port);
- if (data->param_hostname)
- BIO_set_conn_hostname(dbio,data->param_hostname);
- BIO_set_nbio(dbio,data->nbio);
- (void)BIO_set_info_callback(dbio,data->info_callback);
- }
- break;
- case BIO_CTRL_SET_CALLBACK:
- {
-#if 0 /* FIXME: Should this be used? -- Richard Levitte */
- BIOerr(BIO_F_CONN_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- ret = -1;
-#else
- ret=0;
-#endif
- }
- break;
- case BIO_CTRL_GET_CALLBACK:
- {
- int (**fptr)();
-
- fptr=(int (**)())ptr;
- *fptr=data->info_callback;
- }
- break;
- default:
- ret=0;
- break;
- }
- return(ret);
- }
-
-static long conn_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
- {
- long ret=1;
- BIO_CONNECT *data;
-
- data=(BIO_CONNECT *)b->ptr;
-
- switch (cmd)
- {
- case BIO_CTRL_SET_CALLBACK:
- {
- data->info_callback=(int (*)())fp;
- }
- break;
- default:
- ret=0;
- break;
- }
- return(ret);
- }
-
-static int conn_puts(BIO *bp, const char *str)
- {
- int n,ret;
-
- n=strlen(str);
- ret=conn_write(bp,str,n);
- return(ret);
- }
-
-BIO *BIO_new_connect(char *str)
- {
- BIO *ret;
-
- ret=BIO_new(BIO_s_connect());
- if (ret == NULL) return(NULL);
- if (BIO_set_conn_hostname(ret,str))
- return(ret);
- else
- {
- BIO_free(ret);
- return(NULL);
- }
- }
-
-#endif
-
diff --git a/src/lib/libcrypto/bio/bss_fd.c b/src/lib/libcrypto/bio/bss_fd.c
deleted file mode 100644
index 686c4909a2..0000000000
--- a/src/lib/libcrypto/bio/bss_fd.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/* crypto/bio/bss_fd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define BIO_FD
-#include "bss_sock.c"
-#undef BIO_FD
-
diff --git a/src/lib/libcrypto/bio/bss_file.c b/src/lib/libcrypto/bio/bss_file.c
deleted file mode 100644
index 1f770b390f..0000000000
--- a/src/lib/libcrypto/bio/bss_file.c
+++ /dev/null
@@ -1,310 +0,0 @@
-/* crypto/bio/bss_file.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * 03-Dec-1997 rdenny@dc3.com Fix bug preventing use of stdin/stdout
- * with binary data (e.g. asn1parse -inform DER < xxx) under
- * Windows
- */
-
-#ifndef HEADER_BSS_FILE_C
-#define HEADER_BSS_FILE_C
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-
-#if !defined(NO_STDIO)
-
-static int MS_CALLBACK file_write(BIO *h, const char *buf, int num);
-static int MS_CALLBACK file_read(BIO *h, char *buf, int size);
-static int MS_CALLBACK file_puts(BIO *h, const char *str);
-static int MS_CALLBACK file_gets(BIO *h, char *str, int size);
-static long MS_CALLBACK file_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int MS_CALLBACK file_new(BIO *h);
-static int MS_CALLBACK file_free(BIO *data);
-static BIO_METHOD methods_filep=
- {
- BIO_TYPE_FILE,
- "FILE pointer",
- file_write,
- file_read,
- file_puts,
- file_gets,
- file_ctrl,
- file_new,
- file_free,
- NULL,
- };
-
-BIO *BIO_new_file(const char *filename, const char *mode)
- {
- BIO *ret;
- FILE *file;
-
- if ((file=fopen(filename,mode)) == NULL)
- {
- SYSerr(SYS_F_FOPEN,get_last_sys_error());
- ERR_add_error_data(5,"fopen('",filename,"','",mode,"')");
- BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB);
- return(NULL);
- }
- if ((ret=BIO_new(BIO_s_file_internal())) == NULL)
- return(NULL);
-
- BIO_set_fp(ret,file,BIO_CLOSE);
- return(ret);
- }
-
-BIO *BIO_new_fp(FILE *stream, int close_flag)
- {
- BIO *ret;
-
- if ((ret=BIO_new(BIO_s_file())) == NULL)
- return(NULL);
-
- BIO_set_fp(ret,stream,close_flag);
- return(ret);
- }
-
-BIO_METHOD *BIO_s_file(void)
- {
- return(&methods_filep);
- }
-
-static int MS_CALLBACK file_new(BIO *bi)
- {
- bi->init=0;
- bi->num=0;
- bi->ptr=NULL;
- return(1);
- }
-
-static int MS_CALLBACK file_free(BIO *a)
- {
- if (a == NULL) return(0);
- if (a->shutdown)
- {
- if ((a->init) && (a->ptr != NULL))
- {
- fclose((FILE *)a->ptr);
- a->ptr=NULL;
- }
- a->init=0;
- }
- return(1);
- }
-
-static int MS_CALLBACK file_read(BIO *b, char *out, int outl)
- {
- int ret=0;
-
- if (b->init && (out != NULL))
- {
- ret=fread(out,1,(int)outl,(FILE *)b->ptr);
- }
- return(ret);
- }
-
-static int MS_CALLBACK file_write(BIO *b, const char *in, int inl)
- {
- int ret=0;
-
- if (b->init && (in != NULL))
- {
- if (fwrite(in,(int)inl,1,(FILE *)b->ptr))
- ret=inl;
- /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
- /* according to Tim Hudson <tjh@cryptsoft.com>, the commented
- * out version above can cause 'inl' write calls under
- * some stupid stdio implementations (VMS) */
- }
- return(ret);
- }
-
-static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- long ret=1;
- FILE *fp=(FILE *)b->ptr;
- FILE **fpp;
- char p[4];
-
- switch (cmd)
- {
- case BIO_C_FILE_SEEK:
- case BIO_CTRL_RESET:
- ret=(long)fseek(fp,num,0);
- break;
- case BIO_CTRL_EOF:
- ret=(long)feof(fp);
- break;
- case BIO_C_FILE_TELL:
- case BIO_CTRL_INFO:
- ret=ftell(fp);
- break;
- case BIO_C_SET_FILE_PTR:
- file_free(b);
- b->shutdown=(int)num&BIO_CLOSE;
- b->ptr=(char *)ptr;
- b->init=1;
-#if defined(MSDOS) || defined(WINDOWS)
- /* Set correct text/binary mode */
- if (num & BIO_FP_TEXT)
- _setmode(fileno((FILE *)ptr),_O_TEXT);
- else
- _setmode(fileno((FILE *)ptr),_O_BINARY);
-#endif
- break;
- case BIO_C_SET_FILENAME:
- file_free(b);
- b->shutdown=(int)num&BIO_CLOSE;
- if (num & BIO_FP_APPEND)
- {
- if (num & BIO_FP_READ)
- strcpy(p,"a+");
- else strcpy(p,"a");
- }
- else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
- strcpy(p,"r+");
- else if (num & BIO_FP_WRITE)
- strcpy(p,"w");
- else if (num & BIO_FP_READ)
- strcpy(p,"r");
- else
- {
- BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);
- ret=0;
- break;
- }
-#if defined(MSDOS) || defined(WINDOWS)
- if (!(num & BIO_FP_TEXT))
- strcat(p,"b");
- else
- strcat(p,"t");
-#endif
- fp=fopen(ptr,p);
- if (fp == NULL)
- {
- SYSerr(SYS_F_FOPEN,get_last_sys_error());
- ERR_add_error_data(5,"fopen('",ptr,"','",p,"')");
- BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB);
- ret=0;
- break;
- }
- b->ptr=(char *)fp;
- b->init=1;
- break;
- case BIO_C_GET_FILE_PTR:
- /* the ptr parameter is actually a FILE ** in this case. */
- if (ptr != NULL)
- {
- fpp=(FILE **)ptr;
- *fpp=(FILE *)b->ptr;
- }
- break;
- case BIO_CTRL_GET_CLOSE:
- ret=(long)b->shutdown;
- break;
- case BIO_CTRL_SET_CLOSE:
- b->shutdown=(int)num;
- break;
- case BIO_CTRL_FLUSH:
- fflush((FILE *)b->ptr);
- break;
- case BIO_CTRL_DUP:
- ret=1;
- break;
-
- case BIO_CTRL_WPENDING:
- case BIO_CTRL_PENDING:
- case BIO_CTRL_PUSH:
- case BIO_CTRL_POP:
- default:
- ret=0;
- break;
- }
- return(ret);
- }
-
-static int MS_CALLBACK file_gets(BIO *bp, char *buf, int size)
- {
- int ret=0;
-
- buf[0]='\0';
- fgets(buf,size,(FILE *)bp->ptr);
- if (buf[0] != '\0')
- ret=strlen(buf);
- return(ret);
- }
-
-static int MS_CALLBACK file_puts(BIO *bp, const char *str)
- {
- int n,ret;
-
- n=strlen(str);
- ret=file_write(bp,str,n);
- return(ret);
- }
-
-#endif /* NO_STDIO */
-
-#endif /* HEADER_BSS_FILE_C */
-
-
diff --git a/src/lib/libcrypto/bio/bss_log.c b/src/lib/libcrypto/bio/bss_log.c
deleted file mode 100644
index 1edf16a76f..0000000000
--- a/src/lib/libcrypto/bio/bss_log.c
+++ /dev/null
@@ -1,394 +0,0 @@
-/* crypto/bio/bss_log.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- Why BIO_s_log?
-
- BIO_s_log is useful for system daemons (or services under NT).
- It is one-way BIO, it sends all stuff to syslogd (on system that
- commonly use that), or event log (on NT), or OPCOM (on OpenVMS).
-
-*/
-
-
-#include <stdio.h>
-#include <errno.h>
-
-#if defined(WIN32)
-# include <process.h>
-#elif defined(VMS) || defined(__VMS)
-# include <opcdef.h>
-# include <descrip.h>
-# include <lib$routines.h>
-# include <starlet.h>
-#elif defined(__ultrix)
-# include <sys/syslog.h>
-#elif !defined(MSDOS) /* Unix */
-# include <syslog.h>
-#endif
-
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-#ifndef NO_SYSLOG
-
-#if defined(WIN32)
-#define LOG_EMERG 0
-#define LOG_ALERT 1
-#define LOG_CRIT 2
-#define LOG_ERR 3
-#define LOG_WARNING 4
-#define LOG_NOTICE 5
-#define LOG_INFO 6
-#define LOG_DEBUG 7
-
-#define LOG_DAEMON (3<<3)
-#elif defined(VMS)
-/* On VMS, we don't really care about these, but we need them to compile */
-#define LOG_EMERG 0
-#define LOG_ALERT 1
-#define LOG_CRIT 2
-#define LOG_ERR 3
-#define LOG_WARNING 4
-#define LOG_NOTICE 5
-#define LOG_INFO 6
-#define LOG_DEBUG 7
-
-#define LOG_DAEMON OPC$M_NM_NTWORK
-#endif
-
-static int MS_CALLBACK slg_write(BIO *h, const char *buf, int num);
-static int MS_CALLBACK slg_puts(BIO *h, const char *str);
-static long MS_CALLBACK slg_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int MS_CALLBACK slg_new(BIO *h);
-static int MS_CALLBACK slg_free(BIO *data);
-static void xopenlog(BIO* bp, char* name, int level);
-static void xsyslog(BIO* bp, int priority, const char* string);
-static void xcloselog(BIO* bp);
-#ifdef WIN32
-LONG (WINAPI *go_for_advapi)() = RegOpenKeyEx;
-HANDLE (WINAPI *register_event_source)() = NULL;
-BOOL (WINAPI *deregister_event_source)() = NULL;
-BOOL (WINAPI *report_event)() = NULL;
-#define DL_PROC(m,f) (GetProcAddress( m, f ))
-#ifdef UNICODE
-#define DL_PROC_X(m,f) DL_PROC( m, f "W" )
-#else
-#define DL_PROC_X(m,f) DL_PROC( m, f "A" )
-#endif
-#endif
-
-static BIO_METHOD methods_slg=
- {
- BIO_TYPE_MEM,"syslog",
- slg_write,
- NULL,
- slg_puts,
- NULL,
- slg_ctrl,
- slg_new,
- slg_free,
- NULL,
- };
-
-BIO_METHOD *BIO_s_log(void)
- {
- return(&methods_slg);
- }
-
-static int MS_CALLBACK slg_new(BIO *bi)
- {
- bi->init=1;
- bi->num=0;
- bi->ptr=NULL;
- xopenlog(bi, "application", LOG_DAEMON);
- return(1);
- }
-
-static int MS_CALLBACK slg_free(BIO *a)
- {
- if (a == NULL) return(0);
- xcloselog(a);
- return(1);
- }
-
-static int MS_CALLBACK slg_write(BIO *b, const char *in, int inl)
- {
- int ret= inl;
- char* buf;
- char* pp;
- int priority, i;
- static struct
- {
- int strl;
- char str[10];
- int log_level;
- }
- mapping[] =
- {
- { 6, "PANIC ", LOG_EMERG },
- { 6, "EMERG ", LOG_EMERG },
- { 4, "EMR ", LOG_EMERG },
- { 6, "ALERT ", LOG_ALERT },
- { 4, "ALR ", LOG_ALERT },
- { 5, "CRIT ", LOG_CRIT },
- { 4, "CRI ", LOG_CRIT },
- { 6, "ERROR ", LOG_ERR },
- { 4, "ERR ", LOG_ERR },
- { 8, "WARNING ", LOG_WARNING },
- { 5, "WARN ", LOG_WARNING },
- { 4, "WAR ", LOG_WARNING },
- { 7, "NOTICE ", LOG_NOTICE },
- { 5, "NOTE ", LOG_NOTICE },
- { 4, "NOT ", LOG_NOTICE },
- { 5, "INFO ", LOG_INFO },
- { 4, "INF ", LOG_INFO },
- { 6, "DEBUG ", LOG_DEBUG },
- { 4, "DBG ", LOG_DEBUG },
- { 0, "", LOG_ERR } /* The default */
- };
-
- if((buf= (char *)OPENSSL_malloc(inl+ 1)) == NULL){
- return(0);
- }
- strncpy(buf, in, inl);
- buf[inl]= '\0';
-
- i = 0;
- while(strncmp(buf, mapping[i].str, mapping[i].strl) != 0) i++;
- priority = mapping[i].log_level;
- pp = buf + mapping[i].strl;
-
- xsyslog(b, priority, pp);
-
- OPENSSL_free(buf);
- return(ret);
- }
-
-static long MS_CALLBACK slg_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- switch (cmd)
- {
- case BIO_CTRL_SET:
- xcloselog(b);
- xopenlog(b, ptr, num);
- break;
- default:
- break;
- }
- return(0);
- }
-
-static int MS_CALLBACK slg_puts(BIO *bp, const char *str)
- {
- int n,ret;
-
- n=strlen(str);
- ret=slg_write(bp,str,n);
- return(ret);
- }
-
-#if defined(WIN32)
-
-static void xopenlog(BIO* bp, char* name, int level)
-{
- if ( !register_event_source )
- {
- HANDLE advapi;
- if ( !(advapi = GetModuleHandle("advapi32")) )
- return;
- register_event_source = (HANDLE (WINAPI *)())DL_PROC_X(advapi,
- "RegisterEventSource" );
- deregister_event_source = (BOOL (WINAPI *)())DL_PROC(advapi,
- "DeregisterEventSource");
- report_event = (BOOL (WINAPI *)())DL_PROC_X(advapi,
- "ReportEvent" );
- if ( !(register_event_source && deregister_event_source &&
- report_event) )
- {
- register_event_source = NULL;
- deregister_event_source = NULL;
- report_event = NULL;
- return;
- }
- }
- bp->ptr= (char *)register_event_source(NULL, name);
-}
-
-static void xsyslog(BIO *bp, int priority, const char *string)
-{
- LPCSTR lpszStrings[2];
- WORD evtype= EVENTLOG_ERROR_TYPE;
- int pid = _getpid();
- char pidbuf[20];
-
- switch (priority)
- {
- case LOG_EMERG:
- case LOG_ALERT:
- case LOG_CRIT:
- case LOG_ERR:
- evtype = EVENTLOG_ERROR_TYPE;
- break;
- case LOG_WARNING:
- evtype = EVENTLOG_WARNING_TYPE;
- break;
- case LOG_NOTICE:
- case LOG_INFO:
- case LOG_DEBUG:
- evtype = EVENTLOG_INFORMATION_TYPE;
- break;
- default: /* Should never happen, but set it
- as error anyway. */
- evtype = EVENTLOG_ERROR_TYPE;
- break;
- }
-
- sprintf(pidbuf, "[%d] ", pid);
- lpszStrings[0] = pidbuf;
- lpszStrings[1] = string;
-
- if(report_event && bp->ptr)
- report_event(bp->ptr, evtype, 0, 1024, NULL, 2, 0,
- lpszStrings, NULL);
-}
-
-static void xcloselog(BIO* bp)
-{
- if(deregister_event_source && bp->ptr)
- deregister_event_source((HANDLE)(bp->ptr));
- bp->ptr= NULL;
-}
-
-#elif defined(VMS)
-
-static int VMS_OPC_target = LOG_DAEMON;
-
-static void xopenlog(BIO* bp, char* name, int level)
-{
- VMS_OPC_target = level;
-}
-
-static void xsyslog(BIO *bp, int priority, const char *string)
-{
- struct dsc$descriptor_s opc_dsc;
- struct opcdef *opcdef_p;
- char buf[10240];
- unsigned int len;
- struct dsc$descriptor_s buf_dsc;
- $DESCRIPTOR(fao_cmd, "!AZ: !AZ");
- char *priority_tag;
-
- switch (priority)
- {
- case LOG_EMERG: priority_tag = "Emergency"; break;
- case LOG_ALERT: priority_tag = "Alert"; break;
- case LOG_CRIT: priority_tag = "Critical"; break;
- case LOG_ERR: priority_tag = "Error"; break;
- case LOG_WARNING: priority_tag = "Warning"; break;
- case LOG_NOTICE: priority_tag = "Notice"; break;
- case LOG_INFO: priority_tag = "Info"; break;
- case LOG_DEBUG: priority_tag = "DEBUG"; break;
- }
-
- buf_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
- buf_dsc.dsc$b_class = DSC$K_CLASS_S;
- buf_dsc.dsc$a_pointer = buf;
- buf_dsc.dsc$w_length = sizeof(buf) - 1;
-
- lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string);
-
- /* we know there's an 8 byte header. That's documented */
- opcdef_p = (struct opcdef *) OPENSSL_malloc(8 + len);
- opcdef_p->opc$b_ms_type = OPC$_RQ_RQST;
- memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3);
- opcdef_p->opc$l_ms_rqstid = 0;
- memcpy(&opcdef_p->opc$l_ms_text, buf, len);
-
- opc_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
- opc_dsc.dsc$b_class = DSC$K_CLASS_S;
- opc_dsc.dsc$a_pointer = (char *)opcdef_p;
- opc_dsc.dsc$w_length = len + 8;
-
- sys$sndopr(opc_dsc, 0);
-
- OPENSSL_free(opcdef_p);
-}
-
-static void xcloselog(BIO* bp)
-{
-}
-
-#else /* Unix */
-
-static void xopenlog(BIO* bp, char* name, int level)
-{
- openlog(name, LOG_PID|LOG_CONS, level);
-}
-
-static void xsyslog(BIO *bp, int priority, const char *string)
-{
- syslog(priority, "%s", string);
-}
-
-static void xcloselog(BIO* bp)
-{
- closelog();
-}
-
-#endif /* Unix */
-
-#endif /* NO_SYSLOG */
diff --git a/src/lib/libcrypto/bio/bss_mem.c b/src/lib/libcrypto/bio/bss_mem.c
deleted file mode 100644
index 28ff7582bf..0000000000
--- a/src/lib/libcrypto/bio/bss_mem.c
+++ /dev/null
@@ -1,317 +0,0 @@
-/* crypto/bio/bss_mem.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-static int mem_write(BIO *h, const char *buf, int num);
-static int mem_read(BIO *h, char *buf, int size);
-static int mem_puts(BIO *h, const char *str);
-static int mem_gets(BIO *h, char *str, int size);
-static long mem_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int mem_new(BIO *h);
-static int mem_free(BIO *data);
-static BIO_METHOD mem_method=
- {
- BIO_TYPE_MEM,
- "memory buffer",
- mem_write,
- mem_read,
- mem_puts,
- mem_gets,
- mem_ctrl,
- mem_new,
- mem_free,
- NULL,
- };
-
-/* bio->num is used to hold the value to return on 'empty', if it is
- * 0, should_retry is not set */
-
-BIO_METHOD *BIO_s_mem(void)
- {
- return(&mem_method);
- }
-
-BIO *BIO_new_mem_buf(void *buf, int len)
-{
- BIO *ret;
- BUF_MEM *b;
- if (!buf) {
- BIOerr(BIO_F_BIO_NEW_MEM_BUF,BIO_R_NULL_PARAMETER);
- return NULL;
- }
- if(len == -1) len = strlen(buf);
- if(!(ret = BIO_new(BIO_s_mem())) ) return NULL;
- b = (BUF_MEM *)ret->ptr;
- b->data = buf;
- b->length = len;
- b->max = len;
- ret->flags |= BIO_FLAGS_MEM_RDONLY;
- /* Since this is static data retrying wont help */
- ret->num = 0;
- return ret;
-}
-
-static int mem_new(BIO *bi)
- {
- BUF_MEM *b;
-
- if ((b=BUF_MEM_new()) == NULL)
- return(0);
- bi->shutdown=1;
- bi->init=1;
- bi->num= -1;
- bi->ptr=(char *)b;
- return(1);
- }
-
-static int mem_free(BIO *a)
- {
- if (a == NULL) return(0);
- if (a->shutdown)
- {
- if ((a->init) && (a->ptr != NULL))
- {
- BUF_MEM *b;
- b = (BUF_MEM *)a->ptr;
- if(a->flags & BIO_FLAGS_MEM_RDONLY) b->data = NULL;
- BUF_MEM_free(b);
- a->ptr=NULL;
- }
- }
- return(1);
- }
-
-static int mem_read(BIO *b, char *out, int outl)
- {
- int ret= -1;
- BUF_MEM *bm;
- int i;
- char *from,*to;
-
- bm=(BUF_MEM *)b->ptr;
- BIO_clear_retry_flags(b);
- ret=(outl > bm->length)?bm->length:outl;
- if ((out != NULL) && (ret > 0)) {
- memcpy(out,bm->data,ret);
- bm->length-=ret;
- /* memmove(&(bm->data[0]),&(bm->data[ret]), bm->length); */
- if(b->flags & BIO_FLAGS_MEM_RDONLY) bm->data += ret;
- else {
- from=(char *)&(bm->data[ret]);
- to=(char *)&(bm->data[0]);
- for (i=0; i<bm->length; i++)
- to[i]=from[i];
- }
- } else if (bm->length == 0)
- {
- ret = b->num;
- if (ret != 0)
- BIO_set_retry_read(b);
- }
- return(ret);
- }
-
-static int mem_write(BIO *b, const char *in, int inl)
- {
- int ret= -1;
- int blen;
- BUF_MEM *bm;
-
- bm=(BUF_MEM *)b->ptr;
- if (in == NULL)
- {
- BIOerr(BIO_F_MEM_WRITE,BIO_R_NULL_PARAMETER);
- goto end;
- }
-
- if(b->flags & BIO_FLAGS_MEM_RDONLY) {
- BIOerr(BIO_F_MEM_WRITE,BIO_R_WRITE_TO_READ_ONLY_BIO);
- goto end;
- }
-
- BIO_clear_retry_flags(b);
- blen=bm->length;
- if (BUF_MEM_grow(bm,blen+inl) != (blen+inl))
- goto end;
- memcpy(&(bm->data[blen]),in,inl);
- ret=inl;
-end:
- return(ret);
- }
-
-static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- long ret=1;
- char **pptr;
-
- BUF_MEM *bm=(BUF_MEM *)b->ptr;
-
- switch (cmd)
- {
- case BIO_CTRL_RESET:
- if (bm->data != NULL)
- {
- /* For read only case reset to the start again */
- if(b->flags & BIO_FLAGS_MEM_RDONLY)
- {
- bm->data -= bm->max - bm->length;
- bm->length = bm->max;
- }
- else
- {
- memset(bm->data,0,bm->max);
- bm->length=0;
- }
- }
- break;
- case BIO_CTRL_EOF:
- ret=(long)(bm->length == 0);
- break;
- case BIO_C_SET_BUF_MEM_EOF_RETURN:
- b->num=(int)num;
- break;
- case BIO_CTRL_INFO:
- ret=(long)bm->length;
- if (ptr != NULL)
- {
- pptr=(char **)ptr;
- *pptr=(char *)&(bm->data[0]);
- }
- break;
- case BIO_C_SET_BUF_MEM:
- mem_free(b);
- b->shutdown=(int)num;
- b->ptr=ptr;
- break;
- case BIO_C_GET_BUF_MEM_PTR:
- if (ptr != NULL)
- {
- pptr=(char **)ptr;
- *pptr=(char *)bm;
- }
- break;
- case BIO_CTRL_GET_CLOSE:
- ret=(long)b->shutdown;
- break;
- case BIO_CTRL_SET_CLOSE:
- b->shutdown=(int)num;
- break;
-
- case BIO_CTRL_WPENDING:
- ret=0L;
- break;
- case BIO_CTRL_PENDING:
- ret=(long)bm->length;
- break;
- case BIO_CTRL_DUP:
- case BIO_CTRL_FLUSH:
- ret=1;
- break;
- case BIO_CTRL_PUSH:
- case BIO_CTRL_POP:
- default:
- ret=0;
- break;
- }
- return(ret);
- }
-
-static int mem_gets(BIO *bp, char *buf, int size)
- {
- int i,j;
- int ret= -1;
- char *p;
- BUF_MEM *bm=(BUF_MEM *)bp->ptr;
-
- BIO_clear_retry_flags(bp);
- j=bm->length;
- if (j <= 0) return(0);
- p=bm->data;
- for (i=0; i<j; i++)
- {
- if (p[i] == '\n') break;
- }
- if (i == j)
- {
- BIO_set_retry_read(bp);
- /* return(-1); change the semantics 0.6.6a */
- }
- else
- i++;
- /* i is the max to copy */
- if ((size-1) < i) i=size-1;
- i=mem_read(bp,buf,i);
- if (i > 0) buf[i]='\0';
- ret=i;
- return(ret);
- }
-
-static int mem_puts(BIO *bp, const char *str)
- {
- int n,ret;
-
- n=strlen(str);
- ret=mem_write(bp,str,n);
- /* memory semantics is that it will always work */
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/bio/bss_null.c b/src/lib/libcrypto/bio/bss_null.c
deleted file mode 100644
index 46b73339df..0000000000
--- a/src/lib/libcrypto/bio/bss_null.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* crypto/bio/bss_null.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-static int null_write(BIO *h, const char *buf, int num);
-static int null_read(BIO *h, char *buf, int size);
-static int null_puts(BIO *h, const char *str);
-static int null_gets(BIO *h, char *str, int size);
-static long null_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int null_new(BIO *h);
-static int null_free(BIO *data);
-static BIO_METHOD null_method=
- {
- BIO_TYPE_NULL,
- "NULL",
- null_write,
- null_read,
- null_puts,
- null_gets,
- null_ctrl,
- null_new,
- null_free,
- NULL,
- };
-
-BIO_METHOD *BIO_s_null(void)
- {
- return(&null_method);
- }
-
-static int null_new(BIO *bi)
- {
- bi->init=1;
- bi->num=0;
- bi->ptr=(NULL);
- return(1);
- }
-
-static int null_free(BIO *a)
- {
- if (a == NULL) return(0);
- return(1);
- }
-
-static int null_read(BIO *b, char *out, int outl)
- {
- return(0);
- }
-
-static int null_write(BIO *b, const char *in, int inl)
- {
- return(inl);
- }
-
-static long null_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- long ret=1;
-
- switch (cmd)
- {
- case BIO_CTRL_RESET:
- case BIO_CTRL_EOF:
- case BIO_CTRL_SET:
- case BIO_CTRL_SET_CLOSE:
- case BIO_CTRL_FLUSH:
- case BIO_CTRL_DUP:
- ret=1;
- break;
- case BIO_CTRL_GET_CLOSE:
- case BIO_CTRL_INFO:
- case BIO_CTRL_GET:
- case BIO_CTRL_PENDING:
- case BIO_CTRL_WPENDING:
- default:
- ret=0;
- break;
- }
- return(ret);
- }
-
-static int null_gets(BIO *bp, char *buf, int size)
- {
- return(0);
- }
-
-static int null_puts(BIO *bp, const char *str)
- {
- if (str == NULL) return(0);
- return(strlen(str));
- }
-
diff --git a/src/lib/libcrypto/bio/bss_sock.c b/src/lib/libcrypto/bio/bss_sock.c
deleted file mode 100644
index 50c6744c06..0000000000
--- a/src/lib/libcrypto/bio/bss_sock.c
+++ /dev/null
@@ -1,424 +0,0 @@
-/* crypto/bio/bss_sock.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#if !defined(NO_SOCK) || defined(BIO_FD)
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#ifndef BIO_FD
-static int sock_write(BIO *h, const char *buf, int num);
-static int sock_read(BIO *h, char *buf, int size);
-static int sock_puts(BIO *h, const char *str);
-static long sock_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int sock_new(BIO *h);
-static int sock_free(BIO *data);
-int BIO_sock_should_retry(int s);
-#else
-
-static int fd_write(BIO *h, const char *buf, int num);
-static int fd_read(BIO *h, char *buf, int size);
-static int fd_puts(BIO *h, const char *str);
-static long fd_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int fd_new(BIO *h);
-static int fd_free(BIO *data);
-int BIO_fd_should_retry(int s);
-#endif
-
-#ifndef BIO_FD
-static BIO_METHOD methods_sockp=
- {
- BIO_TYPE_SOCKET,
- "socket",
- sock_write,
- sock_read,
- sock_puts,
- NULL, /* sock_gets, */
- sock_ctrl,
- sock_new,
- sock_free,
- NULL,
- };
-
-BIO_METHOD *BIO_s_socket(void)
- {
- return(&methods_sockp);
- }
-#else
-static BIO_METHOD methods_fdp=
- {
- BIO_TYPE_FD,"file descriptor",
- fd_write,
- fd_read,
- fd_puts,
- NULL, /* fd_gets, */
- fd_ctrl,
- fd_new,
- fd_free,
- NULL,
- };
-
-BIO_METHOD *BIO_s_fd(void)
- {
- return(&methods_fdp);
- }
-#endif
-
-#ifndef BIO_FD
-BIO *BIO_new_socket(int fd, int close_flag)
-#else
-BIO *BIO_new_fd(int fd,int close_flag)
-#endif
- {
- BIO *ret;
-
-#ifndef BIO_FD
- ret=BIO_new(BIO_s_socket());
-#else
- ret=BIO_new(BIO_s_fd());
-#endif
- if (ret == NULL) return(NULL);
- BIO_set_fd(ret,fd,close_flag);
- return(ret);
- }
-
-#ifndef BIO_FD
-static int sock_new(BIO *bi)
-#else
-static int fd_new(BIO *bi)
-#endif
- {
- bi->init=0;
- bi->num=0;
- bi->ptr=NULL;
- bi->flags=0;
- return(1);
- }
-
-#ifndef BIO_FD
-static int sock_free(BIO *a)
-#else
-static int fd_free(BIO *a)
-#endif
- {
- if (a == NULL) return(0);
- if (a->shutdown)
- {
- if (a->init)
- {
-#ifndef BIO_FD
- SHUTDOWN2(a->num);
-#else /* BIO_FD */
- close(a->num);
-#endif
-
- }
- a->init=0;
- a->flags=0;
- }
- return(1);
- }
-
-#ifndef BIO_FD
-static int sock_read(BIO *b, char *out, int outl)
-#else
-static int fd_read(BIO *b, char *out,int outl)
-#endif
- {
- int ret=0;
-
- if (out != NULL)
- {
-#ifndef BIO_FD
- clear_socket_error();
- ret=readsocket(b->num,out,outl);
-#else
- clear_sys_error();
- ret=read(b->num,out,outl);
-#endif
- BIO_clear_retry_flags(b);
- if (ret <= 0)
- {
-#ifndef BIO_FD
- if (BIO_sock_should_retry(ret))
-#else
- if (BIO_fd_should_retry(ret))
-#endif
- BIO_set_retry_read(b);
- }
- }
- return(ret);
- }
-
-#ifndef BIO_FD
-static int sock_write(BIO *b, const char *in, int inl)
-#else
-static int fd_write(BIO *b, const char *in, int inl)
-#endif
- {
- int ret;
-
-#ifndef BIO_FD
- clear_socket_error();
- ret=writesocket(b->num,in,inl);
-#else
- clear_sys_error();
- ret=write(b->num,in,inl);
-#endif
- BIO_clear_retry_flags(b);
- if (ret <= 0)
- {
-#ifndef BIO_FD
- if (BIO_sock_should_retry(ret))
-#else
- if (BIO_fd_should_retry(ret))
-#endif
- BIO_set_retry_write(b);
- }
- return(ret);
- }
-
-#ifndef BIO_FD
-static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
-#else
-static long fd_ctrl(BIO *b, int cmd, long num, void *ptr)
-#endif
- {
- long ret=1;
- int *ip;
-
- switch (cmd)
- {
- case BIO_CTRL_RESET:
- num=0;
- case BIO_C_FILE_SEEK:
-#ifdef BIO_FD
- ret=(long)lseek(b->num,num,0);
-#else
- ret=0;
-#endif
- break;
- case BIO_C_FILE_TELL:
- case BIO_CTRL_INFO:
-#ifdef BIO_FD
- ret=(long)lseek(b->num,0,1);
-#else
- ret=0;
-#endif
- break;
- case BIO_C_SET_FD:
-#ifndef BIO_FD
- sock_free(b);
-#else
- fd_free(b);
-#endif
- b->num= *((int *)ptr);
- b->shutdown=(int)num;
- b->init=1;
- break;
- case BIO_C_GET_FD:
- if (b->init)
- {
- ip=(int *)ptr;
- if (ip != NULL) *ip=b->num;
- ret=b->num;
- }
- else
- ret= -1;
- break;
- case BIO_CTRL_GET_CLOSE:
- ret=b->shutdown;
- break;
- case BIO_CTRL_SET_CLOSE:
- b->shutdown=(int)num;
- break;
- case BIO_CTRL_PENDING:
- case BIO_CTRL_WPENDING:
- ret=0;
- break;
- case BIO_CTRL_DUP:
- case BIO_CTRL_FLUSH:
- ret=1;
- break;
- default:
- ret=0;
- break;
- }
- return(ret);
- }
-
-#ifdef undef
-static int sock_gets(BIO *bp, char *buf,int size)
- {
- return(-1);
- }
-#endif
-
-#ifndef BIO_FD
-static int sock_puts(BIO *bp, const char *str)
-#else
-static int fd_puts(BIO *bp, const char *str)
-#endif
- {
- int n,ret;
-
- n=strlen(str);
-#ifndef BIO_FD
- ret=sock_write(bp,str,n);
-#else
- ret=fd_write(bp,str,n);
-#endif
- return(ret);
- }
-
-#ifndef BIO_FD
-int BIO_sock_should_retry(int i)
-#else
-int BIO_fd_should_retry(int i)
-#endif
- {
- int err;
-
- if ((i == 0) || (i == -1))
- {
-#ifndef BIO_FD
- err=get_last_socket_error();
-#else
- err=get_last_sys_error();
-#endif
-
-#if defined(WINDOWS) && 0 /* more microsoft stupidity? perhaps not? Ben 4/1/99 */
- if ((i == -1) && (err == 0))
- return(1);
-#endif
-
-#ifndef BIO_FD
- return(BIO_sock_non_fatal_error(err));
-#else
- return(BIO_fd_non_fatal_error(err));
-#endif
- }
- return(0);
- }
-
-#ifndef BIO_FD
-int BIO_sock_non_fatal_error(int err)
-#else
-int BIO_fd_non_fatal_error(int err)
-#endif
- {
- switch (err)
- {
-#if !defined(BIO_FD) && defined(WINDOWS)
-# if defined(WSAEWOULDBLOCK)
- case WSAEWOULDBLOCK:
-# endif
-
-# if 0 /* This appears to always be an error */
-# if defined(WSAENOTCONN)
- case WSAENOTCONN:
-# endif
-# endif
-#endif
-
-#ifdef EWOULDBLOCK
-# ifdef WSAEWOULDBLOCK
-# if WSAEWOULDBLOCK != EWOULDBLOCK
- case EWOULDBLOCK:
-# endif
-# else
- case EWOULDBLOCK:
-# endif
-#endif
-
-#if defined(ENOTCONN)
- case ENOTCONN:
-#endif
-
-#ifdef EINTR
- case EINTR:
-#endif
-
-#ifdef EAGAIN
-#if EWOULDBLOCK != EAGAIN
- case EAGAIN:
-# endif
-#endif
-
-#ifdef EPROTO
- case EPROTO:
-#endif
-
-#ifdef EINPROGRESS
- case EINPROGRESS:
-#endif
-
-#ifdef EALREADY
- case EALREADY:
-#endif
- return(1);
- /* break; */
- default:
- break;
- }
- return(0);
- }
-#endif
diff --git a/src/lib/libcrypto/bn/asm/bn-586.pl b/src/lib/libcrypto/bn/asm/bn-586.pl
deleted file mode 100644
index 5191bed273..0000000000
--- a/src/lib/libcrypto/bn/asm/bn-586.pl
+++ /dev/null
@@ -1,384 +0,0 @@
-#!/usr/local/bin/perl
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-&bn_mul_add_words("bn_mul_add_words");
-&bn_mul_words("bn_mul_words");
-&bn_sqr_words("bn_sqr_words");
-&bn_div_words("bn_div_words");
-&bn_add_words("bn_add_words");
-&bn_sub_words("bn_sub_words");
-
-&asm_finish();
-
-sub bn_mul_add_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $Low="eax";
- $High="edx";
- $a="ebx";
- $w="ebp";
- $r="edi";
- $c="esi";
-
- &xor($c,$c); # clear carry
- &mov($r,&wparam(0)); #
-
- &mov("ecx",&wparam(2)); #
- &mov($a,&wparam(1)); #
-
- &and("ecx",0xfffffff8); # num / 8
- &mov($w,&wparam(3)); #
-
- &push("ecx"); # Up the stack for a tmp variable
-
- &jz(&label("maw_finish"));
-
- &set_label("maw_loop",0);
-
- &mov(&swtmp(0),"ecx"); #
-
- for ($i=0; $i<32; $i+=4)
- {
- &comment("Round $i");
-
- &mov("eax",&DWP($i,$a,"",0)); # *a
- &mul($w); # *a * w
- &add("eax",$c); # L(t)+= *r
- &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r
- &adc("edx",0); # H(t)+=carry
- &add("eax",$c); # L(t)+=c
- &adc("edx",0); # H(t)+=carry
- &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
- &mov($c,"edx"); # c= H(t);
- }
-
- &comment("");
- &mov("ecx",&swtmp(0)); #
- &add($a,32);
- &add($r,32);
- &sub("ecx",8);
- &jnz(&label("maw_loop"));
-
- &set_label("maw_finish",0);
- &mov("ecx",&wparam(2)); # get num
- &and("ecx",7);
- &jnz(&label("maw_finish2")); # helps branch prediction
- &jmp(&label("maw_end"));
-
- &set_label("maw_finish2",1);
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov("eax",&DWP($i*4,$a,"",0));# *a
- &mul($w); # *a * w
- &add("eax",$c); # L(t)+=c
- &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r
- &adc("edx",0); # H(t)+=carry
- &add("eax",$c);
- &adc("edx",0); # H(t)+=carry
- &dec("ecx") if ($i != 7-1);
- &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t);
- &mov($c,"edx"); # c= H(t);
- &jz(&label("maw_end")) if ($i != 7-1);
- }
- &set_label("maw_end",0);
- &mov("eax",$c);
-
- &pop("ecx"); # clear variable from
-
- &function_end($name);
- }
-
-sub bn_mul_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $Low="eax";
- $High="edx";
- $a="ebx";
- $w="ecx";
- $r="edi";
- $c="esi";
- $num="ebp";
-
- &xor($c,$c); # clear carry
- &mov($r,&wparam(0)); #
- &mov($a,&wparam(1)); #
- &mov($num,&wparam(2)); #
- &mov($w,&wparam(3)); #
-
- &and($num,0xfffffff8); # num / 8
- &jz(&label("mw_finish"));
-
- &set_label("mw_loop",0);
- for ($i=0; $i<32; $i+=4)
- {
- &comment("Round $i");
-
- &mov("eax",&DWP($i,$a,"",0)); # *a
- &mul($w); # *a * w
- &add("eax",$c); # L(t)+=c
- # XXX
-
- &adc("edx",0); # H(t)+=carry
- &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
-
- &mov($c,"edx"); # c= H(t);
- }
-
- &comment("");
- &add($a,32);
- &add($r,32);
- &sub($num,8);
- &jz(&label("mw_finish"));
- &jmp(&label("mw_loop"));
-
- &set_label("mw_finish",0);
- &mov($num,&wparam(2)); # get num
- &and($num,7);
- &jnz(&label("mw_finish2"));
- &jmp(&label("mw_end"));
-
- &set_label("mw_finish2",1);
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov("eax",&DWP($i*4,$a,"",0));# *a
- &mul($w); # *a * w
- &add("eax",$c); # L(t)+=c
- # XXX
- &adc("edx",0); # H(t)+=carry
- &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
- &mov($c,"edx"); # c= H(t);
- &dec($num) if ($i != 7-1);
- &jz(&label("mw_end")) if ($i != 7-1);
- }
- &set_label("mw_end",0);
- &mov("eax",$c);
-
- &function_end($name);
- }
-
-sub bn_sqr_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $r="esi";
- $a="edi";
- $num="ebx";
-
- &mov($r,&wparam(0)); #
- &mov($a,&wparam(1)); #
- &mov($num,&wparam(2)); #
-
- &and($num,0xfffffff8); # num / 8
- &jz(&label("sw_finish"));
-
- &set_label("sw_loop",0);
- for ($i=0; $i<32; $i+=4)
- {
- &comment("Round $i");
- &mov("eax",&DWP($i,$a,"",0)); # *a
- # XXX
- &mul("eax"); # *a * *a
- &mov(&DWP($i*2,$r,"",0),"eax"); #
- &mov(&DWP($i*2+4,$r,"",0),"edx");#
- }
-
- &comment("");
- &add($a,32);
- &add($r,64);
- &sub($num,8);
- &jnz(&label("sw_loop"));
-
- &set_label("sw_finish",0);
- &mov($num,&wparam(2)); # get num
- &and($num,7);
- &jz(&label("sw_end"));
-
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov("eax",&DWP($i*4,$a,"",0)); # *a
- # XXX
- &mul("eax"); # *a * *a
- &mov(&DWP($i*8,$r,"",0),"eax"); #
- &dec($num) if ($i != 7-1);
- &mov(&DWP($i*8+4,$r,"",0),"edx");
- &jz(&label("sw_end")) if ($i != 7-1);
- }
- &set_label("sw_end",0);
-
- &function_end($name);
- }
-
-sub bn_div_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
- &mov("edx",&wparam(0)); #
- &mov("eax",&wparam(1)); #
- &mov("ebx",&wparam(2)); #
- &div("ebx");
- &function_end($name);
- }
-
-sub bn_add_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $a="esi";
- $b="edi";
- $c="eax";
- $r="ebx";
- $tmp1="ecx";
- $tmp2="edx";
- $num="ebp";
-
- &mov($r,&wparam(0)); # get r
- &mov($a,&wparam(1)); # get a
- &mov($b,&wparam(2)); # get b
- &mov($num,&wparam(3)); # get num
- &xor($c,$c); # clear carry
- &and($num,0xfffffff8); # num / 8
-
- &jz(&label("aw_finish"));
-
- &set_label("aw_loop",0);
- for ($i=0; $i<8; $i++)
- {
- &comment("Round $i");
-
- &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
- &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
- &add($tmp1,$c);
- &mov($c,0);
- &adc($c,$c);
- &add($tmp1,$tmp2);
- &adc($c,0);
- &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
- }
-
- &comment("");
- &add($a,32);
- &add($b,32);
- &add($r,32);
- &sub($num,8);
- &jnz(&label("aw_loop"));
-
- &set_label("aw_finish",0);
- &mov($num,&wparam(3)); # get num
- &and($num,7);
- &jz(&label("aw_end"));
-
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
- &mov($tmp2,&DWP($i*4,$b,"",0));# *b
- &add($tmp1,$c);
- &mov($c,0);
- &adc($c,$c);
- &add($tmp1,$tmp2);
- &adc($c,0);
- &dec($num) if ($i != 6);
- &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
- &jz(&label("aw_end")) if ($i != 6);
- }
- &set_label("aw_end",0);
-
-# &mov("eax",$c); # $c is "eax"
-
- &function_end($name);
- }
-
-sub bn_sub_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $a="esi";
- $b="edi";
- $c="eax";
- $r="ebx";
- $tmp1="ecx";
- $tmp2="edx";
- $num="ebp";
-
- &mov($r,&wparam(0)); # get r
- &mov($a,&wparam(1)); # get a
- &mov($b,&wparam(2)); # get b
- &mov($num,&wparam(3)); # get num
- &xor($c,$c); # clear carry
- &and($num,0xfffffff8); # num / 8
-
- &jz(&label("aw_finish"));
-
- &set_label("aw_loop",0);
- for ($i=0; $i<8; $i++)
- {
- &comment("Round $i");
-
- &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
- &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
- &sub($tmp1,$c);
- &mov($c,0);
- &adc($c,$c);
- &sub($tmp1,$tmp2);
- &adc($c,0);
- &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
- }
-
- &comment("");
- &add($a,32);
- &add($b,32);
- &add($r,32);
- &sub($num,8);
- &jnz(&label("aw_loop"));
-
- &set_label("aw_finish",0);
- &mov($num,&wparam(3)); # get num
- &and($num,7);
- &jz(&label("aw_end"));
-
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
- &mov($tmp2,&DWP($i*4,$b,"",0));# *b
- &sub($tmp1,$c);
- &mov($c,0);
- &adc($c,$c);
- &sub($tmp1,$tmp2);
- &adc($c,0);
- &dec($num) if ($i != 6);
- &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
- &jz(&label("aw_end")) if ($i != 6);
- }
- &set_label("aw_end",0);
-
-# &mov("eax",$c); # $c is "eax"
-
- &function_end($name);
- }
-
diff --git a/src/lib/libcrypto/bn/asm/co-586.pl b/src/lib/libcrypto/bn/asm/co-586.pl
deleted file mode 100644
index 5d962cb957..0000000000
--- a/src/lib/libcrypto/bn/asm/co-586.pl
+++ /dev/null
@@ -1,286 +0,0 @@
-#!/usr/local/bin/perl
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-&bn_mul_comba("bn_mul_comba8",8);
-&bn_mul_comba("bn_mul_comba4",4);
-&bn_sqr_comba("bn_sqr_comba8",8);
-&bn_sqr_comba("bn_sqr_comba4",4);
-
-&asm_finish();
-
-sub mul_add_c
- {
- local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
- # pos == -1 if eax and edx are pre-loaded, 0 to load from next
- # words, and 1 if load return value
-
- &comment("mul a[$ai]*b[$bi]");
-
- # "eax" and "edx" will always be pre-loaded.
- # &mov("eax",&DWP($ai*4,$a,"",0)) ;
- # &mov("edx",&DWP($bi*4,$b,"",0));
-
- &mul("edx");
- &add($c0,"eax");
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a
- &mov("eax",&wparam(0)) if $pos > 0; # load r[]
- ###
- &adc($c1,"edx");
- &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b
- &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b
- ###
- &adc($c2,0);
- # is pos > 1, it means it is the last loop
- &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[];
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a
- }
-
-sub sqr_add_c
- {
- local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
- # pos == -1 if eax and edx are pre-loaded, 0 to load from next
- # words, and 1 if load return value
-
- &comment("sqr a[$ai]*a[$bi]");
-
- # "eax" and "edx" will always be pre-loaded.
- # &mov("eax",&DWP($ai*4,$a,"",0)) ;
- # &mov("edx",&DWP($bi*4,$b,"",0));
-
- if ($ai == $bi)
- { &mul("eax");}
- else
- { &mul("edx");}
- &add($c0,"eax");
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
- ###
- &adc($c1,"edx");
- &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
- ###
- &adc($c2,0);
- # is pos > 1, it means it is the last loop
- &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
- }
-
-sub sqr_add_c2
- {
- local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
- # pos == -1 if eax and edx are pre-loaded, 0 to load from next
- # words, and 1 if load return value
-
- &comment("sqr a[$ai]*a[$bi]");
-
- # "eax" and "edx" will always be pre-loaded.
- # &mov("eax",&DWP($ai*4,$a,"",0)) ;
- # &mov("edx",&DWP($bi*4,$a,"",0));
-
- if ($ai == $bi)
- { &mul("eax");}
- else
- { &mul("edx");}
- &add("eax","eax");
- ###
- &adc("edx","edx");
- ###
- &adc($c2,0);
- &add($c0,"eax");
- &adc($c1,"edx");
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
- &adc($c2,0);
- &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
- &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
- ###
- }
-
-sub bn_mul_comba
- {
- local($name,$num)=@_;
- local($a,$b,$c0,$c1,$c2);
- local($i,$as,$ae,$bs,$be,$ai,$bi);
- local($tot,$end);
-
- &function_begin_B($name,"");
-
- $c0="ebx";
- $c1="ecx";
- $c2="ebp";
- $a="esi";
- $b="edi";
-
- $as=0;
- $ae=0;
- $bs=0;
- $be=0;
- $tot=$num+$num-1;
-
- &push("esi");
- &mov($a,&wparam(1));
- &push("edi");
- &mov($b,&wparam(2));
- &push("ebp");
- &push("ebx");
-
- &xor($c0,$c0);
- &mov("eax",&DWP(0,$a,"",0)); # load the first word
- &xor($c1,$c1);
- &mov("edx",&DWP(0,$b,"",0)); # load the first second
-
- for ($i=0; $i<$tot; $i++)
- {
- $ai=$as;
- $bi=$bs;
- $end=$be+1;
-
- &comment("################## Calculate word $i");
-
- for ($j=$bs; $j<$end; $j++)
- {
- &xor($c2,$c2) if ($j == $bs);
- if (($j+1) == $end)
- {
- $v=1;
- $v=2 if (($i+1) == $tot);
- }
- else
- { $v=0; }
- if (($j+1) != $end)
- {
- $na=($ai-1);
- $nb=($bi+1);
- }
- else
- {
- $na=$as+($i < ($num-1));
- $nb=$bs+($i >= ($num-1));
- }
-#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
- &mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
- if ($v)
- {
- &comment("saved r[$i]");
- # &mov("eax",&wparam(0));
- # &mov(&DWP($i*4,"eax","",0),$c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- }
- $ai--;
- $bi++;
- }
- $as++ if ($i < ($num-1));
- $ae++ if ($i >= ($num-1));
-
- $bs++ if ($i >= ($num-1));
- $be++ if ($i < ($num-1));
- }
- &comment("save r[$i]");
- # &mov("eax",&wparam(0));
- &mov(&DWP($i*4,"eax","",0),$c0);
-
- &pop("ebx");
- &pop("ebp");
- &pop("edi");
- &pop("esi");
- &ret();
- &function_end_B($name);
- }
-
-sub bn_sqr_comba
- {
- local($name,$num)=@_;
- local($r,$a,$c0,$c1,$c2)=@_;
- local($i,$as,$ae,$bs,$be,$ai,$bi);
- local($b,$tot,$end,$half);
-
- &function_begin_B($name,"");
-
- $c0="ebx";
- $c1="ecx";
- $c2="ebp";
- $a="esi";
- $r="edi";
-
- &push("esi");
- &push("edi");
- &push("ebp");
- &push("ebx");
- &mov($r,&wparam(0));
- &mov($a,&wparam(1));
- &xor($c0,$c0);
- &xor($c1,$c1);
- &mov("eax",&DWP(0,$a,"",0)); # load the first word
-
- $as=0;
- $ae=0;
- $bs=0;
- $be=0;
- $tot=$num+$num-1;
-
- for ($i=0; $i<$tot; $i++)
- {
- $ai=$as;
- $bi=$bs;
- $end=$be+1;
-
- &comment("############### Calculate word $i");
- for ($j=$bs; $j<$end; $j++)
- {
- &xor($c2,$c2) if ($j == $bs);
- if (($ai-1) < ($bi+1))
- {
- $v=1;
- $v=2 if ($i+1) == $tot;
- }
- else
- { $v=0; }
- if (!$v)
- {
- $na=$ai-1;
- $nb=$bi+1;
- }
- else
- {
- $na=$as+($i < ($num-1));
- $nb=$bs+($i >= ($num-1));
- }
- if ($ai == $bi)
- {
- &sqr_add_c($r,$a,$ai,$bi,
- $c0,$c1,$c2,$v,$i,$na,$nb);
- }
- else
- {
- &sqr_add_c2($r,$a,$ai,$bi,
- $c0,$c1,$c2,$v,$i,$na,$nb);
- }
- if ($v)
- {
- &comment("saved r[$i]");
- #&mov(&DWP($i*4,$r,"",0),$c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- last;
- }
- $ai--;
- $bi++;
- }
- $as++ if ($i < ($num-1));
- $ae++ if ($i >= ($num-1));
-
- $bs++ if ($i >= ($num-1));
- $be++ if ($i < ($num-1));
- }
- &mov(&DWP($i*4,$r,"",0),$c0);
- &pop("ebx");
- &pop("ebp");
- &pop("edi");
- &pop("esi");
- &ret();
- &function_end_B($name);
- }
diff --git a/src/lib/libcrypto/bn/asm/pa-risc2.s b/src/lib/libcrypto/bn/asm/pa-risc2.s
deleted file mode 100644
index af9730d062..0000000000
--- a/src/lib/libcrypto/bn/asm/pa-risc2.s
+++ /dev/null
@@ -1,1618 +0,0 @@
-;
-; PA-RISC 2.0 implementation of bn_asm code, based on the
-; 64-bit version of the code. This code is effectively the
-; same as the 64-bit version except the register model is
-; slightly different given all values must be 32-bit between
-; function calls. Thus the 64-bit return values are returned
-; in %ret0 and %ret1 vs just %ret0 as is done in 64-bit
-;
-;
-; This code is approximately 2x faster than the C version
-; for RSA/DSA.
-;
-; See http://devresource.hp.com/ for more details on the PA-RISC
-; architecture. Also see the book "PA-RISC 2.0 Architecture"
-; by Gerry Kane for information on the instruction set architecture.
-;
-; Code written by Chris Ruemmler (with some help from the HP C
-; compiler).
-;
-; The code compiles with HP's assembler
-;
-
- .level 2.0N
- .space $TEXT$
- .subspa $CODE$,QUAD=0,ALIGN=8,ACCESS=0x2c,CODE_ONLY
-
-;
-; Global Register definitions used for the routines.
-;
-; Some information about HP's runtime architecture for 32-bits.
-;
-; "Caller save" means the calling function must save the register
-; if it wants the register to be preserved.
-; "Callee save" means if a function uses the register, it must save
-; the value before using it.
-;
-; For the floating point registers
-;
-; "caller save" registers: fr4-fr11, fr22-fr31
-; "callee save" registers: fr12-fr21
-; "special" registers: fr0-fr3 (status and exception registers)
-;
-; For the integer registers
-; value zero : r0
-; "caller save" registers: r1,r19-r26
-; "callee save" registers: r3-r18
-; return register : r2 (rp)
-; return values ; r28,r29 (ret0,ret1)
-; Stack pointer ; r30 (sp)
-; millicode return ptr ; r31 (also a caller save register)
-
-
-;
-; Arguments to the routines
-;
-r_ptr .reg %r26
-a_ptr .reg %r25
-b_ptr .reg %r24
-num .reg %r24
-n .reg %r23
-
-;
-; Note that the "w" argument for bn_mul_add_words and bn_mul_words
-; is passed on the stack at a delta of -56 from the top of stack
-; as the routine is entered.
-;
-
-;
-; Globals used in some routines
-;
-
-top_overflow .reg %r23
-high_mask .reg %r22 ; value 0xffffffff80000000L
-
-
-;------------------------------------------------------------------------------
-;
-; bn_mul_add_words
-;
-;BN_ULONG bn_mul_add_words(BN_ULONG *r_ptr, BN_ULONG *a_ptr,
-; int num, BN_ULONG w)
-;
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg3 = num
-; -56(sp) = w
-;
-; Local register definitions
-;
-
-fm1 .reg %fr22
-fm .reg %fr23
-ht_temp .reg %fr24
-ht_temp_1 .reg %fr25
-lt_temp .reg %fr26
-lt_temp_1 .reg %fr27
-fm1_1 .reg %fr28
-fm_1 .reg %fr29
-
-fw_h .reg %fr7L
-fw_l .reg %fr7R
-fw .reg %fr7
-
-fht_0 .reg %fr8L
-flt_0 .reg %fr8R
-t_float_0 .reg %fr8
-
-fht_1 .reg %fr9L
-flt_1 .reg %fr9R
-t_float_1 .reg %fr9
-
-tmp_0 .reg %r31
-tmp_1 .reg %r21
-m_0 .reg %r20
-m_1 .reg %r19
-ht_0 .reg %r1
-ht_1 .reg %r3
-lt_0 .reg %r4
-lt_1 .reg %r5
-m1_0 .reg %r6
-m1_1 .reg %r7
-rp_val .reg %r8
-rp_val_1 .reg %r9
-
-bn_mul_add_words
- .export bn_mul_add_words,entry,NO_RELOCATION,LONG_RETURN
- .proc
- .callinfo frame=128
- .entry
- .align 64
-
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- NOP ; Needed to make the loop 16-byte aligned
- NOP ; needed to make the loop 16-byte aligned
-
- STD %r5,16(%sp) ; save r5
- NOP
- STD %r6,24(%sp) ; save r6
- STD %r7,32(%sp) ; save r7
-
- STD %r8,40(%sp) ; save r8
- STD %r9,48(%sp) ; save r9
- COPY %r0,%ret1 ; return 0 by default
- DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32
-
- CMPIB,>= 0,num,bn_mul_add_words_exit ; if (num <= 0) then exit
- LDO 128(%sp),%sp ; bump stack
-
- ;
- ; The loop is unrolled twice, so if there is only 1 number
- ; then go straight to the cleanup code.
- ;
- CMPIB,= 1,num,bn_mul_add_words_single_top
- FLDD -184(%sp),fw ; (-56-128) load up w into fw (fw_h/fw_l)
-
- ;
- ; This loop is unrolled 2 times (64-byte aligned as well)
- ;
- ; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
- ; two 32-bit mutiplies can be issued per cycle.
- ;
-bn_mul_add_words_unroll2
-
- FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
- FLDD 8(a_ptr),t_float_1 ; load up 64-bit value (fr8L) ht(L)/lt(R)
- LDD 0(r_ptr),rp_val ; rp[0]
- LDD 8(r_ptr),rp_val_1 ; rp[1]
-
- XMPYU fht_0,fw_l,fm1 ; m1[0] = fht_0*fw_l
- XMPYU fht_1,fw_l,fm1_1 ; m1[1] = fht_1*fw_l
- FSTD fm1,-16(%sp) ; -16(sp) = m1[0]
- FSTD fm1_1,-48(%sp) ; -48(sp) = m1[1]
-
- XMPYU flt_0,fw_h,fm ; m[0] = flt_0*fw_h
- XMPYU flt_1,fw_h,fm_1 ; m[1] = flt_1*fw_h
- FSTD fm,-8(%sp) ; -8(sp) = m[0]
- FSTD fm_1,-40(%sp) ; -40(sp) = m[1]
-
- XMPYU fht_0,fw_h,ht_temp ; ht_temp = fht_0*fw_h
- XMPYU fht_1,fw_h,ht_temp_1 ; ht_temp_1 = fht_1*fw_h
- FSTD ht_temp,-24(%sp) ; -24(sp) = ht_temp
- FSTD ht_temp_1,-56(%sp) ; -56(sp) = ht_temp_1
-
- XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
- XMPYU flt_1,fw_l,lt_temp_1 ; lt_temp = lt*fw_l
- FSTD lt_temp,-32(%sp) ; -32(sp) = lt_temp
- FSTD lt_temp_1,-64(%sp) ; -64(sp) = lt_temp_1
-
- LDD -8(%sp),m_0 ; m[0]
- LDD -40(%sp),m_1 ; m[1]
- LDD -16(%sp),m1_0 ; m1[0]
- LDD -48(%sp),m1_1 ; m1[1]
-
- LDD -24(%sp),ht_0 ; ht[0]
- LDD -56(%sp),ht_1 ; ht[1]
- ADD,L m1_0,m_0,tmp_0 ; tmp_0 = m[0] + m1[0];
- ADD,L m1_1,m_1,tmp_1 ; tmp_1 = m[1] + m1[1];
-
- LDD -32(%sp),lt_0
- LDD -64(%sp),lt_1
- CMPCLR,*>>= tmp_0,m1_0, %r0 ; if (m[0] < m1[0])
- ADD,L ht_0,top_overflow,ht_0 ; ht[0] += (1<<32)
-
- CMPCLR,*>>= tmp_1,m1_1,%r0 ; if (m[1] < m1[1])
- ADD,L ht_1,top_overflow,ht_1 ; ht[1] += (1<<32)
- EXTRD,U tmp_0,31,32,m_0 ; m[0]>>32
- DEPD,Z tmp_0,31,32,m1_0 ; m1[0] = m[0]<<32
-
- EXTRD,U tmp_1,31,32,m_1 ; m[1]>>32
- DEPD,Z tmp_1,31,32,m1_1 ; m1[1] = m[1]<<32
- ADD,L ht_0,m_0,ht_0 ; ht[0]+= (m[0]>>32)
- ADD,L ht_1,m_1,ht_1 ; ht[1]+= (m[1]>>32)
-
- ADD lt_0,m1_0,lt_0 ; lt[0] = lt[0]+m1[0];
- ADD,DC ht_0,%r0,ht_0 ; ht[0]++
- ADD lt_1,m1_1,lt_1 ; lt[1] = lt[1]+m1[1];
- ADD,DC ht_1,%r0,ht_1 ; ht[1]++
-
- ADD %ret1,lt_0,lt_0 ; lt[0] = lt[0] + c;
- ADD,DC ht_0,%r0,ht_0 ; ht[0]++
- ADD lt_0,rp_val,lt_0 ; lt[0] = lt[0]+rp[0]
- ADD,DC ht_0,%r0,ht_0 ; ht[0]++
-
- LDO -2(num),num ; num = num - 2;
- ADD ht_0,lt_1,lt_1 ; lt[1] = lt[1] + ht_0 (c);
- ADD,DC ht_1,%r0,ht_1 ; ht[1]++
- STD lt_0,0(r_ptr) ; rp[0] = lt[0]
-
- ADD lt_1,rp_val_1,lt_1 ; lt[1] = lt[1]+rp[1]
- ADD,DC ht_1,%r0,%ret1 ; ht[1]++
- LDO 16(a_ptr),a_ptr ; a_ptr += 2
-
- STD lt_1,8(r_ptr) ; rp[1] = lt[1]
- CMPIB,<= 2,num,bn_mul_add_words_unroll2 ; go again if more to do
- LDO 16(r_ptr),r_ptr ; r_ptr += 2
-
- CMPIB,=,N 0,num,bn_mul_add_words_exit ; are we done, or cleanup last one
-
- ;
- ; Top of loop aligned on 64-byte boundary
- ;
-bn_mul_add_words_single_top
- FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
- LDD 0(r_ptr),rp_val ; rp[0]
- LDO 8(a_ptr),a_ptr ; a_ptr++
- XMPYU fht_0,fw_l,fm1 ; m1 = ht*fw_l
- FSTD fm1,-16(%sp) ; -16(sp) = m1
- XMPYU flt_0,fw_h,fm ; m = lt*fw_h
- FSTD fm,-8(%sp) ; -8(sp) = m
- XMPYU fht_0,fw_h,ht_temp ; ht_temp = ht*fw_h
- FSTD ht_temp,-24(%sp) ; -24(sp) = ht
- XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
- FSTD lt_temp,-32(%sp) ; -32(sp) = lt
-
- LDD -8(%sp),m_0
- LDD -16(%sp),m1_0 ; m1 = temp1
- ADD,L m_0,m1_0,tmp_0 ; tmp_0 = m + m1;
- LDD -24(%sp),ht_0
- LDD -32(%sp),lt_0
-
- CMPCLR,*>>= tmp_0,m1_0,%r0 ; if (m < m1)
- ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32)
-
- EXTRD,U tmp_0,31,32,m_0 ; m>>32
- DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32
-
- ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32)
- ADD lt_0,m1_0,tmp_0 ; tmp_0 = lt+m1;
- ADD,DC ht_0,%r0,ht_0 ; ht++
- ADD %ret1,tmp_0,lt_0 ; lt = lt + c;
- ADD,DC ht_0,%r0,ht_0 ; ht++
- ADD lt_0,rp_val,lt_0 ; lt = lt+rp[0]
- ADD,DC ht_0,%r0,%ret1 ; ht++
- STD lt_0,0(r_ptr) ; rp[0] = lt
-
-bn_mul_add_words_exit
- .EXIT
-
- EXTRD,U %ret1,31,32,%ret0 ; for 32-bit, return in ret0/ret1
- LDD -80(%sp),%r9 ; restore r9
- LDD -88(%sp),%r8 ; restore r8
- LDD -96(%sp),%r7 ; restore r7
- LDD -104(%sp),%r6 ; restore r6
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3 ; restore r3
- .PROCEND ;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-;
-; arg0 = rp
-; arg1 = ap
-; arg3 = num
-; w on stack at -56(sp)
-
-bn_mul_words
- .proc
- .callinfo frame=128
- .entry
- .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .align 64
-
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- NOP
- STD %r5,16(%sp) ; save r5
-
- STD %r6,24(%sp) ; save r6
- STD %r7,32(%sp) ; save r7
- COPY %r0,%ret1 ; return 0 by default
- DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32
-
- CMPIB,>= 0,num,bn_mul_words_exit
- LDO 128(%sp),%sp ; bump stack
-
- ;
- ; See if only 1 word to do, thus just do cleanup
- ;
- CMPIB,= 1,num,bn_mul_words_single_top
- FLDD -184(%sp),fw ; (-56-128) load up w into fw (fw_h/fw_l)
-
- ;
- ; This loop is unrolled 2 times (64-byte aligned as well)
- ;
- ; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
- ; two 32-bit mutiplies can be issued per cycle.
- ;
-bn_mul_words_unroll2
-
- FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
- FLDD 8(a_ptr),t_float_1 ; load up 64-bit value (fr8L) ht(L)/lt(R)
- XMPYU fht_0,fw_l,fm1 ; m1[0] = fht_0*fw_l
- XMPYU fht_1,fw_l,fm1_1 ; m1[1] = ht*fw_l
-
- FSTD fm1,-16(%sp) ; -16(sp) = m1
- FSTD fm1_1,-48(%sp) ; -48(sp) = m1
- XMPYU flt_0,fw_h,fm ; m = lt*fw_h
- XMPYU flt_1,fw_h,fm_1 ; m = lt*fw_h
-
- FSTD fm,-8(%sp) ; -8(sp) = m
- FSTD fm_1,-40(%sp) ; -40(sp) = m
- XMPYU fht_0,fw_h,ht_temp ; ht_temp = fht_0*fw_h
- XMPYU fht_1,fw_h,ht_temp_1 ; ht_temp = ht*fw_h
-
- FSTD ht_temp,-24(%sp) ; -24(sp) = ht
- FSTD ht_temp_1,-56(%sp) ; -56(sp) = ht
- XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
- XMPYU flt_1,fw_l,lt_temp_1 ; lt_temp = lt*fw_l
-
- FSTD lt_temp,-32(%sp) ; -32(sp) = lt
- FSTD lt_temp_1,-64(%sp) ; -64(sp) = lt
- LDD -8(%sp),m_0
- LDD -40(%sp),m_1
-
- LDD -16(%sp),m1_0
- LDD -48(%sp),m1_1
- LDD -24(%sp),ht_0
- LDD -56(%sp),ht_1
-
- ADD,L m1_0,m_0,tmp_0 ; tmp_0 = m + m1;
- ADD,L m1_1,m_1,tmp_1 ; tmp_1 = m + m1;
- LDD -32(%sp),lt_0
- LDD -64(%sp),lt_1
-
- CMPCLR,*>>= tmp_0,m1_0, %r0 ; if (m < m1)
- ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32)
- CMPCLR,*>>= tmp_1,m1_1,%r0 ; if (m < m1)
- ADD,L ht_1,top_overflow,ht_1 ; ht += (1<<32)
-
- EXTRD,U tmp_0,31,32,m_0 ; m>>32
- DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32
- EXTRD,U tmp_1,31,32,m_1 ; m>>32
- DEPD,Z tmp_1,31,32,m1_1 ; m1 = m<<32
-
- ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32)
- ADD,L ht_1,m_1,ht_1 ; ht+= (m>>32)
- ADD lt_0,m1_0,lt_0 ; lt = lt+m1;
- ADD,DC ht_0,%r0,ht_0 ; ht++
-
- ADD lt_1,m1_1,lt_1 ; lt = lt+m1;
- ADD,DC ht_1,%r0,ht_1 ; ht++
- ADD %ret1,lt_0,lt_0 ; lt = lt + c (ret1);
- ADD,DC ht_0,%r0,ht_0 ; ht++
-
- ADD ht_0,lt_1,lt_1 ; lt = lt + c (ht_0)
- ADD,DC ht_1,%r0,ht_1 ; ht++
- STD lt_0,0(r_ptr) ; rp[0] = lt
- STD lt_1,8(r_ptr) ; rp[1] = lt
-
- COPY ht_1,%ret1 ; carry = ht
- LDO -2(num),num ; num = num - 2;
- LDO 16(a_ptr),a_ptr ; ap += 2
- CMPIB,<= 2,num,bn_mul_words_unroll2
- LDO 16(r_ptr),r_ptr ; rp++
-
- CMPIB,=,N 0,num,bn_mul_words_exit ; are we done?
-
- ;
- ; Top of loop aligned on 64-byte boundary
- ;
-bn_mul_words_single_top
- FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
-
- XMPYU fht_0,fw_l,fm1 ; m1 = ht*fw_l
- FSTD fm1,-16(%sp) ; -16(sp) = m1
- XMPYU flt_0,fw_h,fm ; m = lt*fw_h
- FSTD fm,-8(%sp) ; -8(sp) = m
- XMPYU fht_0,fw_h,ht_temp ; ht_temp = ht*fw_h
- FSTD ht_temp,-24(%sp) ; -24(sp) = ht
- XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
- FSTD lt_temp,-32(%sp) ; -32(sp) = lt
-
- LDD -8(%sp),m_0
- LDD -16(%sp),m1_0
- ADD,L m_0,m1_0,tmp_0 ; tmp_0 = m + m1;
- LDD -24(%sp),ht_0
- LDD -32(%sp),lt_0
-
- CMPCLR,*>>= tmp_0,m1_0,%r0 ; if (m < m1)
- ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32)
-
- EXTRD,U tmp_0,31,32,m_0 ; m>>32
- DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32
-
- ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32)
- ADD lt_0,m1_0,lt_0 ; lt= lt+m1;
- ADD,DC ht_0,%r0,ht_0 ; ht++
-
- ADD %ret1,lt_0,lt_0 ; lt = lt + c;
- ADD,DC ht_0,%r0,ht_0 ; ht++
-
- COPY ht_0,%ret1 ; copy carry
- STD lt_0,0(r_ptr) ; rp[0] = lt
-
-bn_mul_words_exit
- .EXIT
- EXTRD,U %ret1,31,32,%ret0 ; for 32-bit, return in ret0/ret1
- LDD -96(%sp),%r7 ; restore r7
- LDD -104(%sp),%r6 ; restore r6
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3 ; restore r3
- .PROCEND
-
-;----------------------------------------------------------------------------
-;
-;void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = num
-;
-
-bn_sqr_words
- .proc
- .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
- .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .entry
- .align 64
-
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- NOP
- STD %r5,16(%sp) ; save r5
-
- CMPIB,>= 0,num,bn_sqr_words_exit
- LDO 128(%sp),%sp ; bump stack
-
- ;
- ; If only 1, the goto straight to cleanup
- ;
- CMPIB,= 1,num,bn_sqr_words_single_top
- DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L
-
- ;
- ; This loop is unrolled 2 times (64-byte aligned as well)
- ;
-
-bn_sqr_words_unroll2
- FLDD 0(a_ptr),t_float_0 ; a[0]
- FLDD 8(a_ptr),t_float_1 ; a[1]
- XMPYU fht_0,flt_0,fm ; m[0]
- XMPYU fht_1,flt_1,fm_1 ; m[1]
-
- FSTD fm,-24(%sp) ; store m[0]
- FSTD fm_1,-56(%sp) ; store m[1]
- XMPYU flt_0,flt_0,lt_temp ; lt[0]
- XMPYU flt_1,flt_1,lt_temp_1 ; lt[1]
-
- FSTD lt_temp,-16(%sp) ; store lt[0]
- FSTD lt_temp_1,-48(%sp) ; store lt[1]
- XMPYU fht_0,fht_0,ht_temp ; ht[0]
- XMPYU fht_1,fht_1,ht_temp_1 ; ht[1]
-
- FSTD ht_temp,-8(%sp) ; store ht[0]
- FSTD ht_temp_1,-40(%sp) ; store ht[1]
- LDD -24(%sp),m_0
- LDD -56(%sp),m_1
-
- AND m_0,high_mask,tmp_0 ; m[0] & Mask
- AND m_1,high_mask,tmp_1 ; m[1] & Mask
- DEPD,Z m_0,30,31,m_0 ; m[0] << 32+1
- DEPD,Z m_1,30,31,m_1 ; m[1] << 32+1
-
- LDD -16(%sp),lt_0
- LDD -48(%sp),lt_1
- EXTRD,U tmp_0,32,33,tmp_0 ; tmp_0 = m[0]&Mask >> 32-1
- EXTRD,U tmp_1,32,33,tmp_1 ; tmp_1 = m[1]&Mask >> 32-1
-
- LDD -8(%sp),ht_0
- LDD -40(%sp),ht_1
- ADD,L ht_0,tmp_0,ht_0 ; ht[0] += tmp_0
- ADD,L ht_1,tmp_1,ht_1 ; ht[1] += tmp_1
-
- ADD lt_0,m_0,lt_0 ; lt = lt+m
- ADD,DC ht_0,%r0,ht_0 ; ht[0]++
- STD lt_0,0(r_ptr) ; rp[0] = lt[0]
- STD ht_0,8(r_ptr) ; rp[1] = ht[1]
-
- ADD lt_1,m_1,lt_1 ; lt = lt+m
- ADD,DC ht_1,%r0,ht_1 ; ht[1]++
- STD lt_1,16(r_ptr) ; rp[2] = lt[1]
- STD ht_1,24(r_ptr) ; rp[3] = ht[1]
-
- LDO -2(num),num ; num = num - 2;
- LDO 16(a_ptr),a_ptr ; ap += 2
- CMPIB,<= 2,num,bn_sqr_words_unroll2
- LDO 32(r_ptr),r_ptr ; rp += 4
-
- CMPIB,=,N 0,num,bn_sqr_words_exit ; are we done?
-
- ;
- ; Top of loop aligned on 64-byte boundary
- ;
-bn_sqr_words_single_top
- FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
-
- XMPYU fht_0,flt_0,fm ; m
- FSTD fm,-24(%sp) ; store m
-
- XMPYU flt_0,flt_0,lt_temp ; lt
- FSTD lt_temp,-16(%sp) ; store lt
-
- XMPYU fht_0,fht_0,ht_temp ; ht
- FSTD ht_temp,-8(%sp) ; store ht
-
- LDD -24(%sp),m_0 ; load m
- AND m_0,high_mask,tmp_0 ; m & Mask
- DEPD,Z m_0,30,31,m_0 ; m << 32+1
- LDD -16(%sp),lt_0 ; lt
-
- LDD -8(%sp),ht_0 ; ht
- EXTRD,U tmp_0,32,33,tmp_0 ; tmp_0 = m&Mask >> 32-1
- ADD m_0,lt_0,lt_0 ; lt = lt+m
- ADD,L ht_0,tmp_0,ht_0 ; ht += tmp_0
- ADD,DC ht_0,%r0,ht_0 ; ht++
-
- STD lt_0,0(r_ptr) ; rp[0] = lt
- STD ht_0,8(r_ptr) ; rp[1] = ht
-
-bn_sqr_words_exit
- .EXIT
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3
- .PROCEND ;in=23,24,25,26,29;out=28;
-
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = bp
-; arg3 = n
-
-t .reg %r22
-b .reg %r21
-l .reg %r20
-
-bn_add_words
- .proc
- .entry
- .callinfo
- .EXPORT bn_add_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .align 64
-
- CMPIB,>= 0,n,bn_add_words_exit
- COPY %r0,%ret1 ; return 0 by default
-
- ;
- ; If 2 or more numbers do the loop
- ;
- CMPIB,= 1,n,bn_add_words_single_top
- NOP
-
- ;
- ; This loop is unrolled 2 times (64-byte aligned as well)
- ;
-bn_add_words_unroll2
- LDD 0(a_ptr),t
- LDD 0(b_ptr),b
- ADD t,%ret1,t ; t = t+c;
- ADD,DC %r0,%r0,%ret1 ; set c to carry
- ADD t,b,l ; l = t + b[0]
- ADD,DC %ret1,%r0,%ret1 ; c+= carry
- STD l,0(r_ptr)
-
- LDD 8(a_ptr),t
- LDD 8(b_ptr),b
- ADD t,%ret1,t ; t = t+c;
- ADD,DC %r0,%r0,%ret1 ; set c to carry
- ADD t,b,l ; l = t + b[0]
- ADD,DC %ret1,%r0,%ret1 ; c+= carry
- STD l,8(r_ptr)
-
- LDO -2(n),n
- LDO 16(a_ptr),a_ptr
- LDO 16(b_ptr),b_ptr
-
- CMPIB,<= 2,n,bn_add_words_unroll2
- LDO 16(r_ptr),r_ptr
-
- CMPIB,=,N 0,n,bn_add_words_exit ; are we done?
-
-bn_add_words_single_top
- LDD 0(a_ptr),t
- LDD 0(b_ptr),b
-
- ADD t,%ret1,t ; t = t+c;
- ADD,DC %r0,%r0,%ret1 ; set c to carry (could use CMPCLR??)
- ADD t,b,l ; l = t + b[0]
- ADD,DC %ret1,%r0,%ret1 ; c+= carry
- STD l,0(r_ptr)
-
-bn_add_words_exit
- .EXIT
- BVE (%rp)
- EXTRD,U %ret1,31,32,%ret0 ; for 32-bit, return in ret0/ret1
- .PROCEND ;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = bp
-; arg3 = n
-
-t1 .reg %r22
-t2 .reg %r21
-sub_tmp1 .reg %r20
-sub_tmp2 .reg %r19
-
-
-bn_sub_words
- .proc
- .callinfo
- .EXPORT bn_sub_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .entry
- .align 64
-
- CMPIB,>= 0,n,bn_sub_words_exit
- COPY %r0,%ret1 ; return 0 by default
-
- ;
- ; If 2 or more numbers do the loop
- ;
- CMPIB,= 1,n,bn_sub_words_single_top
- NOP
-
- ;
- ; This loop is unrolled 2 times (64-byte aligned as well)
- ;
-bn_sub_words_unroll2
- LDD 0(a_ptr),t1
- LDD 0(b_ptr),t2
- SUB t1,t2,sub_tmp1 ; t3 = t1-t2;
- SUB sub_tmp1,%ret1,sub_tmp1 ; t3 = t3- c;
-
- CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2
- LDO 1(%r0),sub_tmp2
-
- CMPCLR,*= t1,t2,%r0
- COPY sub_tmp2,%ret1
- STD sub_tmp1,0(r_ptr)
-
- LDD 8(a_ptr),t1
- LDD 8(b_ptr),t2
- SUB t1,t2,sub_tmp1 ; t3 = t1-t2;
- SUB sub_tmp1,%ret1,sub_tmp1 ; t3 = t3- c;
- CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2
- LDO 1(%r0),sub_tmp2
-
- CMPCLR,*= t1,t2,%r0
- COPY sub_tmp2,%ret1
- STD sub_tmp1,8(r_ptr)
-
- LDO -2(n),n
- LDO 16(a_ptr),a_ptr
- LDO 16(b_ptr),b_ptr
-
- CMPIB,<= 2,n,bn_sub_words_unroll2
- LDO 16(r_ptr),r_ptr
-
- CMPIB,=,N 0,n,bn_sub_words_exit ; are we done?
-
-bn_sub_words_single_top
- LDD 0(a_ptr),t1
- LDD 0(b_ptr),t2
- SUB t1,t2,sub_tmp1 ; t3 = t1-t2;
- SUB sub_tmp1,%ret1,sub_tmp1 ; t3 = t3- c;
- CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2
- LDO 1(%r0),sub_tmp2
-
- CMPCLR,*= t1,t2,%r0
- COPY sub_tmp2,%ret1
-
- STD sub_tmp1,0(r_ptr)
-
-bn_sub_words_exit
- .EXIT
- BVE (%rp)
- EXTRD,U %ret1,31,32,%ret0 ; for 32-bit, return in ret0/ret1
- .PROCEND ;in=23,24,25,26,29;out=28;
-
-;------------------------------------------------------------------------------
-;
-; unsigned long bn_div_words(unsigned long h, unsigned long l, unsigned long d)
-;
-; arg0 = h
-; arg1 = l
-; arg2 = d
-;
-; This is mainly just output from the HP C compiler.
-;
-;------------------------------------------------------------------------------
-bn_div_words
- .PROC
- .EXPORT bn_div_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR,LONG_RETURN
- .IMPORT BN_num_bits_word,CODE
- .IMPORT __iob,DATA
- .IMPORT fprintf,CODE
- .IMPORT abort,CODE
- .IMPORT $$div2U,MILLICODE
- .CALLINFO CALLER,FRAME=144,ENTRY_GR=%r9,SAVE_RP,ARGS_SAVED,ORDERING_AWARE
- .ENTRY
- STW %r2,-20(%r30) ;offset 0x8ec
- STW,MA %r3,192(%r30) ;offset 0x8f0
- STW %r4,-188(%r30) ;offset 0x8f4
- DEPD %r5,31,32,%r6 ;offset 0x8f8
- STD %r6,-184(%r30) ;offset 0x8fc
- DEPD %r7,31,32,%r8 ;offset 0x900
- STD %r8,-176(%r30) ;offset 0x904
- STW %r9,-168(%r30) ;offset 0x908
- LDD -248(%r30),%r3 ;offset 0x90c
- COPY %r26,%r4 ;offset 0x910
- COPY %r24,%r5 ;offset 0x914
- DEPD %r25,31,32,%r4 ;offset 0x918
- CMPB,*<> %r3,%r0,$0006000C ;offset 0x91c
- DEPD %r23,31,32,%r5 ;offset 0x920
- MOVIB,TR -1,%r29,$00060002 ;offset 0x924
- EXTRD,U %r29,31,32,%r28 ;offset 0x928
-$0006002A
- LDO -1(%r29),%r29 ;offset 0x92c
- SUB %r23,%r7,%r23 ;offset 0x930
-$00060024
- SUB %r4,%r31,%r25 ;offset 0x934
- AND %r25,%r19,%r26 ;offset 0x938
- CMPB,*<>,N %r0,%r26,$00060046 ;offset 0x93c
- DEPD,Z %r25,31,32,%r20 ;offset 0x940
- OR %r20,%r24,%r21 ;offset 0x944
- CMPB,*<<,N %r21,%r23,$0006002A ;offset 0x948
- SUB %r31,%r2,%r31 ;offset 0x94c
-$00060046
-$0006002E
- DEPD,Z %r23,31,32,%r25 ;offset 0x950
- EXTRD,U %r23,31,32,%r26 ;offset 0x954
- AND %r25,%r19,%r24 ;offset 0x958
- ADD,L %r31,%r26,%r31 ;offset 0x95c
- CMPCLR,*>>= %r5,%r24,%r0 ;offset 0x960
- LDO 1(%r31),%r31 ;offset 0x964
-$00060032
- CMPB,*<<=,N %r31,%r4,$00060036 ;offset 0x968
- LDO -1(%r29),%r29 ;offset 0x96c
- ADD,L %r4,%r3,%r4 ;offset 0x970
-$00060036
- ADDIB,=,N -1,%r8,$D0 ;offset 0x974
- SUB %r5,%r24,%r28 ;offset 0x978
-$0006003A
- SUB %r4,%r31,%r24 ;offset 0x97c
- SHRPD %r24,%r28,32,%r4 ;offset 0x980
- DEPD,Z %r29,31,32,%r9 ;offset 0x984
- DEPD,Z %r28,31,32,%r5 ;offset 0x988
-$0006001C
- EXTRD,U %r4,31,32,%r31 ;offset 0x98c
- CMPB,*<>,N %r31,%r2,$00060020 ;offset 0x990
- MOVB,TR %r6,%r29,$D1 ;offset 0x994
- STD %r29,-152(%r30) ;offset 0x998
-$0006000C
- EXTRD,U %r3,31,32,%r25 ;offset 0x99c
- COPY %r3,%r26 ;offset 0x9a0
- EXTRD,U %r3,31,32,%r9 ;offset 0x9a4
- EXTRD,U %r4,31,32,%r8 ;offset 0x9a8
- .CALL ARGW0=GR,ARGW1=GR,RTNVAL=GR ;in=25,26;out=28;
- B,L BN_num_bits_word,%r2 ;offset 0x9ac
- EXTRD,U %r5,31,32,%r7 ;offset 0x9b0
- LDI 64,%r20 ;offset 0x9b4
- DEPD %r7,31,32,%r5 ;offset 0x9b8
- DEPD %r8,31,32,%r4 ;offset 0x9bc
- DEPD %r9,31,32,%r3 ;offset 0x9c0
- CMPB,= %r28,%r20,$00060012 ;offset 0x9c4
- COPY %r28,%r24 ;offset 0x9c8
- MTSARCM %r24 ;offset 0x9cc
- DEPDI,Z -1,%sar,1,%r19 ;offset 0x9d0
- CMPB,*>>,N %r4,%r19,$D2 ;offset 0x9d4
-$00060012
- SUBI 64,%r24,%r31 ;offset 0x9d8
- CMPCLR,*<< %r4,%r3,%r0 ;offset 0x9dc
- SUB %r4,%r3,%r4 ;offset 0x9e0
-$00060016
- CMPB,= %r31,%r0,$0006001A ;offset 0x9e4
- COPY %r0,%r9 ;offset 0x9e8
- MTSARCM %r31 ;offset 0x9ec
- DEPD,Z %r3,%sar,64,%r3 ;offset 0x9f0
- SUBI 64,%r31,%r26 ;offset 0x9f4
- MTSAR %r26 ;offset 0x9f8
- SHRPD %r4,%r5,%sar,%r4 ;offset 0x9fc
- MTSARCM %r31 ;offset 0xa00
- DEPD,Z %r5,%sar,64,%r5 ;offset 0xa04
-$0006001A
- DEPDI,Z -1,31,32,%r19 ;offset 0xa08
- AND %r3,%r19,%r29 ;offset 0xa0c
- EXTRD,U %r29,31,32,%r2 ;offset 0xa10
- DEPDI,Z -1,63,32,%r6 ;offset 0xa14
- MOVIB,TR 2,%r8,$0006001C ;offset 0xa18
- EXTRD,U %r3,63,32,%r7 ;offset 0xa1c
-$D2
- ADDIL LR'__iob-$global$,%r27,%r1 ;offset 0xa20
- LDIL LR'C$7,%r21 ;offset 0xa24
- LDO RR'__iob-$global$+32(%r1),%r26 ;offset 0xa28
- .CALL ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR ;in=24,25,26;out=28;
- B,L fprintf,%r2 ;offset 0xa2c
- LDO RR'C$7(%r21),%r25 ;offset 0xa30
- .CALL ;
- B,L abort,%r2 ;offset 0xa34
- NOP ;offset 0xa38
- B $D3 ;offset 0xa3c
- LDW -212(%r30),%r2 ;offset 0xa40
-$00060020
- COPY %r4,%r26 ;offset 0xa44
- EXTRD,U %r4,31,32,%r25 ;offset 0xa48
- COPY %r2,%r24 ;offset 0xa4c
- .CALL ;in=23,24,25,26;out=20,21,22,28,29; (MILLICALL)
- B,L $$div2U,%r31 ;offset 0xa50
- EXTRD,U %r2,31,32,%r23 ;offset 0xa54
- DEPD %r28,31,32,%r29 ;offset 0xa58
-$00060022
- STD %r29,-152(%r30) ;offset 0xa5c
-$D1
- AND %r5,%r19,%r24 ;offset 0xa60
- EXTRD,U %r24,31,32,%r24 ;offset 0xa64
- STW %r2,-160(%r30) ;offset 0xa68
- STW %r7,-128(%r30) ;offset 0xa6c
- FLDD -152(%r30),%fr4 ;offset 0xa70
- FLDD -152(%r30),%fr7 ;offset 0xa74
- FLDW -160(%r30),%fr8L ;offset 0xa78
- FLDW -128(%r30),%fr5L ;offset 0xa7c
- XMPYU %fr8L,%fr7L,%fr10 ;offset 0xa80
- FSTD %fr10,-136(%r30) ;offset 0xa84
- XMPYU %fr8L,%fr7R,%fr22 ;offset 0xa88
- FSTD %fr22,-144(%r30) ;offset 0xa8c
- XMPYU %fr5L,%fr4L,%fr11 ;offset 0xa90
- XMPYU %fr5L,%fr4R,%fr23 ;offset 0xa94
- FSTD %fr11,-112(%r30) ;offset 0xa98
- FSTD %fr23,-120(%r30) ;offset 0xa9c
- LDD -136(%r30),%r28 ;offset 0xaa0
- DEPD,Z %r28,31,32,%r31 ;offset 0xaa4
- LDD -144(%r30),%r20 ;offset 0xaa8
- ADD,L %r20,%r31,%r31 ;offset 0xaac
- LDD -112(%r30),%r22 ;offset 0xab0
- DEPD,Z %r22,31,32,%r22 ;offset 0xab4
- LDD -120(%r30),%r21 ;offset 0xab8
- B $00060024 ;offset 0xabc
- ADD,L %r21,%r22,%r23 ;offset 0xac0
-$D0
- OR %r9,%r29,%r29 ;offset 0xac4
-$00060040
- EXTRD,U %r29,31,32,%r28 ;offset 0xac8
-$00060002
-$L2
- LDW -212(%r30),%r2 ;offset 0xacc
-$D3
- LDW -168(%r30),%r9 ;offset 0xad0
- LDD -176(%r30),%r8 ;offset 0xad4
- EXTRD,U %r8,31,32,%r7 ;offset 0xad8
- LDD -184(%r30),%r6 ;offset 0xadc
- EXTRD,U %r6,31,32,%r5 ;offset 0xae0
- LDW -188(%r30),%r4 ;offset 0xae4
- BVE (%r2) ;offset 0xae8
- .EXIT
- LDW,MB -192(%r30),%r3 ;offset 0xaec
- .PROCEND ;in=23,25;out=28,29;fpin=105,107;
-
-
-
-
-;----------------------------------------------------------------------------
-;
-; Registers to hold 64-bit values to manipulate. The "L" part
-; of the register corresponds to the upper 32-bits, while the "R"
-; part corresponds to the lower 32-bits
-;
-; Note, that when using b6 and b7, the code must save these before
-; using them because they are callee save registers
-;
-;
-; Floating point registers to use to save values that
-; are manipulated. These don't collide with ftemp1-6 and
-; are all caller save registers
-;
-a0 .reg %fr22
-a0L .reg %fr22L
-a0R .reg %fr22R
-
-a1 .reg %fr23
-a1L .reg %fr23L
-a1R .reg %fr23R
-
-a2 .reg %fr24
-a2L .reg %fr24L
-a2R .reg %fr24R
-
-a3 .reg %fr25
-a3L .reg %fr25L
-a3R .reg %fr25R
-
-a4 .reg %fr26
-a4L .reg %fr26L
-a4R .reg %fr26R
-
-a5 .reg %fr27
-a5L .reg %fr27L
-a5R .reg %fr27R
-
-a6 .reg %fr28
-a6L .reg %fr28L
-a6R .reg %fr28R
-
-a7 .reg %fr29
-a7L .reg %fr29L
-a7R .reg %fr29R
-
-b0 .reg %fr30
-b0L .reg %fr30L
-b0R .reg %fr30R
-
-b1 .reg %fr31
-b1L .reg %fr31L
-b1R .reg %fr31R
-
-;
-; Temporary floating point variables, these are all caller save
-; registers
-;
-ftemp1 .reg %fr4
-ftemp2 .reg %fr5
-ftemp3 .reg %fr6
-ftemp4 .reg %fr7
-
-;
-; The B set of registers when used.
-;
-
-b2 .reg %fr8
-b2L .reg %fr8L
-b2R .reg %fr8R
-
-b3 .reg %fr9
-b3L .reg %fr9L
-b3R .reg %fr9R
-
-b4 .reg %fr10
-b4L .reg %fr10L
-b4R .reg %fr10R
-
-b5 .reg %fr11
-b5L .reg %fr11L
-b5R .reg %fr11R
-
-b6 .reg %fr12
-b6L .reg %fr12L
-b6R .reg %fr12R
-
-b7 .reg %fr13
-b7L .reg %fr13L
-b7R .reg %fr13R
-
-c1 .reg %r21 ; only reg
-temp1 .reg %r20 ; only reg
-temp2 .reg %r19 ; only reg
-temp3 .reg %r31 ; only reg
-
-m1 .reg %r28
-c2 .reg %r23
-high_one .reg %r1
-ht .reg %r6
-lt .reg %r5
-m .reg %r4
-c3 .reg %r3
-
-SQR_ADD_C .macro A0L,A0R,C1,C2,C3
- XMPYU A0L,A0R,ftemp1 ; m
- FSTD ftemp1,-24(%sp) ; store m
-
- XMPYU A0R,A0R,ftemp2 ; lt
- FSTD ftemp2,-16(%sp) ; store lt
-
- XMPYU A0L,A0L,ftemp3 ; ht
- FSTD ftemp3,-8(%sp) ; store ht
-
- LDD -24(%sp),m ; load m
- AND m,high_mask,temp2 ; m & Mask
- DEPD,Z m,30,31,temp3 ; m << 32+1
- LDD -16(%sp),lt ; lt
-
- LDD -8(%sp),ht ; ht
- EXTRD,U temp2,32,33,temp1 ; temp1 = m&Mask >> 32-1
- ADD temp3,lt,lt ; lt = lt+m
- ADD,L ht,temp1,ht ; ht += temp1
- ADD,DC ht,%r0,ht ; ht++
-
- ADD C1,lt,C1 ; c1=c1+lt
- ADD,DC ht,%r0,ht ; ht++
-
- ADD C2,ht,C2 ; c2=c2+ht
- ADD,DC C3,%r0,C3 ; c3++
-.endm
-
-SQR_ADD_C2 .macro A0L,A0R,A1L,A1R,C1,C2,C3
- XMPYU A0L,A1R,ftemp1 ; m1 = bl*ht
- FSTD ftemp1,-16(%sp) ;
- XMPYU A0R,A1L,ftemp2 ; m = bh*lt
- FSTD ftemp2,-8(%sp) ;
- XMPYU A0R,A1R,ftemp3 ; lt = bl*lt
- FSTD ftemp3,-32(%sp)
- XMPYU A0L,A1L,ftemp4 ; ht = bh*ht
- FSTD ftemp4,-24(%sp) ;
-
- LDD -8(%sp),m ; r21 = m
- LDD -16(%sp),m1 ; r19 = m1
- ADD,L m,m1,m ; m+m1
-
- DEPD,Z m,31,32,temp3 ; (m+m1<<32)
- LDD -24(%sp),ht ; r24 = ht
-
- CMPCLR,*>>= m,m1,%r0 ; if (m < m1)
- ADD,L ht,high_one,ht ; ht+=high_one
-
- EXTRD,U m,31,32,temp1 ; m >> 32
- LDD -32(%sp),lt ; lt
- ADD,L ht,temp1,ht ; ht+= m>>32
- ADD lt,temp3,lt ; lt = lt+m1
- ADD,DC ht,%r0,ht ; ht++
-
- ADD ht,ht,ht ; ht=ht+ht;
- ADD,DC C3,%r0,C3 ; add in carry (c3++)
-
- ADD lt,lt,lt ; lt=lt+lt;
- ADD,DC ht,%r0,ht ; add in carry (ht++)
-
- ADD C1,lt,C1 ; c1=c1+lt
- ADD,DC,*NUV ht,%r0,ht ; add in carry (ht++)
- LDO 1(C3),C3 ; bump c3 if overflow,nullify otherwise
-
- ADD C2,ht,C2 ; c2 = c2 + ht
- ADD,DC C3,%r0,C3 ; add in carry (c3++)
-.endm
-
-;
-;void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
-; arg0 = r_ptr
-; arg1 = a_ptr
-;
-
-bn_sqr_comba8
- .PROC
- .CALLINFO FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
- .EXPORT bn_sqr_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .ENTRY
- .align 64
-
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- STD %r5,16(%sp) ; save r5
- STD %r6,24(%sp) ; save r6
-
- ;
- ; Zero out carries
- ;
- COPY %r0,c1
- COPY %r0,c2
- COPY %r0,c3
-
- LDO 128(%sp),%sp ; bump stack
- DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L
- DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
-
- ;
- ; Load up all of the values we are going to use
- ;
- FLDD 0(a_ptr),a0
- FLDD 8(a_ptr),a1
- FLDD 16(a_ptr),a2
- FLDD 24(a_ptr),a3
- FLDD 32(a_ptr),a4
- FLDD 40(a_ptr),a5
- FLDD 48(a_ptr),a6
- FLDD 56(a_ptr),a7
-
- SQR_ADD_C a0L,a0R,c1,c2,c3
- STD c1,0(r_ptr) ; r[0] = c1;
- COPY %r0,c1
-
- SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
- STD c2,8(r_ptr) ; r[1] = c2;
- COPY %r0,c2
-
- SQR_ADD_C a1L,a1R,c3,c1,c2
- SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
- STD c3,16(r_ptr) ; r[2] = c3;
- COPY %r0,c3
-
- SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
- SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
- STD c1,24(r_ptr) ; r[3] = c1;
- COPY %r0,c1
-
- SQR_ADD_C a2L,a2R,c2,c3,c1
- SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
- SQR_ADD_C2 a4L,a4R,a0L,a0R,c2,c3,c1
- STD c2,32(r_ptr) ; r[4] = c2;
- COPY %r0,c2
-
- SQR_ADD_C2 a5L,a5R,a0L,a0R,c3,c1,c2
- SQR_ADD_C2 a4L,a4R,a1L,a1R,c3,c1,c2
- SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
- STD c3,40(r_ptr) ; r[5] = c3;
- COPY %r0,c3
-
- SQR_ADD_C a3L,a3R,c1,c2,c3
- SQR_ADD_C2 a4L,a4R,a2L,a2R,c1,c2,c3
- SQR_ADD_C2 a5L,a5R,a1L,a1R,c1,c2,c3
- SQR_ADD_C2 a6L,a6R,a0L,a0R,c1,c2,c3
- STD c1,48(r_ptr) ; r[6] = c1;
- COPY %r0,c1
-
- SQR_ADD_C2 a7L,a7R,a0L,a0R,c2,c3,c1
- SQR_ADD_C2 a6L,a6R,a1L,a1R,c2,c3,c1
- SQR_ADD_C2 a5L,a5R,a2L,a2R,c2,c3,c1
- SQR_ADD_C2 a4L,a4R,a3L,a3R,c2,c3,c1
- STD c2,56(r_ptr) ; r[7] = c2;
- COPY %r0,c2
-
- SQR_ADD_C a4L,a4R,c3,c1,c2
- SQR_ADD_C2 a5L,a5R,a3L,a3R,c3,c1,c2
- SQR_ADD_C2 a6L,a6R,a2L,a2R,c3,c1,c2
- SQR_ADD_C2 a7L,a7R,a1L,a1R,c3,c1,c2
- STD c3,64(r_ptr) ; r[8] = c3;
- COPY %r0,c3
-
- SQR_ADD_C2 a7L,a7R,a2L,a2R,c1,c2,c3
- SQR_ADD_C2 a6L,a6R,a3L,a3R,c1,c2,c3
- SQR_ADD_C2 a5L,a5R,a4L,a4R,c1,c2,c3
- STD c1,72(r_ptr) ; r[9] = c1;
- COPY %r0,c1
-
- SQR_ADD_C a5L,a5R,c2,c3,c1
- SQR_ADD_C2 a6L,a6R,a4L,a4R,c2,c3,c1
- SQR_ADD_C2 a7L,a7R,a3L,a3R,c2,c3,c1
- STD c2,80(r_ptr) ; r[10] = c2;
- COPY %r0,c2
-
- SQR_ADD_C2 a7L,a7R,a4L,a4R,c3,c1,c2
- SQR_ADD_C2 a6L,a6R,a5L,a5R,c3,c1,c2
- STD c3,88(r_ptr) ; r[11] = c3;
- COPY %r0,c3
-
- SQR_ADD_C a6L,a6R,c1,c2,c3
- SQR_ADD_C2 a7L,a7R,a5L,a5R,c1,c2,c3
- STD c1,96(r_ptr) ; r[12] = c1;
- COPY %r0,c1
-
- SQR_ADD_C2 a7L,a7R,a6L,a6R,c2,c3,c1
- STD c2,104(r_ptr) ; r[13] = c2;
- COPY %r0,c2
-
- SQR_ADD_C a7L,a7R,c3,c1,c2
- STD c3, 112(r_ptr) ; r[14] = c3
- STD c1, 120(r_ptr) ; r[15] = c1
-
- .EXIT
- LDD -104(%sp),%r6 ; restore r6
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3
-
- .PROCEND
-
-;-----------------------------------------------------------------------------
-;
-;void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
-; arg0 = r_ptr
-; arg1 = a_ptr
-;
-
-bn_sqr_comba4
- .proc
- .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
- .EXPORT bn_sqr_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .entry
- .align 64
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- STD %r5,16(%sp) ; save r5
- STD %r6,24(%sp) ; save r6
-
- ;
- ; Zero out carries
- ;
- COPY %r0,c1
- COPY %r0,c2
- COPY %r0,c3
-
- LDO 128(%sp),%sp ; bump stack
- DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L
- DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
-
- ;
- ; Load up all of the values we are going to use
- ;
- FLDD 0(a_ptr),a0
- FLDD 8(a_ptr),a1
- FLDD 16(a_ptr),a2
- FLDD 24(a_ptr),a3
- FLDD 32(a_ptr),a4
- FLDD 40(a_ptr),a5
- FLDD 48(a_ptr),a6
- FLDD 56(a_ptr),a7
-
- SQR_ADD_C a0L,a0R,c1,c2,c3
-
- STD c1,0(r_ptr) ; r[0] = c1;
- COPY %r0,c1
-
- SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
-
- STD c2,8(r_ptr) ; r[1] = c2;
- COPY %r0,c2
-
- SQR_ADD_C a1L,a1R,c3,c1,c2
- SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
-
- STD c3,16(r_ptr) ; r[2] = c3;
- COPY %r0,c3
-
- SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
- SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
-
- STD c1,24(r_ptr) ; r[3] = c1;
- COPY %r0,c1
-
- SQR_ADD_C a2L,a2R,c2,c3,c1
- SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
-
- STD c2,32(r_ptr) ; r[4] = c2;
- COPY %r0,c2
-
- SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
- STD c3,40(r_ptr) ; r[5] = c3;
- COPY %r0,c3
-
- SQR_ADD_C a3L,a3R,c1,c2,c3
- STD c1,48(r_ptr) ; r[6] = c1;
- STD c2,56(r_ptr) ; r[7] = c2;
-
- .EXIT
- LDD -104(%sp),%r6 ; restore r6
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3
-
- .PROCEND
-
-
-;---------------------------------------------------------------------------
-
-MUL_ADD_C .macro A0L,A0R,B0L,B0R,C1,C2,C3
- XMPYU A0L,B0R,ftemp1 ; m1 = bl*ht
- FSTD ftemp1,-16(%sp) ;
- XMPYU A0R,B0L,ftemp2 ; m = bh*lt
- FSTD ftemp2,-8(%sp) ;
- XMPYU A0R,B0R,ftemp3 ; lt = bl*lt
- FSTD ftemp3,-32(%sp)
- XMPYU A0L,B0L,ftemp4 ; ht = bh*ht
- FSTD ftemp4,-24(%sp) ;
-
- LDD -8(%sp),m ; r21 = m
- LDD -16(%sp),m1 ; r19 = m1
- ADD,L m,m1,m ; m+m1
-
- DEPD,Z m,31,32,temp3 ; (m+m1<<32)
- LDD -24(%sp),ht ; r24 = ht
-
- CMPCLR,*>>= m,m1,%r0 ; if (m < m1)
- ADD,L ht,high_one,ht ; ht+=high_one
-
- EXTRD,U m,31,32,temp1 ; m >> 32
- LDD -32(%sp),lt ; lt
- ADD,L ht,temp1,ht ; ht+= m>>32
- ADD lt,temp3,lt ; lt = lt+m1
- ADD,DC ht,%r0,ht ; ht++
-
- ADD C1,lt,C1 ; c1=c1+lt
- ADD,DC ht,%r0,ht ; bump c3 if overflow,nullify otherwise
-
- ADD C2,ht,C2 ; c2 = c2 + ht
- ADD,DC C3,%r0,C3 ; add in carry (c3++)
-.endm
-
-
-;
-;void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = b_ptr
-;
-
-bn_mul_comba8
- .proc
- .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
- .EXPORT bn_mul_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .entry
- .align 64
-
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- STD %r5,16(%sp) ; save r5
- STD %r6,24(%sp) ; save r6
- FSTD %fr12,32(%sp) ; save r6
- FSTD %fr13,40(%sp) ; save r7
-
- ;
- ; Zero out carries
- ;
- COPY %r0,c1
- COPY %r0,c2
- COPY %r0,c3
-
- LDO 128(%sp),%sp ; bump stack
- DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
-
- ;
- ; Load up all of the values we are going to use
- ;
- FLDD 0(a_ptr),a0
- FLDD 8(a_ptr),a1
- FLDD 16(a_ptr),a2
- FLDD 24(a_ptr),a3
- FLDD 32(a_ptr),a4
- FLDD 40(a_ptr),a5
- FLDD 48(a_ptr),a6
- FLDD 56(a_ptr),a7
-
- FLDD 0(b_ptr),b0
- FLDD 8(b_ptr),b1
- FLDD 16(b_ptr),b2
- FLDD 24(b_ptr),b3
- FLDD 32(b_ptr),b4
- FLDD 40(b_ptr),b5
- FLDD 48(b_ptr),b6
- FLDD 56(b_ptr),b7
-
- MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
- STD c1,0(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
- MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
- STD c2,8(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
- MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
- MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
- STD c3,16(r_ptr)
- COPY %r0,c3
-
- MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
- MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
- MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
- MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
- STD c1,24(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a4L,a4R,b0L,b0R,c2,c3,c1
- MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
- MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
- MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
- MUL_ADD_C a0L,a0R,b4L,b4R,c2,c3,c1
- STD c2,32(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a0L,a0R,b5L,b5R,c3,c1,c2
- MUL_ADD_C a1L,a1R,b4L,b4R,c3,c1,c2
- MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
- MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
- MUL_ADD_C a4L,a4R,b1L,b1R,c3,c1,c2
- MUL_ADD_C a5L,a5R,b0L,b0R,c3,c1,c2
- STD c3,40(r_ptr)
- COPY %r0,c3
-
- MUL_ADD_C a6L,a6R,b0L,b0R,c1,c2,c3
- MUL_ADD_C a5L,a5R,b1L,b1R,c1,c2,c3
- MUL_ADD_C a4L,a4R,b2L,b2R,c1,c2,c3
- MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
- MUL_ADD_C a2L,a2R,b4L,b4R,c1,c2,c3
- MUL_ADD_C a1L,a1R,b5L,b5R,c1,c2,c3
- MUL_ADD_C a0L,a0R,b6L,b6R,c1,c2,c3
- STD c1,48(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a0L,a0R,b7L,b7R,c2,c3,c1
- MUL_ADD_C a1L,a1R,b6L,b6R,c2,c3,c1
- MUL_ADD_C a2L,a2R,b5L,b5R,c2,c3,c1
- MUL_ADD_C a3L,a3R,b4L,b4R,c2,c3,c1
- MUL_ADD_C a4L,a4R,b3L,b3R,c2,c3,c1
- MUL_ADD_C a5L,a5R,b2L,b2R,c2,c3,c1
- MUL_ADD_C a6L,a6R,b1L,b1R,c2,c3,c1
- MUL_ADD_C a7L,a7R,b0L,b0R,c2,c3,c1
- STD c2,56(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a7L,a7R,b1L,b1R,c3,c1,c2
- MUL_ADD_C a6L,a6R,b2L,b2R,c3,c1,c2
- MUL_ADD_C a5L,a5R,b3L,b3R,c3,c1,c2
- MUL_ADD_C a4L,a4R,b4L,b4R,c3,c1,c2
- MUL_ADD_C a3L,a3R,b5L,b5R,c3,c1,c2
- MUL_ADD_C a2L,a2R,b6L,b6R,c3,c1,c2
- MUL_ADD_C a1L,a1R,b7L,b7R,c3,c1,c2
- STD c3,64(r_ptr)
- COPY %r0,c3
-
- MUL_ADD_C a2L,a2R,b7L,b7R,c1,c2,c3
- MUL_ADD_C a3L,a3R,b6L,b6R,c1,c2,c3
- MUL_ADD_C a4L,a4R,b5L,b5R,c1,c2,c3
- MUL_ADD_C a5L,a5R,b4L,b4R,c1,c2,c3
- MUL_ADD_C a6L,a6R,b3L,b3R,c1,c2,c3
- MUL_ADD_C a7L,a7R,b2L,b2R,c1,c2,c3
- STD c1,72(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a7L,a7R,b3L,b3R,c2,c3,c1
- MUL_ADD_C a6L,a6R,b4L,b4R,c2,c3,c1
- MUL_ADD_C a5L,a5R,b5L,b5R,c2,c3,c1
- MUL_ADD_C a4L,a4R,b6L,b6R,c2,c3,c1
- MUL_ADD_C a3L,a3R,b7L,b7R,c2,c3,c1
- STD c2,80(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a4L,a4R,b7L,b7R,c3,c1,c2
- MUL_ADD_C a5L,a5R,b6L,b6R,c3,c1,c2
- MUL_ADD_C a6L,a6R,b5L,b5R,c3,c1,c2
- MUL_ADD_C a7L,a7R,b4L,b4R,c3,c1,c2
- STD c3,88(r_ptr)
- COPY %r0,c3
-
- MUL_ADD_C a7L,a7R,b5L,b5R,c1,c2,c3
- MUL_ADD_C a6L,a6R,b6L,b6R,c1,c2,c3
- MUL_ADD_C a5L,a5R,b7L,b7R,c1,c2,c3
- STD c1,96(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a6L,a6R,b7L,b7R,c2,c3,c1
- MUL_ADD_C a7L,a7R,b6L,b6R,c2,c3,c1
- STD c2,104(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a7L,a7R,b7L,b7R,c3,c1,c2
- STD c3,112(r_ptr)
- STD c1,120(r_ptr)
-
- .EXIT
- FLDD -88(%sp),%fr13
- FLDD -96(%sp),%fr12
- LDD -104(%sp),%r6 ; restore r6
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3
-
- .PROCEND
-
-;-----------------------------------------------------------------------------
-;
-;void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = b_ptr
-;
-
-bn_mul_comba4
- .proc
- .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
- .EXPORT bn_mul_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .entry
- .align 64
-
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- STD %r5,16(%sp) ; save r5
- STD %r6,24(%sp) ; save r6
- FSTD %fr12,32(%sp) ; save r6
- FSTD %fr13,40(%sp) ; save r7
-
- ;
- ; Zero out carries
- ;
- COPY %r0,c1
- COPY %r0,c2
- COPY %r0,c3
-
- LDO 128(%sp),%sp ; bump stack
- DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
-
- ;
- ; Load up all of the values we are going to use
- ;
- FLDD 0(a_ptr),a0
- FLDD 8(a_ptr),a1
- FLDD 16(a_ptr),a2
- FLDD 24(a_ptr),a3
-
- FLDD 0(b_ptr),b0
- FLDD 8(b_ptr),b1
- FLDD 16(b_ptr),b2
- FLDD 24(b_ptr),b3
-
- MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
- STD c1,0(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
- MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
- STD c2,8(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
- MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
- MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
- STD c3,16(r_ptr)
- COPY %r0,c3
-
- MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
- MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
- MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
- MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
- STD c1,24(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
- MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
- MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
- STD c2,32(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
- MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
- STD c3,40(r_ptr)
- COPY %r0,c3
-
- MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
- STD c1,48(r_ptr)
- STD c2,56(r_ptr)
-
- .EXIT
- FLDD -88(%sp),%fr13
- FLDD -96(%sp),%fr12
- LDD -104(%sp),%r6 ; restore r6
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3
-
- .PROCEND
-
-
- .SPACE $TEXT$
- .SUBSPA $CODE$
- .SPACE $PRIVATE$,SORT=16
- .IMPORT $global$,DATA
- .SPACE $TEXT$
- .SUBSPA $CODE$
- .SUBSPA $LIT$,ACCESS=0x2c
-C$7
- .ALIGN 8
- .STRINGZ "Division would overflow (%d)\n"
- .END
diff --git a/src/lib/libcrypto/bn/asm/pa-risc2W.s b/src/lib/libcrypto/bn/asm/pa-risc2W.s
deleted file mode 100644
index a99545754d..0000000000
--- a/src/lib/libcrypto/bn/asm/pa-risc2W.s
+++ /dev/null
@@ -1,1605 +0,0 @@
-;
-; PA-RISC 64-bit implementation of bn_asm code
-;
-; This code is approximately 2x faster than the C version
-; for RSA/DSA.
-;
-; See http://devresource.hp.com/ for more details on the PA-RISC
-; architecture. Also see the book "PA-RISC 2.0 Architecture"
-; by Gerry Kane for information on the instruction set architecture.
-;
-; Code written by Chris Ruemmler (with some help from the HP C
-; compiler).
-;
-; The code compiles with HP's assembler
-;
-
- .level 2.0W
- .space $TEXT$
- .subspa $CODE$,QUAD=0,ALIGN=8,ACCESS=0x2c,CODE_ONLY
-
-;
-; Global Register definitions used for the routines.
-;
-; Some information about HP's runtime architecture for 64-bits.
-;
-; "Caller save" means the calling function must save the register
-; if it wants the register to be preserved.
-; "Callee save" means if a function uses the register, it must save
-; the value before using it.
-;
-; For the floating point registers
-;
-; "caller save" registers: fr4-fr11, fr22-fr31
-; "callee save" registers: fr12-fr21
-; "special" registers: fr0-fr3 (status and exception registers)
-;
-; For the integer registers
-; value zero : r0
-; "caller save" registers: r1,r19-r26
-; "callee save" registers: r3-r18
-; return register : r2 (rp)
-; return values ; r28 (ret0,ret1)
-; Stack pointer ; r30 (sp)
-; global data pointer ; r27 (dp)
-; argument pointer ; r29 (ap)
-; millicode return ptr ; r31 (also a caller save register)
-
-
-;
-; Arguments to the routines
-;
-r_ptr .reg %r26
-a_ptr .reg %r25
-b_ptr .reg %r24
-num .reg %r24
-w .reg %r23
-n .reg %r23
-
-
-;
-; Globals used in some routines
-;
-
-top_overflow .reg %r29
-high_mask .reg %r22 ; value 0xffffffff80000000L
-
-
-;------------------------------------------------------------------------------
-;
-; bn_mul_add_words
-;
-;BN_ULONG bn_mul_add_words(BN_ULONG *r_ptr, BN_ULONG *a_ptr,
-; int num, BN_ULONG w)
-;
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = num
-; arg3 = w
-;
-; Local register definitions
-;
-
-fm1 .reg %fr22
-fm .reg %fr23
-ht_temp .reg %fr24
-ht_temp_1 .reg %fr25
-lt_temp .reg %fr26
-lt_temp_1 .reg %fr27
-fm1_1 .reg %fr28
-fm_1 .reg %fr29
-
-fw_h .reg %fr7L
-fw_l .reg %fr7R
-fw .reg %fr7
-
-fht_0 .reg %fr8L
-flt_0 .reg %fr8R
-t_float_0 .reg %fr8
-
-fht_1 .reg %fr9L
-flt_1 .reg %fr9R
-t_float_1 .reg %fr9
-
-tmp_0 .reg %r31
-tmp_1 .reg %r21
-m_0 .reg %r20
-m_1 .reg %r19
-ht_0 .reg %r1
-ht_1 .reg %r3
-lt_0 .reg %r4
-lt_1 .reg %r5
-m1_0 .reg %r6
-m1_1 .reg %r7
-rp_val .reg %r8
-rp_val_1 .reg %r9
-
-bn_mul_add_words
- .export bn_mul_add_words,entry,NO_RELOCATION,LONG_RETURN
- .proc
- .callinfo frame=128
- .entry
- .align 64
-
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- NOP ; Needed to make the loop 16-byte aligned
- NOP ; Needed to make the loop 16-byte aligned
-
- STD %r5,16(%sp) ; save r5
- STD %r6,24(%sp) ; save r6
- STD %r7,32(%sp) ; save r7
- STD %r8,40(%sp) ; save r8
-
- STD %r9,48(%sp) ; save r9
- COPY %r0,%ret0 ; return 0 by default
- DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32
- STD w,56(%sp) ; store w on stack
-
- CMPIB,>= 0,num,bn_mul_add_words_exit ; if (num <= 0) then exit
- LDO 128(%sp),%sp ; bump stack
-
- ;
- ; The loop is unrolled twice, so if there is only 1 number
- ; then go straight to the cleanup code.
- ;
- CMPIB,= 1,num,bn_mul_add_words_single_top
- FLDD -72(%sp),fw ; load up w into fp register fw (fw_h/fw_l)
-
- ;
- ; This loop is unrolled 2 times (64-byte aligned as well)
- ;
- ; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
- ; two 32-bit mutiplies can be issued per cycle.
- ;
-bn_mul_add_words_unroll2
-
- FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
- FLDD 8(a_ptr),t_float_1 ; load up 64-bit value (fr8L) ht(L)/lt(R)
- LDD 0(r_ptr),rp_val ; rp[0]
- LDD 8(r_ptr),rp_val_1 ; rp[1]
-
- XMPYU fht_0,fw_l,fm1 ; m1[0] = fht_0*fw_l
- XMPYU fht_1,fw_l,fm1_1 ; m1[1] = fht_1*fw_l
- FSTD fm1,-16(%sp) ; -16(sp) = m1[0]
- FSTD fm1_1,-48(%sp) ; -48(sp) = m1[1]
-
- XMPYU flt_0,fw_h,fm ; m[0] = flt_0*fw_h
- XMPYU flt_1,fw_h,fm_1 ; m[1] = flt_1*fw_h
- FSTD fm,-8(%sp) ; -8(sp) = m[0]
- FSTD fm_1,-40(%sp) ; -40(sp) = m[1]
-
- XMPYU fht_0,fw_h,ht_temp ; ht_temp = fht_0*fw_h
- XMPYU fht_1,fw_h,ht_temp_1 ; ht_temp_1 = fht_1*fw_h
- FSTD ht_temp,-24(%sp) ; -24(sp) = ht_temp
- FSTD ht_temp_1,-56(%sp) ; -56(sp) = ht_temp_1
-
- XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
- XMPYU flt_1,fw_l,lt_temp_1 ; lt_temp = lt*fw_l
- FSTD lt_temp,-32(%sp) ; -32(sp) = lt_temp
- FSTD lt_temp_1,-64(%sp) ; -64(sp) = lt_temp_1
-
- LDD -8(%sp),m_0 ; m[0]
- LDD -40(%sp),m_1 ; m[1]
- LDD -16(%sp),m1_0 ; m1[0]
- LDD -48(%sp),m1_1 ; m1[1]
-
- LDD -24(%sp),ht_0 ; ht[0]
- LDD -56(%sp),ht_1 ; ht[1]
- ADD,L m1_0,m_0,tmp_0 ; tmp_0 = m[0] + m1[0];
- ADD,L m1_1,m_1,tmp_1 ; tmp_1 = m[1] + m1[1];
-
- LDD -32(%sp),lt_0
- LDD -64(%sp),lt_1
- CMPCLR,*>>= tmp_0,m1_0, %r0 ; if (m[0] < m1[0])
- ADD,L ht_0,top_overflow,ht_0 ; ht[0] += (1<<32)
-
- CMPCLR,*>>= tmp_1,m1_1,%r0 ; if (m[1] < m1[1])
- ADD,L ht_1,top_overflow,ht_1 ; ht[1] += (1<<32)
- EXTRD,U tmp_0,31,32,m_0 ; m[0]>>32
- DEPD,Z tmp_0,31,32,m1_0 ; m1[0] = m[0]<<32
-
- EXTRD,U tmp_1,31,32,m_1 ; m[1]>>32
- DEPD,Z tmp_1,31,32,m1_1 ; m1[1] = m[1]<<32
- ADD,L ht_0,m_0,ht_0 ; ht[0]+= (m[0]>>32)
- ADD,L ht_1,m_1,ht_1 ; ht[1]+= (m[1]>>32)
-
- ADD lt_0,m1_0,lt_0 ; lt[0] = lt[0]+m1[0];
- ADD,DC ht_0,%r0,ht_0 ; ht[0]++
- ADD lt_1,m1_1,lt_1 ; lt[1] = lt[1]+m1[1];
- ADD,DC ht_1,%r0,ht_1 ; ht[1]++
-
- ADD %ret0,lt_0,lt_0 ; lt[0] = lt[0] + c;
- ADD,DC ht_0,%r0,ht_0 ; ht[0]++
- ADD lt_0,rp_val,lt_0 ; lt[0] = lt[0]+rp[0]
- ADD,DC ht_0,%r0,ht_0 ; ht[0]++
-
- LDO -2(num),num ; num = num - 2;
- ADD ht_0,lt_1,lt_1 ; lt[1] = lt[1] + ht_0 (c);
- ADD,DC ht_1,%r0,ht_1 ; ht[1]++
- STD lt_0,0(r_ptr) ; rp[0] = lt[0]
-
- ADD lt_1,rp_val_1,lt_1 ; lt[1] = lt[1]+rp[1]
- ADD,DC ht_1,%r0,%ret0 ; ht[1]++
- LDO 16(a_ptr),a_ptr ; a_ptr += 2
-
- STD lt_1,8(r_ptr) ; rp[1] = lt[1]
- CMPIB,<= 2,num,bn_mul_add_words_unroll2 ; go again if more to do
- LDO 16(r_ptr),r_ptr ; r_ptr += 2
-
- CMPIB,=,N 0,num,bn_mul_add_words_exit ; are we done, or cleanup last one
-
- ;
- ; Top of loop aligned on 64-byte boundary
- ;
-bn_mul_add_words_single_top
- FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
- LDD 0(r_ptr),rp_val ; rp[0]
- LDO 8(a_ptr),a_ptr ; a_ptr++
- XMPYU fht_0,fw_l,fm1 ; m1 = ht*fw_l
- FSTD fm1,-16(%sp) ; -16(sp) = m1
- XMPYU flt_0,fw_h,fm ; m = lt*fw_h
- FSTD fm,-8(%sp) ; -8(sp) = m
- XMPYU fht_0,fw_h,ht_temp ; ht_temp = ht*fw_h
- FSTD ht_temp,-24(%sp) ; -24(sp) = ht
- XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
- FSTD lt_temp,-32(%sp) ; -32(sp) = lt
-
- LDD -8(%sp),m_0
- LDD -16(%sp),m1_0 ; m1 = temp1
- ADD,L m_0,m1_0,tmp_0 ; tmp_0 = m + m1;
- LDD -24(%sp),ht_0
- LDD -32(%sp),lt_0
-
- CMPCLR,*>>= tmp_0,m1_0,%r0 ; if (m < m1)
- ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32)
-
- EXTRD,U tmp_0,31,32,m_0 ; m>>32
- DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32
-
- ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32)
- ADD lt_0,m1_0,tmp_0 ; tmp_0 = lt+m1;
- ADD,DC ht_0,%r0,ht_0 ; ht++
- ADD %ret0,tmp_0,lt_0 ; lt = lt + c;
- ADD,DC ht_0,%r0,ht_0 ; ht++
- ADD lt_0,rp_val,lt_0 ; lt = lt+rp[0]
- ADD,DC ht_0,%r0,%ret0 ; ht++
- STD lt_0,0(r_ptr) ; rp[0] = lt
-
-bn_mul_add_words_exit
- .EXIT
- LDD -80(%sp),%r9 ; restore r9
- LDD -88(%sp),%r8 ; restore r8
- LDD -96(%sp),%r7 ; restore r7
- LDD -104(%sp),%r6 ; restore r6
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3 ; restore r3
- .PROCEND ;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = num
-; arg3 = w
-
-bn_mul_words
- .proc
- .callinfo frame=128
- .entry
- .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .align 64
-
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- STD %r5,16(%sp) ; save r5
- STD %r6,24(%sp) ; save r6
-
- STD %r7,32(%sp) ; save r7
- COPY %r0,%ret0 ; return 0 by default
- DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32
- STD w,56(%sp) ; w on stack
-
- CMPIB,>= 0,num,bn_mul_words_exit
- LDO 128(%sp),%sp ; bump stack
-
- ;
- ; See if only 1 word to do, thus just do cleanup
- ;
- CMPIB,= 1,num,bn_mul_words_single_top
- FLDD -72(%sp),fw ; load up w into fp register fw (fw_h/fw_l)
-
- ;
- ; This loop is unrolled 2 times (64-byte aligned as well)
- ;
- ; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
- ; two 32-bit mutiplies can be issued per cycle.
- ;
-bn_mul_words_unroll2
-
- FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
- FLDD 8(a_ptr),t_float_1 ; load up 64-bit value (fr8L) ht(L)/lt(R)
- XMPYU fht_0,fw_l,fm1 ; m1[0] = fht_0*fw_l
- XMPYU fht_1,fw_l,fm1_1 ; m1[1] = ht*fw_l
-
- FSTD fm1,-16(%sp) ; -16(sp) = m1
- FSTD fm1_1,-48(%sp) ; -48(sp) = m1
- XMPYU flt_0,fw_h,fm ; m = lt*fw_h
- XMPYU flt_1,fw_h,fm_1 ; m = lt*fw_h
-
- FSTD fm,-8(%sp) ; -8(sp) = m
- FSTD fm_1,-40(%sp) ; -40(sp) = m
- XMPYU fht_0,fw_h,ht_temp ; ht_temp = fht_0*fw_h
- XMPYU fht_1,fw_h,ht_temp_1 ; ht_temp = ht*fw_h
-
- FSTD ht_temp,-24(%sp) ; -24(sp) = ht
- FSTD ht_temp_1,-56(%sp) ; -56(sp) = ht
- XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
- XMPYU flt_1,fw_l,lt_temp_1 ; lt_temp = lt*fw_l
-
- FSTD lt_temp,-32(%sp) ; -32(sp) = lt
- FSTD lt_temp_1,-64(%sp) ; -64(sp) = lt
- LDD -8(%sp),m_0
- LDD -40(%sp),m_1
-
- LDD -16(%sp),m1_0
- LDD -48(%sp),m1_1
- LDD -24(%sp),ht_0
- LDD -56(%sp),ht_1
-
- ADD,L m1_0,m_0,tmp_0 ; tmp_0 = m + m1;
- ADD,L m1_1,m_1,tmp_1 ; tmp_1 = m + m1;
- LDD -32(%sp),lt_0
- LDD -64(%sp),lt_1
-
- CMPCLR,*>>= tmp_0,m1_0, %r0 ; if (m < m1)
- ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32)
- CMPCLR,*>>= tmp_1,m1_1,%r0 ; if (m < m1)
- ADD,L ht_1,top_overflow,ht_1 ; ht += (1<<32)
-
- EXTRD,U tmp_0,31,32,m_0 ; m>>32
- DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32
- EXTRD,U tmp_1,31,32,m_1 ; m>>32
- DEPD,Z tmp_1,31,32,m1_1 ; m1 = m<<32
-
- ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32)
- ADD,L ht_1,m_1,ht_1 ; ht+= (m>>32)
- ADD lt_0,m1_0,lt_0 ; lt = lt+m1;
- ADD,DC ht_0,%r0,ht_0 ; ht++
-
- ADD lt_1,m1_1,lt_1 ; lt = lt+m1;
- ADD,DC ht_1,%r0,ht_1 ; ht++
- ADD %ret0,lt_0,lt_0 ; lt = lt + c (ret0);
- ADD,DC ht_0,%r0,ht_0 ; ht++
-
- ADD ht_0,lt_1,lt_1 ; lt = lt + c (ht_0)
- ADD,DC ht_1,%r0,ht_1 ; ht++
- STD lt_0,0(r_ptr) ; rp[0] = lt
- STD lt_1,8(r_ptr) ; rp[1] = lt
-
- COPY ht_1,%ret0 ; carry = ht
- LDO -2(num),num ; num = num - 2;
- LDO 16(a_ptr),a_ptr ; ap += 2
- CMPIB,<= 2,num,bn_mul_words_unroll2
- LDO 16(r_ptr),r_ptr ; rp++
-
- CMPIB,=,N 0,num,bn_mul_words_exit ; are we done?
-
- ;
- ; Top of loop aligned on 64-byte boundary
- ;
-bn_mul_words_single_top
- FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
-
- XMPYU fht_0,fw_l,fm1 ; m1 = ht*fw_l
- FSTD fm1,-16(%sp) ; -16(sp) = m1
- XMPYU flt_0,fw_h,fm ; m = lt*fw_h
- FSTD fm,-8(%sp) ; -8(sp) = m
- XMPYU fht_0,fw_h,ht_temp ; ht_temp = ht*fw_h
- FSTD ht_temp,-24(%sp) ; -24(sp) = ht
- XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l
- FSTD lt_temp,-32(%sp) ; -32(sp) = lt
-
- LDD -8(%sp),m_0
- LDD -16(%sp),m1_0
- ADD,L m_0,m1_0,tmp_0 ; tmp_0 = m + m1;
- LDD -24(%sp),ht_0
- LDD -32(%sp),lt_0
-
- CMPCLR,*>>= tmp_0,m1_0,%r0 ; if (m < m1)
- ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32)
-
- EXTRD,U tmp_0,31,32,m_0 ; m>>32
- DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32
-
- ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32)
- ADD lt_0,m1_0,lt_0 ; lt= lt+m1;
- ADD,DC ht_0,%r0,ht_0 ; ht++
-
- ADD %ret0,lt_0,lt_0 ; lt = lt + c;
- ADD,DC ht_0,%r0,ht_0 ; ht++
-
- COPY ht_0,%ret0 ; copy carry
- STD lt_0,0(r_ptr) ; rp[0] = lt
-
-bn_mul_words_exit
- .EXIT
- LDD -96(%sp),%r7 ; restore r7
- LDD -104(%sp),%r6 ; restore r6
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3 ; restore r3
- .PROCEND ;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = num
-;
-
-bn_sqr_words
- .proc
- .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
- .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .entry
- .align 64
-
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- NOP
- STD %r5,16(%sp) ; save r5
-
- CMPIB,>= 0,num,bn_sqr_words_exit
- LDO 128(%sp),%sp ; bump stack
-
- ;
- ; If only 1, the goto straight to cleanup
- ;
- CMPIB,= 1,num,bn_sqr_words_single_top
- DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L
-
- ;
- ; This loop is unrolled 2 times (64-byte aligned as well)
- ;
-
-bn_sqr_words_unroll2
- FLDD 0(a_ptr),t_float_0 ; a[0]
- FLDD 8(a_ptr),t_float_1 ; a[1]
- XMPYU fht_0,flt_0,fm ; m[0]
- XMPYU fht_1,flt_1,fm_1 ; m[1]
-
- FSTD fm,-24(%sp) ; store m[0]
- FSTD fm_1,-56(%sp) ; store m[1]
- XMPYU flt_0,flt_0,lt_temp ; lt[0]
- XMPYU flt_1,flt_1,lt_temp_1 ; lt[1]
-
- FSTD lt_temp,-16(%sp) ; store lt[0]
- FSTD lt_temp_1,-48(%sp) ; store lt[1]
- XMPYU fht_0,fht_0,ht_temp ; ht[0]
- XMPYU fht_1,fht_1,ht_temp_1 ; ht[1]
-
- FSTD ht_temp,-8(%sp) ; store ht[0]
- FSTD ht_temp_1,-40(%sp) ; store ht[1]
- LDD -24(%sp),m_0
- LDD -56(%sp),m_1
-
- AND m_0,high_mask,tmp_0 ; m[0] & Mask
- AND m_1,high_mask,tmp_1 ; m[1] & Mask
- DEPD,Z m_0,30,31,m_0 ; m[0] << 32+1
- DEPD,Z m_1,30,31,m_1 ; m[1] << 32+1
-
- LDD -16(%sp),lt_0
- LDD -48(%sp),lt_1
- EXTRD,U tmp_0,32,33,tmp_0 ; tmp_0 = m[0]&Mask >> 32-1
- EXTRD,U tmp_1,32,33,tmp_1 ; tmp_1 = m[1]&Mask >> 32-1
-
- LDD -8(%sp),ht_0
- LDD -40(%sp),ht_1
- ADD,L ht_0,tmp_0,ht_0 ; ht[0] += tmp_0
- ADD,L ht_1,tmp_1,ht_1 ; ht[1] += tmp_1
-
- ADD lt_0,m_0,lt_0 ; lt = lt+m
- ADD,DC ht_0,%r0,ht_0 ; ht[0]++
- STD lt_0,0(r_ptr) ; rp[0] = lt[0]
- STD ht_0,8(r_ptr) ; rp[1] = ht[1]
-
- ADD lt_1,m_1,lt_1 ; lt = lt+m
- ADD,DC ht_1,%r0,ht_1 ; ht[1]++
- STD lt_1,16(r_ptr) ; rp[2] = lt[1]
- STD ht_1,24(r_ptr) ; rp[3] = ht[1]
-
- LDO -2(num),num ; num = num - 2;
- LDO 16(a_ptr),a_ptr ; ap += 2
- CMPIB,<= 2,num,bn_sqr_words_unroll2
- LDO 32(r_ptr),r_ptr ; rp += 4
-
- CMPIB,=,N 0,num,bn_sqr_words_exit ; are we done?
-
- ;
- ; Top of loop aligned on 64-byte boundary
- ;
-bn_sqr_words_single_top
- FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R)
-
- XMPYU fht_0,flt_0,fm ; m
- FSTD fm,-24(%sp) ; store m
-
- XMPYU flt_0,flt_0,lt_temp ; lt
- FSTD lt_temp,-16(%sp) ; store lt
-
- XMPYU fht_0,fht_0,ht_temp ; ht
- FSTD ht_temp,-8(%sp) ; store ht
-
- LDD -24(%sp),m_0 ; load m
- AND m_0,high_mask,tmp_0 ; m & Mask
- DEPD,Z m_0,30,31,m_0 ; m << 32+1
- LDD -16(%sp),lt_0 ; lt
-
- LDD -8(%sp),ht_0 ; ht
- EXTRD,U tmp_0,32,33,tmp_0 ; tmp_0 = m&Mask >> 32-1
- ADD m_0,lt_0,lt_0 ; lt = lt+m
- ADD,L ht_0,tmp_0,ht_0 ; ht += tmp_0
- ADD,DC ht_0,%r0,ht_0 ; ht++
-
- STD lt_0,0(r_ptr) ; rp[0] = lt
- STD ht_0,8(r_ptr) ; rp[1] = ht
-
-bn_sqr_words_exit
- .EXIT
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3
- .PROCEND ;in=23,24,25,26,29;out=28;
-
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = bp
-; arg3 = n
-
-t .reg %r22
-b .reg %r21
-l .reg %r20
-
-bn_add_words
- .proc
- .entry
- .callinfo
- .EXPORT bn_add_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .align 64
-
- CMPIB,>= 0,n,bn_add_words_exit
- COPY %r0,%ret0 ; return 0 by default
-
- ;
- ; If 2 or more numbers do the loop
- ;
- CMPIB,= 1,n,bn_add_words_single_top
- NOP
-
- ;
- ; This loop is unrolled 2 times (64-byte aligned as well)
- ;
-bn_add_words_unroll2
- LDD 0(a_ptr),t
- LDD 0(b_ptr),b
- ADD t,%ret0,t ; t = t+c;
- ADD,DC %r0,%r0,%ret0 ; set c to carry
- ADD t,b,l ; l = t + b[0]
- ADD,DC %ret0,%r0,%ret0 ; c+= carry
- STD l,0(r_ptr)
-
- LDD 8(a_ptr),t
- LDD 8(b_ptr),b
- ADD t,%ret0,t ; t = t+c;
- ADD,DC %r0,%r0,%ret0 ; set c to carry
- ADD t,b,l ; l = t + b[0]
- ADD,DC %ret0,%r0,%ret0 ; c+= carry
- STD l,8(r_ptr)
-
- LDO -2(n),n
- LDO 16(a_ptr),a_ptr
- LDO 16(b_ptr),b_ptr
-
- CMPIB,<= 2,n,bn_add_words_unroll2
- LDO 16(r_ptr),r_ptr
-
- CMPIB,=,N 0,n,bn_add_words_exit ; are we done?
-
-bn_add_words_single_top
- LDD 0(a_ptr),t
- LDD 0(b_ptr),b
-
- ADD t,%ret0,t ; t = t+c;
- ADD,DC %r0,%r0,%ret0 ; set c to carry (could use CMPCLR??)
- ADD t,b,l ; l = t + b[0]
- ADD,DC %ret0,%r0,%ret0 ; c+= carry
- STD l,0(r_ptr)
-
-bn_add_words_exit
- .EXIT
- BVE (%rp)
- NOP
- .PROCEND ;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = bp
-; arg3 = n
-
-t1 .reg %r22
-t2 .reg %r21
-sub_tmp1 .reg %r20
-sub_tmp2 .reg %r19
-
-
-bn_sub_words
- .proc
- .callinfo
- .EXPORT bn_sub_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .entry
- .align 64
-
- CMPIB,>= 0,n,bn_sub_words_exit
- COPY %r0,%ret0 ; return 0 by default
-
- ;
- ; If 2 or more numbers do the loop
- ;
- CMPIB,= 1,n,bn_sub_words_single_top
- NOP
-
- ;
- ; This loop is unrolled 2 times (64-byte aligned as well)
- ;
-bn_sub_words_unroll2
- LDD 0(a_ptr),t1
- LDD 0(b_ptr),t2
- SUB t1,t2,sub_tmp1 ; t3 = t1-t2;
- SUB sub_tmp1,%ret0,sub_tmp1 ; t3 = t3- c;
-
- CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2
- LDO 1(%r0),sub_tmp2
-
- CMPCLR,*= t1,t2,%r0
- COPY sub_tmp2,%ret0
- STD sub_tmp1,0(r_ptr)
-
- LDD 8(a_ptr),t1
- LDD 8(b_ptr),t2
- SUB t1,t2,sub_tmp1 ; t3 = t1-t2;
- SUB sub_tmp1,%ret0,sub_tmp1 ; t3 = t3- c;
- CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2
- LDO 1(%r0),sub_tmp2
-
- CMPCLR,*= t1,t2,%r0
- COPY sub_tmp2,%ret0
- STD sub_tmp1,8(r_ptr)
-
- LDO -2(n),n
- LDO 16(a_ptr),a_ptr
- LDO 16(b_ptr),b_ptr
-
- CMPIB,<= 2,n,bn_sub_words_unroll2
- LDO 16(r_ptr),r_ptr
-
- CMPIB,=,N 0,n,bn_sub_words_exit ; are we done?
-
-bn_sub_words_single_top
- LDD 0(a_ptr),t1
- LDD 0(b_ptr),t2
- SUB t1,t2,sub_tmp1 ; t3 = t1-t2;
- SUB sub_tmp1,%ret0,sub_tmp1 ; t3 = t3- c;
- CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2
- LDO 1(%r0),sub_tmp2
-
- CMPCLR,*= t1,t2,%r0
- COPY sub_tmp2,%ret0
-
- STD sub_tmp1,0(r_ptr)
-
-bn_sub_words_exit
- .EXIT
- BVE (%rp)
- NOP
- .PROCEND ;in=23,24,25,26,29;out=28;
-
-;------------------------------------------------------------------------------
-;
-; unsigned long bn_div_words(unsigned long h, unsigned long l, unsigned long d)
-;
-; arg0 = h
-; arg1 = l
-; arg2 = d
-;
-; This is mainly just modified assembly from the compiler, thus the
-; lack of variable names.
-;
-;------------------------------------------------------------------------------
-bn_div_words
- .proc
- .callinfo CALLER,FRAME=272,ENTRY_GR=%r10,SAVE_RP,ARGS_SAVED,ORDERING_AWARE
- .EXPORT bn_div_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .IMPORT BN_num_bits_word,CODE,NO_RELOCATION
- .IMPORT __iob,DATA
- .IMPORT fprintf,CODE,NO_RELOCATION
- .IMPORT abort,CODE,NO_RELOCATION
- .IMPORT $$div2U,MILLICODE
- .entry
- STD %r2,-16(%r30)
- STD,MA %r3,352(%r30)
- STD %r4,-344(%r30)
- STD %r5,-336(%r30)
- STD %r6,-328(%r30)
- STD %r7,-320(%r30)
- STD %r8,-312(%r30)
- STD %r9,-304(%r30)
- STD %r10,-296(%r30)
-
- STD %r27,-288(%r30) ; save gp
-
- COPY %r24,%r3 ; save d
- COPY %r26,%r4 ; save h (high 64-bits)
- LDO -1(%r0),%ret0 ; return -1 by default
-
- CMPB,*= %r0,%arg2,$D3 ; if (d == 0)
- COPY %r25,%r5 ; save l (low 64-bits)
-
- LDO -48(%r30),%r29 ; create ap
- .CALL ;in=26,29;out=28;
- B,L BN_num_bits_word,%r2
- COPY %r3,%r26
- LDD -288(%r30),%r27 ; restore gp
- LDI 64,%r21
-
- CMPB,= %r21,%ret0,$00000012 ;if (i == 64) (forward)
- COPY %ret0,%r24 ; i
- MTSARCM %r24
- DEPDI,Z -1,%sar,1,%r29
- CMPB,*<<,N %r29,%r4,bn_div_err_case ; if (h > 1<<i) (forward)
-
-$00000012
- SUBI 64,%r24,%r31 ; i = 64 - i;
- CMPCLR,*<< %r4,%r3,%r0 ; if (h >= d)
- SUB %r4,%r3,%r4 ; h -= d
- CMPB,= %r31,%r0,$0000001A ; if (i)
- COPY %r0,%r10 ; ret = 0
- MTSARCM %r31 ; i to shift
- DEPD,Z %r3,%sar,64,%r3 ; d <<= i;
- SUBI 64,%r31,%r19 ; 64 - i; redundent
- MTSAR %r19 ; (64 -i) to shift
- SHRPD %r4,%r5,%sar,%r4 ; l>> (64-i)
- MTSARCM %r31 ; i to shift
- DEPD,Z %r5,%sar,64,%r5 ; l <<= i;
-
-$0000001A
- DEPDI,Z -1,31,32,%r19
- EXTRD,U %r3,31,32,%r6 ; dh=(d&0xfff)>>32
- EXTRD,U %r3,63,32,%r8 ; dl = d&0xffffff
- LDO 2(%r0),%r9
- STD %r3,-280(%r30) ; "d" to stack
-
-$0000001C
- DEPDI,Z -1,63,32,%r29 ;
- EXTRD,U %r4,31,32,%r31 ; h >> 32
- CMPB,*=,N %r31,%r6,$D2 ; if ((h>>32) != dh)(forward) div
- COPY %r4,%r26
- EXTRD,U %r4,31,32,%r25
- COPY %r6,%r24
- .CALL ;in=23,24,25,26;out=20,21,22,28,29; (MILLICALL)
- B,L $$div2U,%r2
- EXTRD,U %r6,31,32,%r23
- DEPD %r28,31,32,%r29
-$D2
- STD %r29,-272(%r30) ; q
- AND %r5,%r19,%r24 ; t & 0xffffffff00000000;
- EXTRD,U %r24,31,32,%r24 ; ???
- FLDD -272(%r30),%fr7 ; q
- FLDD -280(%r30),%fr8 ; d
- XMPYU %fr8L,%fr7L,%fr10
- FSTD %fr10,-256(%r30)
- XMPYU %fr8L,%fr7R,%fr22
- FSTD %fr22,-264(%r30)
- XMPYU %fr8R,%fr7L,%fr11
- XMPYU %fr8R,%fr7R,%fr23
- FSTD %fr11,-232(%r30)
- FSTD %fr23,-240(%r30)
- LDD -256(%r30),%r28
- DEPD,Z %r28,31,32,%r2
- LDD -264(%r30),%r20
- ADD,L %r20,%r2,%r31
- LDD -232(%r30),%r22
- DEPD,Z %r22,31,32,%r22
- LDD -240(%r30),%r21
- B $00000024 ; enter loop
- ADD,L %r21,%r22,%r23
-
-$0000002A
- LDO -1(%r29),%r29
- SUB %r23,%r8,%r23
-$00000024
- SUB %r4,%r31,%r25
- AND %r25,%r19,%r26
- CMPB,*<>,N %r0,%r26,$00000046 ; (forward)
- DEPD,Z %r25,31,32,%r20
- OR %r20,%r24,%r21
- CMPB,*<<,N %r21,%r23,$0000002A ;(backward)
- SUB %r31,%r6,%r31
-;-------------Break path---------------------
-
-$00000046
- DEPD,Z %r23,31,32,%r25 ;tl
- EXTRD,U %r23,31,32,%r26 ;t
- AND %r25,%r19,%r24 ;tl = (tl<<32)&0xfffffff0000000L
- ADD,L %r31,%r26,%r31 ;th += t;
- CMPCLR,*>>= %r5,%r24,%r0 ;if (l<tl)
- LDO 1(%r31),%r31 ; th++;
- CMPB,*<<=,N %r31,%r4,$00000036 ;if (n < th) (forward)
- LDO -1(%r29),%r29 ;q--;
- ADD,L %r4,%r3,%r4 ;h += d;
-$00000036
- ADDIB,=,N -1,%r9,$D1 ;if (--count == 0) break (forward)
- SUB %r5,%r24,%r28 ; l -= tl;
- SUB %r4,%r31,%r24 ; h -= th;
- SHRPD %r24,%r28,32,%r4 ; h = ((h<<32)|(l>>32));
- DEPD,Z %r29,31,32,%r10 ; ret = q<<32
- b $0000001C
- DEPD,Z %r28,31,32,%r5 ; l = l << 32
-
-$D1
- OR %r10,%r29,%r28 ; ret |= q
-$D3
- LDD -368(%r30),%r2
-$D0
- LDD -296(%r30),%r10
- LDD -304(%r30),%r9
- LDD -312(%r30),%r8
- LDD -320(%r30),%r7
- LDD -328(%r30),%r6
- LDD -336(%r30),%r5
- LDD -344(%r30),%r4
- BVE (%r2)
- .EXIT
- LDD,MB -352(%r30),%r3
-
-bn_div_err_case
- MFIA %r6
- ADDIL L'bn_div_words-bn_div_err_case,%r6,%r1
- LDO R'bn_div_words-bn_div_err_case(%r1),%r6
- ADDIL LT'__iob,%r27,%r1
- LDD RT'__iob(%r1),%r26
- ADDIL L'C$4-bn_div_words,%r6,%r1
- LDO R'C$4-bn_div_words(%r1),%r25
- LDO 64(%r26),%r26
- .CALL ;in=24,25,26,29;out=28;
- B,L fprintf,%r2
- LDO -48(%r30),%r29
- LDD -288(%r30),%r27
- .CALL ;in=29;
- B,L abort,%r2
- LDO -48(%r30),%r29
- LDD -288(%r30),%r27
- B $D0
- LDD -368(%r30),%r2
- .PROCEND ;in=24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-; Registers to hold 64-bit values to manipulate. The "L" part
-; of the register corresponds to the upper 32-bits, while the "R"
-; part corresponds to the lower 32-bits
-;
-; Note, that when using b6 and b7, the code must save these before
-; using them because they are callee save registers
-;
-;
-; Floating point registers to use to save values that
-; are manipulated. These don't collide with ftemp1-6 and
-; are all caller save registers
-;
-a0 .reg %fr22
-a0L .reg %fr22L
-a0R .reg %fr22R
-
-a1 .reg %fr23
-a1L .reg %fr23L
-a1R .reg %fr23R
-
-a2 .reg %fr24
-a2L .reg %fr24L
-a2R .reg %fr24R
-
-a3 .reg %fr25
-a3L .reg %fr25L
-a3R .reg %fr25R
-
-a4 .reg %fr26
-a4L .reg %fr26L
-a4R .reg %fr26R
-
-a5 .reg %fr27
-a5L .reg %fr27L
-a5R .reg %fr27R
-
-a6 .reg %fr28
-a6L .reg %fr28L
-a6R .reg %fr28R
-
-a7 .reg %fr29
-a7L .reg %fr29L
-a7R .reg %fr29R
-
-b0 .reg %fr30
-b0L .reg %fr30L
-b0R .reg %fr30R
-
-b1 .reg %fr31
-b1L .reg %fr31L
-b1R .reg %fr31R
-
-;
-; Temporary floating point variables, these are all caller save
-; registers
-;
-ftemp1 .reg %fr4
-ftemp2 .reg %fr5
-ftemp3 .reg %fr6
-ftemp4 .reg %fr7
-
-;
-; The B set of registers when used.
-;
-
-b2 .reg %fr8
-b2L .reg %fr8L
-b2R .reg %fr8R
-
-b3 .reg %fr9
-b3L .reg %fr9L
-b3R .reg %fr9R
-
-b4 .reg %fr10
-b4L .reg %fr10L
-b4R .reg %fr10R
-
-b5 .reg %fr11
-b5L .reg %fr11L
-b5R .reg %fr11R
-
-b6 .reg %fr12
-b6L .reg %fr12L
-b6R .reg %fr12R
-
-b7 .reg %fr13
-b7L .reg %fr13L
-b7R .reg %fr13R
-
-c1 .reg %r21 ; only reg
-temp1 .reg %r20 ; only reg
-temp2 .reg %r19 ; only reg
-temp3 .reg %r31 ; only reg
-
-m1 .reg %r28
-c2 .reg %r23
-high_one .reg %r1
-ht .reg %r6
-lt .reg %r5
-m .reg %r4
-c3 .reg %r3
-
-SQR_ADD_C .macro A0L,A0R,C1,C2,C3
- XMPYU A0L,A0R,ftemp1 ; m
- FSTD ftemp1,-24(%sp) ; store m
-
- XMPYU A0R,A0R,ftemp2 ; lt
- FSTD ftemp2,-16(%sp) ; store lt
-
- XMPYU A0L,A0L,ftemp3 ; ht
- FSTD ftemp3,-8(%sp) ; store ht
-
- LDD -24(%sp),m ; load m
- AND m,high_mask,temp2 ; m & Mask
- DEPD,Z m,30,31,temp3 ; m << 32+1
- LDD -16(%sp),lt ; lt
-
- LDD -8(%sp),ht ; ht
- EXTRD,U temp2,32,33,temp1 ; temp1 = m&Mask >> 32-1
- ADD temp3,lt,lt ; lt = lt+m
- ADD,L ht,temp1,ht ; ht += temp1
- ADD,DC ht,%r0,ht ; ht++
-
- ADD C1,lt,C1 ; c1=c1+lt
- ADD,DC ht,%r0,ht ; ht++
-
- ADD C2,ht,C2 ; c2=c2+ht
- ADD,DC C3,%r0,C3 ; c3++
-.endm
-
-SQR_ADD_C2 .macro A0L,A0R,A1L,A1R,C1,C2,C3
- XMPYU A0L,A1R,ftemp1 ; m1 = bl*ht
- FSTD ftemp1,-16(%sp) ;
- XMPYU A0R,A1L,ftemp2 ; m = bh*lt
- FSTD ftemp2,-8(%sp) ;
- XMPYU A0R,A1R,ftemp3 ; lt = bl*lt
- FSTD ftemp3,-32(%sp)
- XMPYU A0L,A1L,ftemp4 ; ht = bh*ht
- FSTD ftemp4,-24(%sp) ;
-
- LDD -8(%sp),m ; r21 = m
- LDD -16(%sp),m1 ; r19 = m1
- ADD,L m,m1,m ; m+m1
-
- DEPD,Z m,31,32,temp3 ; (m+m1<<32)
- LDD -24(%sp),ht ; r24 = ht
-
- CMPCLR,*>>= m,m1,%r0 ; if (m < m1)
- ADD,L ht,high_one,ht ; ht+=high_one
-
- EXTRD,U m,31,32,temp1 ; m >> 32
- LDD -32(%sp),lt ; lt
- ADD,L ht,temp1,ht ; ht+= m>>32
- ADD lt,temp3,lt ; lt = lt+m1
- ADD,DC ht,%r0,ht ; ht++
-
- ADD ht,ht,ht ; ht=ht+ht;
- ADD,DC C3,%r0,C3 ; add in carry (c3++)
-
- ADD lt,lt,lt ; lt=lt+lt;
- ADD,DC ht,%r0,ht ; add in carry (ht++)
-
- ADD C1,lt,C1 ; c1=c1+lt
- ADD,DC,*NUV ht,%r0,ht ; add in carry (ht++)
- LDO 1(C3),C3 ; bump c3 if overflow,nullify otherwise
-
- ADD C2,ht,C2 ; c2 = c2 + ht
- ADD,DC C3,%r0,C3 ; add in carry (c3++)
-.endm
-
-;
-;void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
-; arg0 = r_ptr
-; arg1 = a_ptr
-;
-
-bn_sqr_comba8
- .PROC
- .CALLINFO FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
- .EXPORT bn_sqr_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .ENTRY
- .align 64
-
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- STD %r5,16(%sp) ; save r5
- STD %r6,24(%sp) ; save r6
-
- ;
- ; Zero out carries
- ;
- COPY %r0,c1
- COPY %r0,c2
- COPY %r0,c3
-
- LDO 128(%sp),%sp ; bump stack
- DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L
- DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
-
- ;
- ; Load up all of the values we are going to use
- ;
- FLDD 0(a_ptr),a0
- FLDD 8(a_ptr),a1
- FLDD 16(a_ptr),a2
- FLDD 24(a_ptr),a3
- FLDD 32(a_ptr),a4
- FLDD 40(a_ptr),a5
- FLDD 48(a_ptr),a6
- FLDD 56(a_ptr),a7
-
- SQR_ADD_C a0L,a0R,c1,c2,c3
- STD c1,0(r_ptr) ; r[0] = c1;
- COPY %r0,c1
-
- SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
- STD c2,8(r_ptr) ; r[1] = c2;
- COPY %r0,c2
-
- SQR_ADD_C a1L,a1R,c3,c1,c2
- SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
- STD c3,16(r_ptr) ; r[2] = c3;
- COPY %r0,c3
-
- SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
- SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
- STD c1,24(r_ptr) ; r[3] = c1;
- COPY %r0,c1
-
- SQR_ADD_C a2L,a2R,c2,c3,c1
- SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
- SQR_ADD_C2 a4L,a4R,a0L,a0R,c2,c3,c1
- STD c2,32(r_ptr) ; r[4] = c2;
- COPY %r0,c2
-
- SQR_ADD_C2 a5L,a5R,a0L,a0R,c3,c1,c2
- SQR_ADD_C2 a4L,a4R,a1L,a1R,c3,c1,c2
- SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
- STD c3,40(r_ptr) ; r[5] = c3;
- COPY %r0,c3
-
- SQR_ADD_C a3L,a3R,c1,c2,c3
- SQR_ADD_C2 a4L,a4R,a2L,a2R,c1,c2,c3
- SQR_ADD_C2 a5L,a5R,a1L,a1R,c1,c2,c3
- SQR_ADD_C2 a6L,a6R,a0L,a0R,c1,c2,c3
- STD c1,48(r_ptr) ; r[6] = c1;
- COPY %r0,c1
-
- SQR_ADD_C2 a7L,a7R,a0L,a0R,c2,c3,c1
- SQR_ADD_C2 a6L,a6R,a1L,a1R,c2,c3,c1
- SQR_ADD_C2 a5L,a5R,a2L,a2R,c2,c3,c1
- SQR_ADD_C2 a4L,a4R,a3L,a3R,c2,c3,c1
- STD c2,56(r_ptr) ; r[7] = c2;
- COPY %r0,c2
-
- SQR_ADD_C a4L,a4R,c3,c1,c2
- SQR_ADD_C2 a5L,a5R,a3L,a3R,c3,c1,c2
- SQR_ADD_C2 a6L,a6R,a2L,a2R,c3,c1,c2
- SQR_ADD_C2 a7L,a7R,a1L,a1R,c3,c1,c2
- STD c3,64(r_ptr) ; r[8] = c3;
- COPY %r0,c3
-
- SQR_ADD_C2 a7L,a7R,a2L,a2R,c1,c2,c3
- SQR_ADD_C2 a6L,a6R,a3L,a3R,c1,c2,c3
- SQR_ADD_C2 a5L,a5R,a4L,a4R,c1,c2,c3
- STD c1,72(r_ptr) ; r[9] = c1;
- COPY %r0,c1
-
- SQR_ADD_C a5L,a5R,c2,c3,c1
- SQR_ADD_C2 a6L,a6R,a4L,a4R,c2,c3,c1
- SQR_ADD_C2 a7L,a7R,a3L,a3R,c2,c3,c1
- STD c2,80(r_ptr) ; r[10] = c2;
- COPY %r0,c2
-
- SQR_ADD_C2 a7L,a7R,a4L,a4R,c3,c1,c2
- SQR_ADD_C2 a6L,a6R,a5L,a5R,c3,c1,c2
- STD c3,88(r_ptr) ; r[11] = c3;
- COPY %r0,c3
-
- SQR_ADD_C a6L,a6R,c1,c2,c3
- SQR_ADD_C2 a7L,a7R,a5L,a5R,c1,c2,c3
- STD c1,96(r_ptr) ; r[12] = c1;
- COPY %r0,c1
-
- SQR_ADD_C2 a7L,a7R,a6L,a6R,c2,c3,c1
- STD c2,104(r_ptr) ; r[13] = c2;
- COPY %r0,c2
-
- SQR_ADD_C a7L,a7R,c3,c1,c2
- STD c3, 112(r_ptr) ; r[14] = c3
- STD c1, 120(r_ptr) ; r[15] = c1
-
- .EXIT
- LDD -104(%sp),%r6 ; restore r6
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3
-
- .PROCEND
-
-;-----------------------------------------------------------------------------
-;
-;void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
-; arg0 = r_ptr
-; arg1 = a_ptr
-;
-
-bn_sqr_comba4
- .proc
- .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
- .EXPORT bn_sqr_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .entry
- .align 64
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- STD %r5,16(%sp) ; save r5
- STD %r6,24(%sp) ; save r6
-
- ;
- ; Zero out carries
- ;
- COPY %r0,c1
- COPY %r0,c2
- COPY %r0,c3
-
- LDO 128(%sp),%sp ; bump stack
- DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L
- DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
-
- ;
- ; Load up all of the values we are going to use
- ;
- FLDD 0(a_ptr),a0
- FLDD 8(a_ptr),a1
- FLDD 16(a_ptr),a2
- FLDD 24(a_ptr),a3
- FLDD 32(a_ptr),a4
- FLDD 40(a_ptr),a5
- FLDD 48(a_ptr),a6
- FLDD 56(a_ptr),a7
-
- SQR_ADD_C a0L,a0R,c1,c2,c3
-
- STD c1,0(r_ptr) ; r[0] = c1;
- COPY %r0,c1
-
- SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
-
- STD c2,8(r_ptr) ; r[1] = c2;
- COPY %r0,c2
-
- SQR_ADD_C a1L,a1R,c3,c1,c2
- SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
-
- STD c3,16(r_ptr) ; r[2] = c3;
- COPY %r0,c3
-
- SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
- SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
-
- STD c1,24(r_ptr) ; r[3] = c1;
- COPY %r0,c1
-
- SQR_ADD_C a2L,a2R,c2,c3,c1
- SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
-
- STD c2,32(r_ptr) ; r[4] = c2;
- COPY %r0,c2
-
- SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
- STD c3,40(r_ptr) ; r[5] = c3;
- COPY %r0,c3
-
- SQR_ADD_C a3L,a3R,c1,c2,c3
- STD c1,48(r_ptr) ; r[6] = c1;
- STD c2,56(r_ptr) ; r[7] = c2;
-
- .EXIT
- LDD -104(%sp),%r6 ; restore r6
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3
-
- .PROCEND
-
-
-;---------------------------------------------------------------------------
-
-MUL_ADD_C .macro A0L,A0R,B0L,B0R,C1,C2,C3
- XMPYU A0L,B0R,ftemp1 ; m1 = bl*ht
- FSTD ftemp1,-16(%sp) ;
- XMPYU A0R,B0L,ftemp2 ; m = bh*lt
- FSTD ftemp2,-8(%sp) ;
- XMPYU A0R,B0R,ftemp3 ; lt = bl*lt
- FSTD ftemp3,-32(%sp)
- XMPYU A0L,B0L,ftemp4 ; ht = bh*ht
- FSTD ftemp4,-24(%sp) ;
-
- LDD -8(%sp),m ; r21 = m
- LDD -16(%sp),m1 ; r19 = m1
- ADD,L m,m1,m ; m+m1
-
- DEPD,Z m,31,32,temp3 ; (m+m1<<32)
- LDD -24(%sp),ht ; r24 = ht
-
- CMPCLR,*>>= m,m1,%r0 ; if (m < m1)
- ADD,L ht,high_one,ht ; ht+=high_one
-
- EXTRD,U m,31,32,temp1 ; m >> 32
- LDD -32(%sp),lt ; lt
- ADD,L ht,temp1,ht ; ht+= m>>32
- ADD lt,temp3,lt ; lt = lt+m1
- ADD,DC ht,%r0,ht ; ht++
-
- ADD C1,lt,C1 ; c1=c1+lt
- ADD,DC ht,%r0,ht ; bump c3 if overflow,nullify otherwise
-
- ADD C2,ht,C2 ; c2 = c2 + ht
- ADD,DC C3,%r0,C3 ; add in carry (c3++)
-.endm
-
-
-;
-;void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = b_ptr
-;
-
-bn_mul_comba8
- .proc
- .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
- .EXPORT bn_mul_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .entry
- .align 64
-
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- STD %r5,16(%sp) ; save r5
- STD %r6,24(%sp) ; save r6
- FSTD %fr12,32(%sp) ; save r6
- FSTD %fr13,40(%sp) ; save r7
-
- ;
- ; Zero out carries
- ;
- COPY %r0,c1
- COPY %r0,c2
- COPY %r0,c3
-
- LDO 128(%sp),%sp ; bump stack
- DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
-
- ;
- ; Load up all of the values we are going to use
- ;
- FLDD 0(a_ptr),a0
- FLDD 8(a_ptr),a1
- FLDD 16(a_ptr),a2
- FLDD 24(a_ptr),a3
- FLDD 32(a_ptr),a4
- FLDD 40(a_ptr),a5
- FLDD 48(a_ptr),a6
- FLDD 56(a_ptr),a7
-
- FLDD 0(b_ptr),b0
- FLDD 8(b_ptr),b1
- FLDD 16(b_ptr),b2
- FLDD 24(b_ptr),b3
- FLDD 32(b_ptr),b4
- FLDD 40(b_ptr),b5
- FLDD 48(b_ptr),b6
- FLDD 56(b_ptr),b7
-
- MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
- STD c1,0(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
- MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
- STD c2,8(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
- MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
- MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
- STD c3,16(r_ptr)
- COPY %r0,c3
-
- MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
- MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
- MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
- MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
- STD c1,24(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a4L,a4R,b0L,b0R,c2,c3,c1
- MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
- MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
- MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
- MUL_ADD_C a0L,a0R,b4L,b4R,c2,c3,c1
- STD c2,32(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a0L,a0R,b5L,b5R,c3,c1,c2
- MUL_ADD_C a1L,a1R,b4L,b4R,c3,c1,c2
- MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
- MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
- MUL_ADD_C a4L,a4R,b1L,b1R,c3,c1,c2
- MUL_ADD_C a5L,a5R,b0L,b0R,c3,c1,c2
- STD c3,40(r_ptr)
- COPY %r0,c3
-
- MUL_ADD_C a6L,a6R,b0L,b0R,c1,c2,c3
- MUL_ADD_C a5L,a5R,b1L,b1R,c1,c2,c3
- MUL_ADD_C a4L,a4R,b2L,b2R,c1,c2,c3
- MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
- MUL_ADD_C a2L,a2R,b4L,b4R,c1,c2,c3
- MUL_ADD_C a1L,a1R,b5L,b5R,c1,c2,c3
- MUL_ADD_C a0L,a0R,b6L,b6R,c1,c2,c3
- STD c1,48(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a0L,a0R,b7L,b7R,c2,c3,c1
- MUL_ADD_C a1L,a1R,b6L,b6R,c2,c3,c1
- MUL_ADD_C a2L,a2R,b5L,b5R,c2,c3,c1
- MUL_ADD_C a3L,a3R,b4L,b4R,c2,c3,c1
- MUL_ADD_C a4L,a4R,b3L,b3R,c2,c3,c1
- MUL_ADD_C a5L,a5R,b2L,b2R,c2,c3,c1
- MUL_ADD_C a6L,a6R,b1L,b1R,c2,c3,c1
- MUL_ADD_C a7L,a7R,b0L,b0R,c2,c3,c1
- STD c2,56(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a7L,a7R,b1L,b1R,c3,c1,c2
- MUL_ADD_C a6L,a6R,b2L,b2R,c3,c1,c2
- MUL_ADD_C a5L,a5R,b3L,b3R,c3,c1,c2
- MUL_ADD_C a4L,a4R,b4L,b4R,c3,c1,c2
- MUL_ADD_C a3L,a3R,b5L,b5R,c3,c1,c2
- MUL_ADD_C a2L,a2R,b6L,b6R,c3,c1,c2
- MUL_ADD_C a1L,a1R,b7L,b7R,c3,c1,c2
- STD c3,64(r_ptr)
- COPY %r0,c3
-
- MUL_ADD_C a2L,a2R,b7L,b7R,c1,c2,c3
- MUL_ADD_C a3L,a3R,b6L,b6R,c1,c2,c3
- MUL_ADD_C a4L,a4R,b5L,b5R,c1,c2,c3
- MUL_ADD_C a5L,a5R,b4L,b4R,c1,c2,c3
- MUL_ADD_C a6L,a6R,b3L,b3R,c1,c2,c3
- MUL_ADD_C a7L,a7R,b2L,b2R,c1,c2,c3
- STD c1,72(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a7L,a7R,b3L,b3R,c2,c3,c1
- MUL_ADD_C a6L,a6R,b4L,b4R,c2,c3,c1
- MUL_ADD_C a5L,a5R,b5L,b5R,c2,c3,c1
- MUL_ADD_C a4L,a4R,b6L,b6R,c2,c3,c1
- MUL_ADD_C a3L,a3R,b7L,b7R,c2,c3,c1
- STD c2,80(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a4L,a4R,b7L,b7R,c3,c1,c2
- MUL_ADD_C a5L,a5R,b6L,b6R,c3,c1,c2
- MUL_ADD_C a6L,a6R,b5L,b5R,c3,c1,c2
- MUL_ADD_C a7L,a7R,b4L,b4R,c3,c1,c2
- STD c3,88(r_ptr)
- COPY %r0,c3
-
- MUL_ADD_C a7L,a7R,b5L,b5R,c1,c2,c3
- MUL_ADD_C a6L,a6R,b6L,b6R,c1,c2,c3
- MUL_ADD_C a5L,a5R,b7L,b7R,c1,c2,c3
- STD c1,96(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a6L,a6R,b7L,b7R,c2,c3,c1
- MUL_ADD_C a7L,a7R,b6L,b6R,c2,c3,c1
- STD c2,104(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a7L,a7R,b7L,b7R,c3,c1,c2
- STD c3,112(r_ptr)
- STD c1,120(r_ptr)
-
- .EXIT
- FLDD -88(%sp),%fr13
- FLDD -96(%sp),%fr12
- LDD -104(%sp),%r6 ; restore r6
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3
-
- .PROCEND
-
-;-----------------------------------------------------------------------------
-;
-;void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = b_ptr
-;
-
-bn_mul_comba4
- .proc
- .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
- .EXPORT bn_mul_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
- .entry
- .align 64
-
- STD %r3,0(%sp) ; save r3
- STD %r4,8(%sp) ; save r4
- STD %r5,16(%sp) ; save r5
- STD %r6,24(%sp) ; save r6
- FSTD %fr12,32(%sp) ; save r6
- FSTD %fr13,40(%sp) ; save r7
-
- ;
- ; Zero out carries
- ;
- COPY %r0,c1
- COPY %r0,c2
- COPY %r0,c3
-
- LDO 128(%sp),%sp ; bump stack
- DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32
-
- ;
- ; Load up all of the values we are going to use
- ;
- FLDD 0(a_ptr),a0
- FLDD 8(a_ptr),a1
- FLDD 16(a_ptr),a2
- FLDD 24(a_ptr),a3
-
- FLDD 0(b_ptr),b0
- FLDD 8(b_ptr),b1
- FLDD 16(b_ptr),b2
- FLDD 24(b_ptr),b3
-
- MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
- STD c1,0(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
- MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
- STD c2,8(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
- MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
- MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
- STD c3,16(r_ptr)
- COPY %r0,c3
-
- MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
- MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
- MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
- MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
- STD c1,24(r_ptr)
- COPY %r0,c1
-
- MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
- MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
- MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
- STD c2,32(r_ptr)
- COPY %r0,c2
-
- MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
- MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
- STD c3,40(r_ptr)
- COPY %r0,c3
-
- MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
- STD c1,48(r_ptr)
- STD c2,56(r_ptr)
-
- .EXIT
- FLDD -88(%sp),%fr13
- FLDD -96(%sp),%fr12
- LDD -104(%sp),%r6 ; restore r6
- LDD -112(%sp),%r5 ; restore r5
- LDD -120(%sp),%r4 ; restore r4
- BVE (%rp)
- LDD,MB -128(%sp),%r3
-
- .PROCEND
-
-
- .SPACE $TEXT$
- .SUBSPA $CODE$
- .SPACE $PRIVATE$,SORT=16
- .IMPORT $global$,DATA
- .SPACE $TEXT$
- .SUBSPA $CODE$
- .SUBSPA $LIT$,ACCESS=0x2c
-C$4
- .ALIGN 8
- .STRINGZ "Division would overflow (%d)\n"
- .END
diff --git a/src/lib/libcrypto/bn/asm/sparcv8.S b/src/lib/libcrypto/bn/asm/sparcv8.S
deleted file mode 100644
index 88c5dc480a..0000000000
--- a/src/lib/libcrypto/bn/asm/sparcv8.S
+++ /dev/null
@@ -1,1458 +0,0 @@
-.ident "sparcv8.s, Version 1.4"
-.ident "SPARC v8 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-
-/*
- * ====================================================================
- * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
- * ====================================================================
- */
-
-/*
- * This is my modest contributon to OpenSSL project (see
- * http://www.openssl.org/ for more information about it) and is
- * a drop-in SuperSPARC ISA replacement for crypto/bn/bn_asm.c
- * module. For updates see http://fy.chalmers.se/~appro/hpe/.
- *
- * See bn_asm.sparc.v8plus.S for more details.
- */
-
-/*
- * Revision history.
- *
- * 1.1 - new loop unrolling model(*);
- * 1.2 - made gas friendly;
- * 1.3 - fixed problem with /usr/ccs/lib/cpp;
- * 1.4 - some retunes;
- *
- * (*) see bn_asm.sparc.v8plus.S for details
- */
-
-.section ".text",#alloc,#execinstr
-.file "bn_asm.sparc.v8.S"
-
-.align 32
-
-.global bn_mul_add_words
-/*
- * BN_ULONG bn_mul_add_words(rp,ap,num,w)
- * BN_ULONG *rp,*ap;
- * int num;
- * BN_ULONG w;
- */
-bn_mul_add_words:
- cmp %o2,0
- bg,a .L_bn_mul_add_words_proceed
- ld [%o1],%g2
- retl
- clr %o0
-
-.L_bn_mul_add_words_proceed:
- andcc %o2,-4,%g0
- bz .L_bn_mul_add_words_tail
- clr %o5
-
-.L_bn_mul_add_words_loop:
- ld [%o0],%o4
- ld [%o1+4],%g3
- umul %o3,%g2,%g2
- rd %y,%g1
- addcc %o4,%o5,%o4
- addx %g1,0,%g1
- addcc %o4,%g2,%o4
- st %o4,[%o0]
- addx %g1,0,%o5
-
- ld [%o0+4],%o4
- ld [%o1+8],%g2
- umul %o3,%g3,%g3
- dec 4,%o2
- rd %y,%g1
- addcc %o4,%o5,%o4
- addx %g1,0,%g1
- addcc %o4,%g3,%o4
- st %o4,[%o0+4]
- addx %g1,0,%o5
-
- ld [%o0+8],%o4
- ld [%o1+12],%g3
- umul %o3,%g2,%g2
- inc 16,%o1
- rd %y,%g1
- addcc %o4,%o5,%o4
- addx %g1,0,%g1
- addcc %o4,%g2,%o4
- st %o4,[%o0+8]
- addx %g1,0,%o5
-
- ld [%o0+12],%o4
- umul %o3,%g3,%g3
- inc 16,%o0
- rd %y,%g1
- addcc %o4,%o5,%o4
- addx %g1,0,%g1
- addcc %o4,%g3,%o4
- st %o4,[%o0-4]
- addx %g1,0,%o5
- andcc %o2,-4,%g0
- bnz,a .L_bn_mul_add_words_loop
- ld [%o1],%g2
-
- tst %o2
- bnz,a .L_bn_mul_add_words_tail
- ld [%o1],%g2
-.L_bn_mul_add_words_return:
- retl
- mov %o5,%o0
- nop
-
-.L_bn_mul_add_words_tail:
- ld [%o0],%o4
- umul %o3,%g2,%g2
- addcc %o4,%o5,%o4
- rd %y,%g1
- addx %g1,0,%g1
- addcc %o4,%g2,%o4
- addx %g1,0,%o5
- deccc %o2
- bz .L_bn_mul_add_words_return
- st %o4,[%o0]
-
- ld [%o1+4],%g2
- ld [%o0+4],%o4
- umul %o3,%g2,%g2
- rd %y,%g1
- addcc %o4,%o5,%o4
- addx %g1,0,%g1
- addcc %o4,%g2,%o4
- addx %g1,0,%o5
- deccc %o2
- bz .L_bn_mul_add_words_return
- st %o4,[%o0+4]
-
- ld [%o1+8],%g2
- ld [%o0+8],%o4
- umul %o3,%g2,%g2
- rd %y,%g1
- addcc %o4,%o5,%o4
- addx %g1,0,%g1
- addcc %o4,%g2,%o4
- st %o4,[%o0+8]
- retl
- addx %g1,0,%o0
-
-.type bn_mul_add_words,#function
-.size bn_mul_add_words,(.-bn_mul_add_words)
-
-.align 32
-
-.global bn_mul_words
-/*
- * BN_ULONG bn_mul_words(rp,ap,num,w)
- * BN_ULONG *rp,*ap;
- * int num;
- * BN_ULONG w;
- */
-bn_mul_words:
- cmp %o2,0
- bg,a .L_bn_mul_words_proceeed
- ld [%o1],%g2
- retl
- clr %o0
-
-.L_bn_mul_words_proceeed:
- andcc %o2,-4,%g0
- bz .L_bn_mul_words_tail
- clr %o5
-
-.L_bn_mul_words_loop:
- ld [%o1+4],%g3
- umul %o3,%g2,%g2
- addcc %g2,%o5,%g2
- rd %y,%g1
- addx %g1,0,%o5
- st %g2,[%o0]
-
- ld [%o1+8],%g2
- umul %o3,%g3,%g3
- addcc %g3,%o5,%g3
- rd %y,%g1
- dec 4,%o2
- addx %g1,0,%o5
- st %g3,[%o0+4]
-
- ld [%o1+12],%g3
- umul %o3,%g2,%g2
- addcc %g2,%o5,%g2
- rd %y,%g1
- inc 16,%o1
- st %g2,[%o0+8]
- addx %g1,0,%o5
-
- umul %o3,%g3,%g3
- addcc %g3,%o5,%g3
- rd %y,%g1
- inc 16,%o0
- addx %g1,0,%o5
- st %g3,[%o0-4]
- andcc %o2,-4,%g0
- nop
- bnz,a .L_bn_mul_words_loop
- ld [%o1],%g2
-
- tst %o2
- bnz,a .L_bn_mul_words_tail
- ld [%o1],%g2
-.L_bn_mul_words_return:
- retl
- mov %o5,%o0
- nop
-
-.L_bn_mul_words_tail:
- umul %o3,%g2,%g2
- addcc %g2,%o5,%g2
- rd %y,%g1
- addx %g1,0,%o5
- deccc %o2
- bz .L_bn_mul_words_return
- st %g2,[%o0]
- nop
-
- ld [%o1+4],%g2
- umul %o3,%g2,%g2
- addcc %g2,%o5,%g2
- rd %y,%g1
- addx %g1,0,%o5
- deccc %o2
- bz .L_bn_mul_words_return
- st %g2,[%o0+4]
-
- ld [%o1+8],%g2
- umul %o3,%g2,%g2
- addcc %g2,%o5,%g2
- rd %y,%g1
- st %g2,[%o0+8]
- retl
- addx %g1,0,%o0
-
-.type bn_mul_words,#function
-.size bn_mul_words,(.-bn_mul_words)
-
-.align 32
-.global bn_sqr_words
-/*
- * void bn_sqr_words(r,a,n)
- * BN_ULONG *r,*a;
- * int n;
- */
-bn_sqr_words:
- cmp %o2,0
- bg,a .L_bn_sqr_words_proceeed
- ld [%o1],%g2
- retl
- clr %o0
-
-.L_bn_sqr_words_proceeed:
- andcc %o2,-4,%g0
- bz .L_bn_sqr_words_tail
- clr %o5
-
-.L_bn_sqr_words_loop:
- ld [%o1+4],%g3
- umul %g2,%g2,%o4
- st %o4,[%o0]
- rd %y,%o5
- st %o5,[%o0+4]
-
- ld [%o1+8],%g2
- umul %g3,%g3,%o4
- dec 4,%o2
- st %o4,[%o0+8]
- rd %y,%o5
- st %o5,[%o0+12]
- nop
-
- ld [%o1+12],%g3
- umul %g2,%g2,%o4
- st %o4,[%o0+16]
- rd %y,%o5
- inc 16,%o1
- st %o5,[%o0+20]
-
- umul %g3,%g3,%o4
- inc 32,%o0
- st %o4,[%o0-8]
- rd %y,%o5
- st %o5,[%o0-4]
- andcc %o2,-4,%g2
- bnz,a .L_bn_sqr_words_loop
- ld [%o1],%g2
-
- tst %o2
- nop
- bnz,a .L_bn_sqr_words_tail
- ld [%o1],%g2
-.L_bn_sqr_words_return:
- retl
- clr %o0
-
-.L_bn_sqr_words_tail:
- umul %g2,%g2,%o4
- st %o4,[%o0]
- deccc %o2
- rd %y,%o5
- bz .L_bn_sqr_words_return
- st %o5,[%o0+4]
-
- ld [%o1+4],%g2
- umul %g2,%g2,%o4
- st %o4,[%o0+8]
- deccc %o2
- rd %y,%o5
- nop
- bz .L_bn_sqr_words_return
- st %o5,[%o0+12]
-
- ld [%o1+8],%g2
- umul %g2,%g2,%o4
- st %o4,[%o0+16]
- rd %y,%o5
- st %o5,[%o0+20]
- retl
- clr %o0
-
-.type bn_sqr_words,#function
-.size bn_sqr_words,(.-bn_sqr_words)
-
-.align 32
-
-.global bn_div_words
-/*
- * BN_ULONG bn_div_words(h,l,d)
- * BN_ULONG h,l,d;
- */
-bn_div_words:
- wr %o0,%y
- udiv %o1,%o2,%o0
- retl
- nop
-
-.type bn_div_words,#function
-.size bn_div_words,(.-bn_div_words)
-
-.align 32
-
-.global bn_add_words
-/*
- * BN_ULONG bn_add_words(rp,ap,bp,n)
- * BN_ULONG *rp,*ap,*bp;
- * int n;
- */
-bn_add_words:
- cmp %o3,0
- bg,a .L_bn_add_words_proceed
- ld [%o1],%o4
- retl
- clr %o0
-
-.L_bn_add_words_proceed:
- andcc %o3,-4,%g0
- bz .L_bn_add_words_tail
- clr %g1
- ba .L_bn_add_words_warn_loop
- addcc %g0,0,%g0 ! clear carry flag
-
-.L_bn_add_words_loop:
- ld [%o1],%o4
-.L_bn_add_words_warn_loop:
- ld [%o2],%o5
- ld [%o1+4],%g3
- ld [%o2+4],%g4
- dec 4,%o3
- addxcc %o5,%o4,%o5
- st %o5,[%o0]
-
- ld [%o1+8],%o4
- ld [%o2+8],%o5
- inc 16,%o1
- addxcc %g3,%g4,%g3
- st %g3,[%o0+4]
-
- ld [%o1-4],%g3
- ld [%o2+12],%g4
- inc 16,%o2
- addxcc %o5,%o4,%o5
- st %o5,[%o0+8]
-
- inc 16,%o0
- addxcc %g3,%g4,%g3
- st %g3,[%o0-4]
- addx %g0,0,%g1
- andcc %o3,-4,%g0
- bnz,a .L_bn_add_words_loop
- addcc %g1,-1,%g0
-
- tst %o3
- bnz,a .L_bn_add_words_tail
- ld [%o1],%o4
-.L_bn_add_words_return:
- retl
- mov %g1,%o0
-
-.L_bn_add_words_tail:
- addcc %g1,-1,%g0
- ld [%o2],%o5
- addxcc %o5,%o4,%o5
- addx %g0,0,%g1
- deccc %o3
- bz .L_bn_add_words_return
- st %o5,[%o0]
-
- ld [%o1+4],%o4
- addcc %g1,-1,%g0
- ld [%o2+4],%o5
- addxcc %o5,%o4,%o5
- addx %g0,0,%g1
- deccc %o3
- bz .L_bn_add_words_return
- st %o5,[%o0+4]
-
- ld [%o1+8],%o4
- addcc %g1,-1,%g0
- ld [%o2+8],%o5
- addxcc %o5,%o4,%o5
- st %o5,[%o0+8]
- retl
- addx %g0,0,%o0
-
-.type bn_add_words,#function
-.size bn_add_words,(.-bn_add_words)
-
-.align 32
-
-.global bn_sub_words
-/*
- * BN_ULONG bn_sub_words(rp,ap,bp,n)
- * BN_ULONG *rp,*ap,*bp;
- * int n;
- */
-bn_sub_words:
- cmp %o3,0
- bg,a .L_bn_sub_words_proceed
- ld [%o1],%o4
- retl
- clr %o0
-
-.L_bn_sub_words_proceed:
- andcc %o3,-4,%g0
- bz .L_bn_sub_words_tail
- clr %g1
- ba .L_bn_sub_words_warm_loop
- addcc %g0,0,%g0 ! clear carry flag
-
-.L_bn_sub_words_loop:
- ld [%o1],%o4
-.L_bn_sub_words_warm_loop:
- ld [%o2],%o5
- ld [%o1+4],%g3
- ld [%o2+4],%g4
- dec 4,%o3
- subxcc %o4,%o5,%o5
- st %o5,[%o0]
-
- ld [%o1+8],%o4
- ld [%o2+8],%o5
- inc 16,%o1
- subxcc %g3,%g4,%g4
- st %g4,[%o0+4]
-
- ld [%o1-4],%g3
- ld [%o2+12],%g4
- inc 16,%o2
- subxcc %o4,%o5,%o5
- st %o5,[%o0+8]
-
- inc 16,%o0
- subxcc %g3,%g4,%g4
- st %g4,[%o0-4]
- addx %g0,0,%g1
- andcc %o3,-4,%g0
- bnz,a .L_bn_sub_words_loop
- addcc %g1,-1,%g0
-
- tst %o3
- nop
- bnz,a .L_bn_sub_words_tail
- ld [%o1],%o4
-.L_bn_sub_words_return:
- retl
- mov %g1,%o0
-
-.L_bn_sub_words_tail:
- addcc %g1,-1,%g0
- ld [%o2],%o5
- subxcc %o4,%o5,%o5
- addx %g0,0,%g1
- deccc %o3
- bz .L_bn_sub_words_return
- st %o5,[%o0]
- nop
-
- ld [%o1+4],%o4
- addcc %g1,-1,%g0
- ld [%o2+4],%o5
- subxcc %o4,%o5,%o5
- addx %g0,0,%g1
- deccc %o3
- bz .L_bn_sub_words_return
- st %o5,[%o0+4]
-
- ld [%o1+8],%o4
- addcc %g1,-1,%g0
- ld [%o2+8],%o5
- subxcc %o4,%o5,%o5
- st %o5,[%o0+8]
- retl
- addx %g0,0,%o0
-
-.type bn_sub_words,#function
-.size bn_sub_words,(.-bn_sub_words)
-
-#define FRAME_SIZE -96
-
-/*
- * Here is register usage map for *all* routines below.
- */
-#define t_1 %o0
-#define t_2 %o1
-#define c_1 %o2
-#define c_2 %o3
-#define c_3 %o4
-
-#define ap(I) [%i1+4*I]
-#define bp(I) [%i2+4*I]
-#define rp(I) [%i0+4*I]
-
-#define a_0 %l0
-#define a_1 %l1
-#define a_2 %l2
-#define a_3 %l3
-#define a_4 %l4
-#define a_5 %l5
-#define a_6 %l6
-#define a_7 %l7
-
-#define b_0 %i3
-#define b_1 %i4
-#define b_2 %i5
-#define b_3 %o5
-#define b_4 %g1
-#define b_5 %g2
-#define b_6 %g3
-#define b_7 %g4
-
-.align 32
-.global bn_mul_comba8
-/*
- * void bn_mul_comba8(r,a,b)
- * BN_ULONG *r,*a,*b;
- */
-bn_mul_comba8:
- save %sp,FRAME_SIZE,%sp
- ld ap(0),a_0
- ld bp(0),b_0
- umul a_0,b_0,c_1 !=!mul_add_c(a[0],b[0],c1,c2,c3);
- ld bp(1),b_1
- rd %y,c_2
- st c_1,rp(0) !r[0]=c1;
-
- umul a_0,b_1,t_1 !=!mul_add_c(a[0],b[1],c2,c3,c1);
- ld ap(1),a_1
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc %g0,t_2,c_3 !=
- addx %g0,%g0,c_1
- ld ap(2),a_2
- umul a_1,b_0,t_1 !mul_add_c(a[1],b[0],c2,c3,c1);
- addcc c_2,t_1,c_2 !=
- rd %y,t_2
- addxcc c_3,t_2,c_3
- st c_2,rp(1) !r[1]=c2;
- addx c_1,%g0,c_1 !=
-
- umul a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1 !=
- addx %g0,%g0,c_2
- ld bp(2),b_2
- umul a_1,b_1,t_1 !mul_add_c(a[1],b[1],c3,c1,c2);
- addcc c_3,t_1,c_3 !=
- rd %y,t_2
- addxcc c_1,t_2,c_1
- ld bp(3),b_3
- addx c_2,%g0,c_2 !=
- umul a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1 !=
- addx c_2,%g0,c_2
- st c_3,rp(2) !r[2]=c3;
-
- umul a_0,b_3,t_1 !mul_add_c(a[0],b[3],c1,c2,c3);
- addcc c_1,t_1,c_1 !=
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx %g0,%g0,c_3
- umul a_1,b_2,t_1 !=!mul_add_c(a[1],b[2],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- ld ap(3),a_3
- umul a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2 !=
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3
- ld ap(4),a_4
- umul a_3,b_0,t_1 !mul_add_c(a[3],b[0],c1,c2,c3);!=
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- st c_1,rp(3) !r[3]=c1;
-
- umul a_4,b_0,t_1 !mul_add_c(a[4],b[0],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx %g0,%g0,c_1
- umul a_3,b_1,t_1 !mul_add_c(a[3],b[1],c2,c3,c1);
- addcc c_2,t_1,c_2 !=
- rd %y,t_2
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- umul a_2,b_2,t_1 !=!mul_add_c(a[2],b[2],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1 !=
- ld bp(4),b_4
- umul a_1,b_3,t_1 !mul_add_c(a[1],b[3],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- ld bp(5),b_5
- umul a_0,b_4,t_1 !=!mul_add_c(a[0],b[4],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1 !=
- st c_2,rp(4) !r[4]=c2;
-
- umul a_0,b_5,t_1 !mul_add_c(a[0],b[5],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2 !=
- addxcc c_1,t_2,c_1
- addx %g0,%g0,c_2
- umul a_1,b_4,t_1 !mul_add_c(a[1],b[4],c3,c1,c2);
- addcc c_3,t_1,c_3 !=
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- umul a_2,b_3,t_1 !=!mul_add_c(a[2],b[3],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2 !=
- umul a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1 !=
- addx c_2,%g0,c_2
- ld ap(5),a_5
- umul a_4,b_1,t_1 !mul_add_c(a[4],b[1],c3,c1,c2);
- addcc c_3,t_1,c_3 !=
- rd %y,t_2
- addxcc c_1,t_2,c_1
- ld ap(6),a_6
- addx c_2,%g0,c_2 !=
- umul a_5,b_0,t_1 !mul_add_c(a[5],b[0],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1 !=
- addx c_2,%g0,c_2
- st c_3,rp(5) !r[5]=c3;
-
- umul a_6,b_0,t_1 !mul_add_c(a[6],b[0],c1,c2,c3);
- addcc c_1,t_1,c_1 !=
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx %g0,%g0,c_3
- umul a_5,b_1,t_1 !=!mul_add_c(a[5],b[1],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- umul a_4,b_2,t_1 !mul_add_c(a[4],b[2],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx c_3,%g0,c_3
- umul a_3,b_3,t_1 !mul_add_c(a[3],b[3],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2 !=
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3
- umul a_2,b_4,t_1 !mul_add_c(a[2],b[4],c1,c2,c3);
- addcc c_1,t_1,c_1 !=
- rd %y,t_2
- addxcc c_2,t_2,c_2
- ld bp(6),b_6
- addx c_3,%g0,c_3 !=
- umul a_1,b_5,t_1 !mul_add_c(a[1],b[5],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx c_3,%g0,c_3
- ld bp(7),b_7
- umul a_0,b_6,t_1 !mul_add_c(a[0],b[6],c1,c2,c3);
- addcc c_1,t_1,c_1 !=
- rd %y,t_2
- addxcc c_2,t_2,c_2
- st c_1,rp(6) !r[6]=c1;
- addx c_3,%g0,c_3 !=
-
- umul a_0,b_7,t_1 !mul_add_c(a[0],b[7],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc c_3,t_2,c_3 !=
- addx %g0,%g0,c_1
- umul a_1,b_6,t_1 !mul_add_c(a[1],b[6],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- umul a_2,b_5,t_1 !mul_add_c(a[2],b[5],c2,c3,c1);
- addcc c_2,t_1,c_2 !=
- rd %y,t_2
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- umul a_3,b_4,t_1 !=!mul_add_c(a[3],b[4],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1 !=
- umul a_4,b_3,t_1 !mul_add_c(a[4],b[3],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc c_3,t_2,c_3 !=
- addx c_1,%g0,c_1
- umul a_5,b_2,t_1 !mul_add_c(a[5],b[2],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- ld ap(7),a_7
- umul a_6,b_1,t_1 !=!mul_add_c(a[6],b[1],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1 !=
- umul a_7,b_0,t_1 !mul_add_c(a[7],b[0],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc c_3,t_2,c_3 !=
- addx c_1,%g0,c_1
- st c_2,rp(7) !r[7]=c2;
-
- umul a_7,b_1,t_1 !mul_add_c(a[7],b[1],c3,c1,c2);
- addcc c_3,t_1,c_3 !=
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx %g0,%g0,c_2
- umul a_6,b_2,t_1 !=!mul_add_c(a[6],b[2],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2 !=
- umul a_5,b_3,t_1 !mul_add_c(a[5],b[3],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1 !=
- addx c_2,%g0,c_2
- umul a_4,b_4,t_1 !mul_add_c(a[4],b[4],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2 !=
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- umul a_3,b_5,t_1 !mul_add_c(a[3],b[5],c3,c1,c2);
- addcc c_3,t_1,c_3 !=
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- umul a_2,b_6,t_1 !=!mul_add_c(a[2],b[6],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2 !=
- umul a_1,b_7,t_1 !mul_add_c(a[1],b[7],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1 !
- addx c_2,%g0,c_2
- st c_3,rp(8) !r[8]=c3;
-
- umul a_2,b_7,t_1 !mul_add_c(a[2],b[7],c1,c2,c3);
- addcc c_1,t_1,c_1 !=
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx %g0,%g0,c_3
- umul a_3,b_6,t_1 !=!mul_add_c(a[3],b[6],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- umul a_4,b_5,t_1 !mul_add_c(a[4],b[5],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx c_3,%g0,c_3
- umul a_5,b_4,t_1 !mul_add_c(a[5],b[4],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2 !=
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3
- umul a_6,b_3,t_1 !mul_add_c(a[6],b[3],c1,c2,c3);
- addcc c_1,t_1,c_1 !=
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3
- umul a_7,b_2,t_1 !=!mul_add_c(a[7],b[2],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- st c_1,rp(9) !r[9]=c1;
-
- umul a_7,b_3,t_1 !mul_add_c(a[7],b[3],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx %g0,%g0,c_1
- umul a_6,b_4,t_1 !mul_add_c(a[6],b[4],c2,c3,c1);
- addcc c_2,t_1,c_2 !=
- rd %y,t_2
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- umul a_5,b_5,t_1 !=!mul_add_c(a[5],b[5],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1 !=
- umul a_4,b_6,t_1 !mul_add_c(a[4],b[6],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc c_3,t_2,c_3 !=
- addx c_1,%g0,c_1
- umul a_3,b_7,t_1 !mul_add_c(a[3],b[7],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- st c_2,rp(10) !r[10]=c2;
-
- umul a_4,b_7,t_1 !=!mul_add_c(a[4],b[7],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx %g0,%g0,c_2 !=
- umul a_5,b_6,t_1 !mul_add_c(a[5],b[6],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1 !=
- addx c_2,%g0,c_2
- umul a_6,b_5,t_1 !mul_add_c(a[6],b[5],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2 !=
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- umul a_7,b_4,t_1 !mul_add_c(a[7],b[4],c3,c1,c2);
- addcc c_3,t_1,c_3 !=
- rd %y,t_2
- addxcc c_1,t_2,c_1
- st c_3,rp(11) !r[11]=c3;
- addx c_2,%g0,c_2 !=
-
- umul a_7,b_5,t_1 !mul_add_c(a[7],b[5],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx %g0,%g0,c_3
- umul a_6,b_6,t_1 !mul_add_c(a[6],b[6],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2 !=
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3
- umul a_5,b_7,t_1 !mul_add_c(a[5],b[7],c1,c2,c3);
- addcc c_1,t_1,c_1 !=
- rd %y,t_2
- addxcc c_2,t_2,c_2
- st c_1,rp(12) !r[12]=c1;
- addx c_3,%g0,c_3 !=
-
- umul a_6,b_7,t_1 !mul_add_c(a[6],b[7],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc c_3,t_2,c_3 !=
- addx %g0,%g0,c_1
- umul a_7,b_6,t_1 !mul_add_c(a[7],b[6],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- st c_2,rp(13) !r[13]=c2;
-
- umul a_7,b_7,t_1 !=!mul_add_c(a[7],b[7],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1
- nop !=
- st c_3,rp(14) !r[14]=c3;
- st c_1,rp(15) !r[15]=c1;
-
- ret
- restore %g0,%g0,%o0
-
-.type bn_mul_comba8,#function
-.size bn_mul_comba8,(.-bn_mul_comba8)
-
-.align 32
-
-.global bn_mul_comba4
-/*
- * void bn_mul_comba4(r,a,b)
- * BN_ULONG *r,*a,*b;
- */
-bn_mul_comba4:
- save %sp,FRAME_SIZE,%sp
- ld ap(0),a_0
- ld bp(0),b_0
- umul a_0,b_0,c_1 !=!mul_add_c(a[0],b[0],c1,c2,c3);
- ld bp(1),b_1
- rd %y,c_2
- st c_1,rp(0) !r[0]=c1;
-
- umul a_0,b_1,t_1 !=!mul_add_c(a[0],b[1],c2,c3,c1);
- ld ap(1),a_1
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc %g0,t_2,c_3
- addx %g0,%g0,c_1
- ld ap(2),a_2
- umul a_1,b_0,t_1 !=!mul_add_c(a[1],b[0],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1 !=
- st c_2,rp(1) !r[1]=c2;
-
- umul a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2 !=
- addxcc c_1,t_2,c_1
- addx %g0,%g0,c_2
- ld bp(2),b_2
- umul a_1,b_1,t_1 !=!mul_add_c(a[1],b[1],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2 !=
- ld bp(3),b_3
- umul a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2 !=
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- st c_3,rp(2) !r[2]=c3;
-
- umul a_0,b_3,t_1 !=!mul_add_c(a[0],b[3],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx %g0,%g0,c_3 !=
- umul a_1,b_2,t_1 !mul_add_c(a[1],b[2],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx c_3,%g0,c_3
- ld ap(3),a_3
- umul a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3);
- addcc c_1,t_1,c_1 !=
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3
- umul a_3,b_0,t_1 !=!mul_add_c(a[3],b[0],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- st c_1,rp(3) !r[3]=c1;
-
- umul a_3,b_1,t_1 !mul_add_c(a[3],b[1],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx %g0,%g0,c_1
- umul a_2,b_2,t_1 !mul_add_c(a[2],b[2],c2,c3,c1);
- addcc c_2,t_1,c_2 !=
- rd %y,t_2
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- umul a_1,b_3,t_1 !=!mul_add_c(a[1],b[3],c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1 !=
- st c_2,rp(4) !r[4]=c2;
-
- umul a_2,b_3,t_1 !mul_add_c(a[2],b[3],c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2 !=
- addxcc c_1,t_2,c_1
- addx %g0,%g0,c_2
- umul a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2);
- addcc c_3,t_1,c_3 !=
- rd %y,t_2
- addxcc c_1,t_2,c_1
- st c_3,rp(5) !r[5]=c3;
- addx c_2,%g0,c_2 !=
-
- umul a_3,b_3,t_1 !mul_add_c(a[3],b[3],c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- st c_1,rp(6) !r[6]=c1;
- st c_2,rp(7) !r[7]=c2;
-
- ret
- restore %g0,%g0,%o0
-
-.type bn_mul_comba4,#function
-.size bn_mul_comba4,(.-bn_mul_comba4)
-
-.align 32
-
-.global bn_sqr_comba8
-bn_sqr_comba8:
- save %sp,FRAME_SIZE,%sp
- ld ap(0),a_0
- ld ap(1),a_1
- umul a_0,a_0,c_1 !=!sqr_add_c(a,0,c1,c2,c3);
- rd %y,c_2
- st c_1,rp(0) !r[0]=c1;
-
- ld ap(2),a_2
- umul a_0,a_1,t_1 !=!sqr_add_c2(a,1,0,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc %g0,t_2,c_3
- addx %g0,%g0,c_1 !=
- addcc c_2,t_1,c_2
- addxcc c_3,t_2,c_3
- st c_2,rp(1) !r[1]=c2;
- addx c_1,%g0,c_1 !=
-
- umul a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1 !=
- addx %g0,%g0,c_2
- addcc c_3,t_1,c_3
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2 !=
- ld ap(3),a_3
- umul a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2 !=
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- st c_3,rp(2) !r[2]=c3;
-
- umul a_0,a_3,t_1 !=!sqr_add_c2(a,3,0,c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx %g0,%g0,c_3 !=
- addcc c_1,t_1,c_1
- addxcc c_2,t_2,c_2
- ld ap(4),a_4
- addx c_3,%g0,c_3 !=
- umul a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx c_3,%g0,c_3
- addcc c_1,t_1,c_1
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- st c_1,rp(3) !r[3]=c1;
-
- umul a_4,a_0,t_1 !sqr_add_c2(a,4,0,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx %g0,%g0,c_1
- addcc c_2,t_1,c_2
- addxcc c_3,t_2,c_3 !=
- addx c_1,%g0,c_1
- umul a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- addcc c_2,t_1,c_2
- addxcc c_3,t_2,c_3 !=
- addx c_1,%g0,c_1
- ld ap(5),a_5
- umul a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1);
- addcc c_2,t_1,c_2 !=
- rd %y,t_2
- addxcc c_3,t_2,c_3
- st c_2,rp(4) !r[4]=c2;
- addx c_1,%g0,c_1 !=
-
- umul a_0,a_5,t_1 !sqr_add_c2(a,5,0,c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1 !=
- addx %g0,%g0,c_2
- addcc c_3,t_1,c_3
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2 !=
- umul a_1,a_4,t_1 !sqr_add_c2(a,4,1,c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1 !=
- addx c_2,%g0,c_2
- addcc c_3,t_1,c_3
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2 !=
- ld ap(6),a_6
- umul a_2,a_3,t_1 !sqr_add_c2(a,3,2,c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2 !=
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- addcc c_3,t_1,c_3
- addxcc c_1,t_2,c_1 !=
- addx c_2,%g0,c_2
- st c_3,rp(5) !r[5]=c3;
-
- umul a_6,a_0,t_1 !sqr_add_c2(a,6,0,c1,c2,c3);
- addcc c_1,t_1,c_1 !=
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx %g0,%g0,c_3
- addcc c_1,t_1,c_1 !=
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3
- umul a_5,a_1,t_1 !sqr_add_c2(a,5,1,c1,c2,c3);
- addcc c_1,t_1,c_1 !=
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3
- addcc c_1,t_1,c_1 !=
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3
- umul a_4,a_2,t_1 !sqr_add_c2(a,4,2,c1,c2,c3);
- addcc c_1,t_1,c_1 !=
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3
- addcc c_1,t_1,c_1 !=
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3
- ld ap(7),a_7
- umul a_3,a_3,t_1 !=!sqr_add_c(a,3,c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- st c_1,rp(6) !r[6]=c1;
-
- umul a_0,a_7,t_1 !sqr_add_c2(a,7,0,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx %g0,%g0,c_1
- addcc c_2,t_1,c_2
- addxcc c_3,t_2,c_3 !=
- addx c_1,%g0,c_1
- umul a_1,a_6,t_1 !sqr_add_c2(a,6,1,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- addcc c_2,t_1,c_2
- addxcc c_3,t_2,c_3 !=
- addx c_1,%g0,c_1
- umul a_2,a_5,t_1 !sqr_add_c2(a,5,2,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- addcc c_2,t_1,c_2
- addxcc c_3,t_2,c_3 !=
- addx c_1,%g0,c_1
- umul a_3,a_4,t_1 !sqr_add_c2(a,4,3,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- addcc c_2,t_1,c_2
- addxcc c_3,t_2,c_3 !=
- addx c_1,%g0,c_1
- st c_2,rp(7) !r[7]=c2;
-
- umul a_7,a_1,t_1 !sqr_add_c2(a,7,1,c3,c1,c2);
- addcc c_3,t_1,c_3 !=
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx %g0,%g0,c_2
- addcc c_3,t_1,c_3 !=
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- umul a_6,a_2,t_1 !sqr_add_c2(a,6,2,c3,c1,c2);
- addcc c_3,t_1,c_3 !=
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- addcc c_3,t_1,c_3 !=
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- umul a_5,a_3,t_1 !sqr_add_c2(a,5,3,c3,c1,c2);
- addcc c_3,t_1,c_3 !=
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- addcc c_3,t_1,c_3 !=
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- umul a_4,a_4,t_1 !sqr_add_c(a,4,c3,c1,c2);
- addcc c_3,t_1,c_3 !=
- rd %y,t_2
- addxcc c_1,t_2,c_1
- st c_3,rp(8) !r[8]=c3;
- addx c_2,%g0,c_2 !=
-
- umul a_2,a_7,t_1 !sqr_add_c2(a,7,2,c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx %g0,%g0,c_3
- addcc c_1,t_1,c_1
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- umul a_3,a_6,t_1 !sqr_add_c2(a,6,3,c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx c_3,%g0,c_3
- addcc c_1,t_1,c_1
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- umul a_4,a_5,t_1 !sqr_add_c2(a,5,4,c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx c_3,%g0,c_3
- addcc c_1,t_1,c_1
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- st c_1,rp(9) !r[9]=c1;
-
- umul a_7,a_3,t_1 !sqr_add_c2(a,7,3,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx %g0,%g0,c_1
- addcc c_2,t_1,c_2
- addxcc c_3,t_2,c_3 !=
- addx c_1,%g0,c_1
- umul a_6,a_4,t_1 !sqr_add_c2(a,6,4,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- addcc c_2,t_1,c_2
- addxcc c_3,t_2,c_3 !=
- addx c_1,%g0,c_1
- umul a_5,a_5,t_1 !sqr_add_c(a,5,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- st c_2,rp(10) !r[10]=c2;
-
- umul a_4,a_7,t_1 !=!sqr_add_c2(a,7,4,c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx %g0,%g0,c_2 !=
- addcc c_3,t_1,c_3
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2
- umul a_5,a_6,t_1 !=!sqr_add_c2(a,6,5,c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx c_2,%g0,c_2 !=
- addcc c_3,t_1,c_3
- addxcc c_1,t_2,c_1
- st c_3,rp(11) !r[11]=c3;
- addx c_2,%g0,c_2 !=
-
- umul a_7,a_5,t_1 !sqr_add_c2(a,7,5,c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx %g0,%g0,c_3
- addcc c_1,t_1,c_1
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- umul a_6,a_6,t_1 !sqr_add_c(a,6,c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx c_3,%g0,c_3
- st c_1,rp(12) !r[12]=c1;
-
- umul a_6,a_7,t_1 !sqr_add_c2(a,7,6,c2,c3,c1);
- addcc c_2,t_1,c_2 !=
- rd %y,t_2
- addxcc c_3,t_2,c_3
- addx %g0,%g0,c_1
- addcc c_2,t_1,c_2 !=
- addxcc c_3,t_2,c_3
- st c_2,rp(13) !r[13]=c2;
- addx c_1,%g0,c_1 !=
-
- umul a_7,a_7,t_1 !sqr_add_c(a,7,c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1 !=
- st c_3,rp(14) !r[14]=c3;
- st c_1,rp(15) !r[15]=c1;
-
- ret
- restore %g0,%g0,%o0
-
-.type bn_sqr_comba8,#function
-.size bn_sqr_comba8,(.-bn_sqr_comba8)
-
-.align 32
-
-.global bn_sqr_comba4
-/*
- * void bn_sqr_comba4(r,a)
- * BN_ULONG *r,*a;
- */
-bn_sqr_comba4:
- save %sp,FRAME_SIZE,%sp
- ld ap(0),a_0
- umul a_0,a_0,c_1 !sqr_add_c(a,0,c1,c2,c3);
- ld ap(1),a_1 !=
- rd %y,c_2
- st c_1,rp(0) !r[0]=c1;
-
- ld ap(2),a_2
- umul a_0,a_1,t_1 !=!sqr_add_c2(a,1,0,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2
- addxcc %g0,t_2,c_3
- addx %g0,%g0,c_1 !=
- addcc c_2,t_1,c_2
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1 !=
- st c_2,rp(1) !r[1]=c2;
-
- umul a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2 !=
- addxcc c_1,t_2,c_1
- addx %g0,%g0,c_2
- addcc c_3,t_1,c_3
- addxcc c_1,t_2,c_1 !=
- addx c_2,%g0,c_2
- ld ap(3),a_3
- umul a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2);
- addcc c_3,t_1,c_3 !=
- rd %y,t_2
- addxcc c_1,t_2,c_1
- st c_3,rp(2) !r[2]=c3;
- addx c_2,%g0,c_2 !=
-
- umul a_0,a_3,t_1 !sqr_add_c2(a,3,0,c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx %g0,%g0,c_3
- addcc c_1,t_1,c_1
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- umul a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- addx c_3,%g0,c_3
- addcc c_1,t_1,c_1
- addxcc c_2,t_2,c_2
- addx c_3,%g0,c_3 !=
- st c_1,rp(3) !r[3]=c1;
-
- umul a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx %g0,%g0,c_1
- addcc c_2,t_1,c_2
- addxcc c_3,t_2,c_3 !=
- addx c_1,%g0,c_1
- umul a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1);
- addcc c_2,t_1,c_2
- rd %y,t_2 !=
- addxcc c_3,t_2,c_3
- addx c_1,%g0,c_1
- st c_2,rp(4) !r[4]=c2;
-
- umul a_2,a_3,t_1 !=!sqr_add_c2(a,3,2,c3,c1,c2);
- addcc c_3,t_1,c_3
- rd %y,t_2
- addxcc c_1,t_2,c_1
- addx %g0,%g0,c_2 !=
- addcc c_3,t_1,c_3
- addxcc c_1,t_2,c_1
- st c_3,rp(5) !r[5]=c3;
- addx c_2,%g0,c_2 !=
-
- umul a_3,a_3,t_1 !sqr_add_c(a,3,c1,c2,c3);
- addcc c_1,t_1,c_1
- rd %y,t_2
- addxcc c_2,t_2,c_2 !=
- st c_1,rp(6) !r[6]=c1;
- st c_2,rp(7) !r[7]=c2;
-
- ret
- restore %g0,%g0,%o0
-
-.type bn_sqr_comba4,#function
-.size bn_sqr_comba4,(.-bn_sqr_comba4)
-
-.align 32
diff --git a/src/lib/libcrypto/bn/asm/sparcv8plus.S b/src/lib/libcrypto/bn/asm/sparcv8plus.S
deleted file mode 100644
index 0074dfdb75..0000000000
--- a/src/lib/libcrypto/bn/asm/sparcv8plus.S
+++ /dev/null
@@ -1,1535 +0,0 @@
-.ident "sparcv8plus.s, Version 1.4"
-.ident "SPARC v9 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-
-/*
- * ====================================================================
- * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
- * ====================================================================
- */
-
-/*
- * This is my modest contributon to OpenSSL project (see
- * http://www.openssl.org/ for more information about it) and is
- * a drop-in UltraSPARC ISA replacement for crypto/bn/bn_asm.c
- * module. For updates see http://fy.chalmers.se/~appro/hpe/.
- *
- * Questions-n-answers.
- *
- * Q. How to compile?
- * A. With SC4.x/SC5.x:
- *
- * cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o
- *
- * and with gcc:
- *
- * gcc -mcpu=ultrasparc -c bn_asm.sparc.v8plus.S -o bn_asm.o
- *
- * or if above fails (it does if you have gas installed):
- *
- * gcc -E bn_asm.sparc.v8plus.S | as -xarch=v8plus /dev/fd/0 -o bn_asm.o
- *
- * Quick-n-dirty way to fuse the module into the library.
- * Provided that the library is already configured and built
- * (in 0.9.2 case with no-asm option):
- *
- * # cd crypto/bn
- * # cp /some/place/bn_asm.sparc.v8plus.S .
- * # cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o
- * # make
- * # cd ../..
- * # make; make test
- *
- * Quick-n-dirty way to get rid of it:
- *
- * # cd crypto/bn
- * # touch bn_asm.c
- * # make
- * # cd ../..
- * # make; make test
- *
- * Q. V8plus achitecture? What kind of beast is that?
- * A. Well, it's rather a programming model than an architecture...
- * It's actually v9-compliant, i.e. *any* UltraSPARC, CPU under
- * special conditions, namely when kernel doesn't preserve upper
- * 32 bits of otherwise 64-bit registers during a context switch.
- *
- * Q. Why just UltraSPARC? What about SuperSPARC?
- * A. Original release did target UltraSPARC only. Now SuperSPARC
- * version is provided along. Both version share bn_*comba[48]
- * implementations (see comment later in code for explanation).
- * But what's so special about this UltraSPARC implementation?
- * Why didn't I let compiler do the job? Trouble is that most of
- * available compilers (well, SC5.0 is the only exception) don't
- * attempt to take advantage of UltraSPARC's 64-bitness under
- * 32-bit kernels even though it's perfectly possible (see next
- * question).
- *
- * Q. 64-bit registers under 32-bit kernels? Didn't you just say it
- * doesn't work?
- * A. You can't adress *all* registers as 64-bit wide:-( The catch is
- * that you actually may rely upon %o0-%o5 and %g1-%g4 being fully
- * preserved if you're in a leaf function, i.e. such never calling
- * any other functions. All functions in this module are leaf and
- * 10 registers is a handful. And as a matter of fact none-"comba"
- * routines don't require even that much and I could even afford to
- * not allocate own stack frame for 'em:-)
- *
- * Q. What about 64-bit kernels?
- * A. What about 'em? Just kidding:-) Pure 64-bit version is currently
- * under evaluation and development...
- *
- * Q. What about shared libraries?
- * A. What about 'em? Kidding again:-) Code does *not* contain any
- * code position dependencies and it's safe to include it into
- * shared library as is.
- *
- * Q. How much faster does it go?
- * A. Do you have a good benchmark? In either case below is what I
- * experience with crypto/bn/expspeed.c test program:
- *
- * v8plus module on U10/300MHz against bn_asm.c compiled with:
- *
- * cc-5.0 -xarch=v8plus -xO5 -xdepend +7-12%
- * cc-4.2 -xarch=v8plus -xO5 -xdepend +25-35%
- * egcs-1.1.2 -mcpu=ultrasparc -O3 +35-45%
- *
- * v8 module on SS10/60MHz against bn_asm.c compiled with:
- *
- * cc-5.0 -xarch=v8 -xO5 -xdepend +7-10%
- * cc-4.2 -xarch=v8 -xO5 -xdepend +10%
- * egcs-1.1.2 -mv8 -O3 +35-45%
- *
- * As you can see it's damn hard to beat the new Sun C compiler
- * and it's in first place GNU C users who will appreciate this
- * assembler implementation:-)
- */
-
-/*
- * Revision history.
- *
- * 1.0 - initial release;
- * 1.1 - new loop unrolling model(*);
- * - some more fine tuning;
- * 1.2 - made gas friendly;
- * - updates to documentation concerning v9;
- * - new performance comparison matrix;
- * 1.3 - fixed problem with /usr/ccs/lib/cpp;
- * 1.4 - native V9 bn_*_comba[48] implementation (15% more efficient)
- * resulting in slight overall performance kick;
- * - some retunes;
- * - support for GNU as added;
- *
- * (*) Originally unrolled loop looked like this:
- * for (;;) {
- * op(p+0); if (--n==0) break;
- * op(p+1); if (--n==0) break;
- * op(p+2); if (--n==0) break;
- * op(p+3); if (--n==0) break;
- * p+=4;
- * }
- * I unroll according to following:
- * while (n&~3) {
- * op(p+0); op(p+1); op(p+2); op(p+3);
- * p+=4; n=-4;
- * }
- * if (n) {
- * op(p+0); if (--n==0) return;
- * op(p+2); if (--n==0) return;
- * op(p+3); return;
- * }
- */
-
-/*
- * GNU assembler can't stand stuw:-(
- */
-#define stuw st
-
-.section ".text",#alloc,#execinstr
-.file "bn_asm.sparc.v8plus.S"
-
-.align 32
-
-.global bn_mul_add_words
-/*
- * BN_ULONG bn_mul_add_words(rp,ap,num,w)
- * BN_ULONG *rp,*ap;
- * int num;
- * BN_ULONG w;
- */
-bn_mul_add_words:
- brgz,a %o2,.L_bn_mul_add_words_proceed
- lduw [%o1],%g2
- retl
- clr %o0
-
-.L_bn_mul_add_words_proceed:
- srl %o3,%g0,%o3 ! clruw %o3
- andcc %o2,-4,%g0
- bz,pn %icc,.L_bn_mul_add_words_tail
- clr %o5
-
-.L_bn_mul_add_words_loop: ! wow! 32 aligned!
- lduw [%o0],%g1
- lduw [%o1+4],%g3
- mulx %o3,%g2,%g2
- add %g1,%o5,%o4
- nop
- add %o4,%g2,%o4
- stuw %o4,[%o0]
- srlx %o4,32,%o5
-
- lduw [%o0+4],%g1
- lduw [%o1+8],%g2
- mulx %o3,%g3,%g3
- add %g1,%o5,%o4
- dec 4,%o2
- add %o4,%g3,%o4
- stuw %o4,[%o0+4]
- srlx %o4,32,%o5
-
- lduw [%o0+8],%g1
- lduw [%o1+12],%g3
- mulx %o3,%g2,%g2
- add %g1,%o5,%o4
- inc 16,%o1
- add %o4,%g2,%o4
- stuw %o4,[%o0+8]
- srlx %o4,32,%o5
-
- lduw [%o0+12],%g1
- mulx %o3,%g3,%g3
- add %g1,%o5,%o4
- inc 16,%o0
- add %o4,%g3,%o4
- andcc %o2,-4,%g0
- stuw %o4,[%o0-4]
- srlx %o4,32,%o5
- bnz,a,pt %icc,.L_bn_mul_add_words_loop
- lduw [%o1],%g2
-
- brnz,a,pn %o2,.L_bn_mul_add_words_tail
- lduw [%o1],%g2
-.L_bn_mul_add_words_return:
- retl
- mov %o5,%o0
-
-.L_bn_mul_add_words_tail:
- lduw [%o0],%g1
- mulx %o3,%g2,%g2
- add %g1,%o5,%o4
- dec %o2
- add %o4,%g2,%o4
- srlx %o4,32,%o5
- brz,pt %o2,.L_bn_mul_add_words_return
- stuw %o4,[%o0]
-
- lduw [%o1+4],%g2
- lduw [%o0+4],%g1
- mulx %o3,%g2,%g2
- add %g1,%o5,%o4
- dec %o2
- add %o4,%g2,%o4
- srlx %o4,32,%o5
- brz,pt %o2,.L_bn_mul_add_words_return
- stuw %o4,[%o0+4]
-
- lduw [%o1+8],%g2
- lduw [%o0+8],%g1
- mulx %o3,%g2,%g2
- add %g1,%o5,%o4
- add %o4,%g2,%o4
- stuw %o4,[%o0+8]
- retl
- srlx %o4,32,%o0
-
-.type bn_mul_add_words,#function
-.size bn_mul_add_words,(.-bn_mul_add_words)
-
-.align 32
-
-.global bn_mul_words
-/*
- * BN_ULONG bn_mul_words(rp,ap,num,w)
- * BN_ULONG *rp,*ap;
- * int num;
- * BN_ULONG w;
- */
-bn_mul_words:
- brgz,a %o2,.L_bn_mul_words_proceeed
- lduw [%o1],%g2
- retl
- clr %o0
-
-.L_bn_mul_words_proceeed:
- srl %o3,%g0,%o3 ! clruw %o3
- andcc %o2,-4,%g0
- bz,pn %icc,.L_bn_mul_words_tail
- clr %o5
-
-.L_bn_mul_words_loop: ! wow! 32 aligned!
- lduw [%o1+4],%g3
- mulx %o3,%g2,%g2
- add %g2,%o5,%o4
- nop
- stuw %o4,[%o0]
- srlx %o4,32,%o5
-
- lduw [%o1+8],%g2
- mulx %o3,%g3,%g3
- add %g3,%o5,%o4
- dec 4,%o2
- stuw %o4,[%o0+4]
- srlx %o4,32,%o5
-
- lduw [%o1+12],%g3
- mulx %o3,%g2,%g2
- add %g2,%o5,%o4
- inc 16,%o1
- stuw %o4,[%o0+8]
- srlx %o4,32,%o5
-
- mulx %o3,%g3,%g3
- add %g3,%o5,%o4
- inc 16,%o0
- stuw %o4,[%o0-4]
- srlx %o4,32,%o5
- andcc %o2,-4,%g0
- bnz,a,pt %icc,.L_bn_mul_words_loop
- lduw [%o1],%g2
- nop
- nop
-
- brnz,a,pn %o2,.L_bn_mul_words_tail
- lduw [%o1],%g2
-.L_bn_mul_words_return:
- retl
- mov %o5,%o0
-
-.L_bn_mul_words_tail:
- mulx %o3,%g2,%g2
- add %g2,%o5,%o4
- dec %o2
- srlx %o4,32,%o5
- brz,pt %o2,.L_bn_mul_words_return
- stuw %o4,[%o0]
-
- lduw [%o1+4],%g2
- mulx %o3,%g2,%g2
- add %g2,%o5,%o4
- dec %o2
- srlx %o4,32,%o5
- brz,pt %o2,.L_bn_mul_words_return
- stuw %o4,[%o0+4]
-
- lduw [%o1+8],%g2
- mulx %o3,%g2,%g2
- add %g2,%o5,%o4
- stuw %o4,[%o0+8]
- retl
- srlx %o4,32,%o0
-
-.type bn_mul_words,#function
-.size bn_mul_words,(.-bn_mul_words)
-
-.align 32
-.global bn_sqr_words
-/*
- * void bn_sqr_words(r,a,n)
- * BN_ULONG *r,*a;
- * int n;
- */
-bn_sqr_words:
- brgz,a %o2,.L_bn_sqr_words_proceeed
- lduw [%o1],%g2
- retl
- clr %o0
-
-.L_bn_sqr_words_proceeed:
- andcc %o2,-4,%g0
- nop
- bz,pn %icc,.L_bn_sqr_words_tail
- nop
-
-.L_bn_sqr_words_loop: ! wow! 32 aligned!
- lduw [%o1+4],%g3
- mulx %g2,%g2,%o4
- stuw %o4,[%o0]
- srlx %o4,32,%o5
- stuw %o5,[%o0+4]
- nop
-
- lduw [%o1+8],%g2
- mulx %g3,%g3,%o4
- dec 4,%o2
- stuw %o4,[%o0+8]
- srlx %o4,32,%o5
- stuw %o5,[%o0+12]
-
- lduw [%o1+12],%g3
- mulx %g2,%g2,%o4
- srlx %o4,32,%o5
- stuw %o4,[%o0+16]
- inc 16,%o1
- stuw %o5,[%o0+20]
-
- mulx %g3,%g3,%o4
- inc 32,%o0
- stuw %o4,[%o0-8]
- srlx %o4,32,%o5
- andcc %o2,-4,%g2
- stuw %o5,[%o0-4]
- bnz,a,pt %icc,.L_bn_sqr_words_loop
- lduw [%o1],%g2
- nop
-
- brnz,a,pn %o2,.L_bn_sqr_words_tail
- lduw [%o1],%g2
-.L_bn_sqr_words_return:
- retl
- clr %o0
-
-.L_bn_sqr_words_tail:
- mulx %g2,%g2,%o4
- dec %o2
- stuw %o4,[%o0]
- srlx %o4,32,%o5
- brz,pt %o2,.L_bn_sqr_words_return
- stuw %o5,[%o0+4]
-
- lduw [%o1+4],%g2
- mulx %g2,%g2,%o4
- dec %o2
- stuw %o4,[%o0+8]
- srlx %o4,32,%o5
- brz,pt %o2,.L_bn_sqr_words_return
- stuw %o5,[%o0+12]
-
- lduw [%o1+8],%g2
- mulx %g2,%g2,%o4
- srlx %o4,32,%o5
- stuw %o4,[%o0+16]
- stuw %o5,[%o0+20]
- retl
- clr %o0
-
-.type bn_sqr_words,#function
-.size bn_sqr_words,(.-bn_sqr_words)
-
-.align 32
-.global bn_div_words
-/*
- * BN_ULONG bn_div_words(h,l,d)
- * BN_ULONG h,l,d;
- */
-bn_div_words:
- sllx %o0,32,%o0
- or %o0,%o1,%o0
- udivx %o0,%o2,%o0
- retl
- srl %o0,%g0,%o0 ! clruw %o0
-
-.type bn_div_words,#function
-.size bn_div_words,(.-bn_div_words)
-
-.align 32
-
-.global bn_add_words
-/*
- * BN_ULONG bn_add_words(rp,ap,bp,n)
- * BN_ULONG *rp,*ap,*bp;
- * int n;
- */
-bn_add_words:
- brgz,a %o3,.L_bn_add_words_proceed
- lduw [%o1],%o4
- retl
- clr %o0
-
-.L_bn_add_words_proceed:
- andcc %o3,-4,%g0
- bz,pn %icc,.L_bn_add_words_tail
- addcc %g0,0,%g0 ! clear carry flag
- nop
-
-.L_bn_add_words_loop: ! wow! 32 aligned!
- dec 4,%o3
- lduw [%o2],%o5
- lduw [%o1+4],%g1
- lduw [%o2+4],%g2
- lduw [%o1+8],%g3
- lduw [%o2+8],%g4
- addccc %o5,%o4,%o5
- stuw %o5,[%o0]
-
- lduw [%o1+12],%o4
- lduw [%o2+12],%o5
- inc 16,%o1
- addccc %g1,%g2,%g1
- stuw %g1,[%o0+4]
-
- inc 16,%o2
- addccc %g3,%g4,%g3
- stuw %g3,[%o0+8]
-
- inc 16,%o0
- addccc %o5,%o4,%o5
- stuw %o5,[%o0-4]
- and %o3,-4,%g1
- brnz,a,pt %g1,.L_bn_add_words_loop
- lduw [%o1],%o4
-
- brnz,a,pn %o3,.L_bn_add_words_tail
- lduw [%o1],%o4
-.L_bn_add_words_return:
- clr %o0
- retl
- movcs %icc,1,%o0
- nop
-
-.L_bn_add_words_tail:
- lduw [%o2],%o5
- dec %o3
- addccc %o5,%o4,%o5
- brz,pt %o3,.L_bn_add_words_return
- stuw %o5,[%o0]
-
- lduw [%o1+4],%o4
- lduw [%o2+4],%o5
- dec %o3
- addccc %o5,%o4,%o5
- brz,pt %o3,.L_bn_add_words_return
- stuw %o5,[%o0+4]
-
- lduw [%o1+8],%o4
- lduw [%o2+8],%o5
- addccc %o5,%o4,%o5
- stuw %o5,[%o0+8]
- clr %o0
- retl
- movcs %icc,1,%o0
-
-.type bn_add_words,#function
-.size bn_add_words,(.-bn_add_words)
-
-.global bn_sub_words
-/*
- * BN_ULONG bn_sub_words(rp,ap,bp,n)
- * BN_ULONG *rp,*ap,*bp;
- * int n;
- */
-bn_sub_words:
- brgz,a %o3,.L_bn_sub_words_proceed
- lduw [%o1],%o4
- retl
- clr %o0
-
-.L_bn_sub_words_proceed:
- andcc %o3,-4,%g0
- bz,pn %icc,.L_bn_sub_words_tail
- addcc %g0,0,%g0 ! clear carry flag
- nop
-
-.L_bn_sub_words_loop: ! wow! 32 aligned!
- dec 4,%o3
- lduw [%o2],%o5
- lduw [%o1+4],%g1
- lduw [%o2+4],%g2
- lduw [%o1+8],%g3
- lduw [%o2+8],%g4
- subccc %o4,%o5,%o5
- stuw %o5,[%o0]
-
- lduw [%o1+12],%o4
- lduw [%o2+12],%o5
- inc 16,%o1
- subccc %g1,%g2,%g2
- stuw %g2,[%o0+4]
-
- inc 16,%o2
- subccc %g3,%g4,%g4
- stuw %g4,[%o0+8]
-
- inc 16,%o0
- subccc %o4,%o5,%o5
- stuw %o5,[%o0-4]
- and %o3,-4,%g1
- brnz,a,pt %g1,.L_bn_sub_words_loop
- lduw [%o1],%o4
-
- brnz,a,pn %o3,.L_bn_sub_words_tail
- lduw [%o1],%o4
-.L_bn_sub_words_return:
- clr %o0
- retl
- movcs %icc,1,%o0
- nop
-
-.L_bn_sub_words_tail: ! wow! 32 aligned!
- lduw [%o2],%o5
- dec %o3
- subccc %o4,%o5,%o5
- brz,pt %o3,.L_bn_sub_words_return
- stuw %o5,[%o0]
-
- lduw [%o1+4],%o4
- lduw [%o2+4],%o5
- dec %o3
- subccc %o4,%o5,%o5
- brz,pt %o3,.L_bn_sub_words_return
- stuw %o5,[%o0+4]
-
- lduw [%o1+8],%o4
- lduw [%o2+8],%o5
- subccc %o4,%o5,%o5
- stuw %o5,[%o0+8]
- clr %o0
- retl
- movcs %icc,1,%o0
-
-.type bn_sub_words,#function
-.size bn_sub_words,(.-bn_sub_words)
-
-/*
- * Code below depends on the fact that upper parts of the %l0-%l7
- * and %i0-%i7 are zeroed by kernel after context switch. In
- * previous versions this comment stated that "the trouble is that
- * it's not feasible to implement the mumbo-jumbo in less V9
- * instructions:-(" which apparently isn't true thanks to
- * 'bcs,a %xcc,.+8; inc %rd' pair. But the performance improvement
- * results not from the shorter code, but from elimination of
- * multicycle none-pairable 'rd %y,%rd' instructions.
- *
- * Andy.
- */
-
-#define FRAME_SIZE -96
-
-/*
- * Here is register usage map for *all* routines below.
- */
-#define t_1 %o0
-#define t_2 %o1
-#define c_12 %o2
-#define c_3 %o3
-
-#define ap(I) [%i1+4*I]
-#define bp(I) [%i2+4*I]
-#define rp(I) [%i0+4*I]
-
-#define a_0 %l0
-#define a_1 %l1
-#define a_2 %l2
-#define a_3 %l3
-#define a_4 %l4
-#define a_5 %l5
-#define a_6 %l6
-#define a_7 %l7
-
-#define b_0 %i3
-#define b_1 %i4
-#define b_2 %i5
-#define b_3 %o4
-#define b_4 %o5
-#define b_5 %o7
-#define b_6 %g1
-#define b_7 %g4
-
-.align 32
-.global bn_mul_comba8
-/*
- * void bn_mul_comba8(r,a,b)
- * BN_ULONG *r,*a,*b;
- */
-bn_mul_comba8:
- save %sp,FRAME_SIZE,%sp
- mov 1,t_2
- lduw ap(0),a_0
- sllx t_2,32,t_2
- lduw bp(0),b_0 !=
- lduw bp(1),b_1
- mulx a_0,b_0,t_1 !mul_add_c(a[0],b[0],c1,c2,c3);
- srlx t_1,32,c_12
- stuw t_1,rp(0) !=!r[0]=c1;
-
- lduw ap(1),a_1
- mulx a_0,b_1,t_1 !mul_add_c(a[0],b[1],c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3 !=
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw ap(2),a_2
- mulx a_1,b_0,t_1 !=!mul_add_c(a[1],b[0],c2,c3,c1);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12 !=
- stuw t_1,rp(1) !r[1]=c2;
- or c_12,c_3,c_12
-
- mulx a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2);
- addcc c_12,t_1,c_12 !=
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw bp(2),b_2 !=
- mulx a_1,b_1,t_1 !mul_add_c(a[1],b[1],c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3 !=
- lduw bp(3),b_3
- mulx a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(2) !r[2]=c3;
- or c_12,c_3,c_12 !=
-
- mulx a_0,b_3,t_1 !mul_add_c(a[0],b[3],c1,c2,c3);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_1,b_2,t_1 !=!mul_add_c(a[1],b[2],c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- lduw ap(3),a_3
- mulx a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3);
- addcc c_12,t_1,c_12 !=
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw ap(4),a_4
- mulx a_3,b_0,t_1 !=!mul_add_c(a[3],b[0],c1,c2,c3);!=
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12 !=
- stuw t_1,rp(3) !r[3]=c1;
- or c_12,c_3,c_12
-
- mulx a_4,b_0,t_1 !mul_add_c(a[4],b[0],c2,c3,c1);
- addcc c_12,t_1,c_12 !=
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_3,b_1,t_1 !=!mul_add_c(a[3],b[1],c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_2,b_2,t_1 !=!mul_add_c(a[2],b[2],c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw bp(4),b_4 !=
- mulx a_1,b_3,t_1 !mul_add_c(a[1],b[3],c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3 !=
- lduw bp(5),b_5
- mulx a_0,b_4,t_1 !mul_add_c(a[0],b[4],c2,c3,c1);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(4) !r[4]=c2;
- or c_12,c_3,c_12 !=
-
- mulx a_0,b_5,t_1 !mul_add_c(a[0],b[5],c3,c1,c2);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_1,b_4,t_1 !mul_add_c(a[1],b[4],c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_2,b_3,t_1 !mul_add_c(a[2],b[3],c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- lduw ap(5),a_5
- mulx a_4,b_1,t_1 !mul_add_c(a[4],b[1],c3,c1,c2);
- addcc c_12,t_1,c_12 !=
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw ap(6),a_6
- mulx a_5,b_0,t_1 !=!mul_add_c(a[5],b[0],c3,c1,c2);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12 !=
- stuw t_1,rp(5) !r[5]=c3;
- or c_12,c_3,c_12
-
- mulx a_6,b_0,t_1 !mul_add_c(a[6],b[0],c1,c2,c3);
- addcc c_12,t_1,c_12 !=
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_5,b_1,t_1 !=!mul_add_c(a[5],b[1],c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_4,b_2,t_1 !=!mul_add_c(a[4],b[2],c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_3,b_3,t_1 !=!mul_add_c(a[3],b[3],c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_2,b_4,t_1 !=!mul_add_c(a[2],b[4],c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw bp(6),b_6 !=
- mulx a_1,b_5,t_1 !mul_add_c(a[1],b[5],c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3 !=
- lduw bp(7),b_7
- mulx a_0,b_6,t_1 !mul_add_c(a[0],b[6],c1,c2,c3);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(6) !r[6]=c1;
- or c_12,c_3,c_12 !=
-
- mulx a_0,b_7,t_1 !mul_add_c(a[0],b[7],c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_1,b_6,t_1 !mul_add_c(a[1],b[6],c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_2,b_5,t_1 !mul_add_c(a[2],b[5],c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_3,b_4,t_1 !mul_add_c(a[3],b[4],c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_4,b_3,t_1 !mul_add_c(a[4],b[3],c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_5,b_2,t_1 !mul_add_c(a[5],b[2],c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- lduw ap(7),a_7
- mulx a_6,b_1,t_1 !=!mul_add_c(a[6],b[1],c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_7,b_0,t_1 !=!mul_add_c(a[7],b[0],c2,c3,c1);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12 !=
- stuw t_1,rp(7) !r[7]=c2;
- or c_12,c_3,c_12
-
- mulx a_7,b_1,t_1 !=!mul_add_c(a[7],b[1],c3,c1,c2);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3 !=
- mulx a_6,b_2,t_1 !mul_add_c(a[6],b[2],c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3 !=
- mulx a_5,b_3,t_1 !mul_add_c(a[5],b[3],c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3 !=
- mulx a_4,b_4,t_1 !mul_add_c(a[4],b[4],c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3 !=
- mulx a_3,b_5,t_1 !mul_add_c(a[3],b[5],c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3 !=
- mulx a_2,b_6,t_1 !mul_add_c(a[2],b[6],c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3 !=
- mulx a_1,b_7,t_1 !mul_add_c(a[1],b[7],c3,c1,c2);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3 !=
- srlx t_1,32,c_12
- stuw t_1,rp(8) !r[8]=c3;
- or c_12,c_3,c_12
-
- mulx a_2,b_7,t_1 !=!mul_add_c(a[2],b[7],c1,c2,c3);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3 !=
- mulx a_3,b_6,t_1 !mul_add_c(a[3],b[6],c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_4,b_5,t_1 !mul_add_c(a[4],b[5],c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_5,b_4,t_1 !mul_add_c(a[5],b[4],c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_6,b_3,t_1 !mul_add_c(a[6],b[3],c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_7,b_2,t_1 !mul_add_c(a[7],b[2],c1,c2,c3);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(9) !r[9]=c1;
- or c_12,c_3,c_12 !=
-
- mulx a_7,b_3,t_1 !mul_add_c(a[7],b[3],c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_6,b_4,t_1 !mul_add_c(a[6],b[4],c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_5,b_5,t_1 !mul_add_c(a[5],b[5],c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_4,b_6,t_1 !mul_add_c(a[4],b[6],c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_3,b_7,t_1 !mul_add_c(a[3],b[7],c2,c3,c1);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(10) !r[10]=c2;
- or c_12,c_3,c_12 !=
-
- mulx a_4,b_7,t_1 !mul_add_c(a[4],b[7],c3,c1,c2);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_5,b_6,t_1 !mul_add_c(a[5],b[6],c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_6,b_5,t_1 !mul_add_c(a[6],b[5],c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_7,b_4,t_1 !mul_add_c(a[7],b[4],c3,c1,c2);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(11) !r[11]=c3;
- or c_12,c_3,c_12 !=
-
- mulx a_7,b_5,t_1 !mul_add_c(a[7],b[5],c1,c2,c3);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_6,b_6,t_1 !mul_add_c(a[6],b[6],c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_5,b_7,t_1 !mul_add_c(a[5],b[7],c1,c2,c3);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(12) !r[12]=c1;
- or c_12,c_3,c_12 !=
-
- mulx a_6,b_7,t_1 !mul_add_c(a[6],b[7],c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_7,b_6,t_1 !mul_add_c(a[7],b[6],c2,c3,c1);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- st t_1,rp(13) !r[13]=c2;
- or c_12,c_3,c_12 !=
-
- mulx a_7,b_7,t_1 !mul_add_c(a[7],b[7],c3,c1,c2);
- addcc c_12,t_1,t_1
- srlx t_1,32,c_12 !=
- stuw t_1,rp(14) !r[14]=c3;
- stuw c_12,rp(15) !r[15]=c1;
-
- ret
- restore %g0,%g0,%o0 !=
-
-.type bn_mul_comba8,#function
-.size bn_mul_comba8,(.-bn_mul_comba8)
-
-.align 32
-
-.global bn_mul_comba4
-/*
- * void bn_mul_comba4(r,a,b)
- * BN_ULONG *r,*a,*b;
- */
-bn_mul_comba4:
- save %sp,FRAME_SIZE,%sp
- lduw ap(0),a_0
- mov 1,t_2
- lduw bp(0),b_0
- sllx t_2,32,t_2 !=
- lduw bp(1),b_1
- mulx a_0,b_0,t_1 !mul_add_c(a[0],b[0],c1,c2,c3);
- srlx t_1,32,c_12
- stuw t_1,rp(0) !=!r[0]=c1;
-
- lduw ap(1),a_1
- mulx a_0,b_1,t_1 !mul_add_c(a[0],b[1],c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3 !=
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw ap(2),a_2
- mulx a_1,b_0,t_1 !=!mul_add_c(a[1],b[0],c2,c3,c1);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12 !=
- stuw t_1,rp(1) !r[1]=c2;
- or c_12,c_3,c_12
-
- mulx a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2);
- addcc c_12,t_1,c_12 !=
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw bp(2),b_2 !=
- mulx a_1,b_1,t_1 !mul_add_c(a[1],b[1],c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3 !=
- lduw bp(3),b_3
- mulx a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(2) !r[2]=c3;
- or c_12,c_3,c_12 !=
-
- mulx a_0,b_3,t_1 !mul_add_c(a[0],b[3],c1,c2,c3);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- mulx a_1,b_2,t_1 !mul_add_c(a[1],b[2],c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8 !=
- add c_3,t_2,c_3
- lduw ap(3),a_3
- mulx a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3);
- addcc c_12,t_1,c_12 !=
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_3,b_0,t_1 !mul_add_c(a[3],b[0],c1,c2,c3);!=
- addcc c_12,t_1,t_1 !=
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(3) !=!r[3]=c1;
- or c_12,c_3,c_12
-
- mulx a_3,b_1,t_1 !mul_add_c(a[3],b[1],c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3 !=
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_2,b_2,t_1 !mul_add_c(a[2],b[2],c2,c3,c1);
- addcc c_12,t_1,c_12 !=
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_1,b_3,t_1 !mul_add_c(a[1],b[3],c2,c3,c1);
- addcc c_12,t_1,t_1 !=
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(4) !=!r[4]=c2;
- or c_12,c_3,c_12
-
- mulx a_2,b_3,t_1 !mul_add_c(a[2],b[3],c3,c1,c2);
- addcc c_12,t_1,c_12
- clr c_3 !=
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2);
- addcc c_12,t_1,t_1 !=
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(5) !=!r[5]=c3;
- or c_12,c_3,c_12
-
- mulx a_3,b_3,t_1 !mul_add_c(a[3],b[3],c1,c2,c3);
- addcc c_12,t_1,t_1
- srlx t_1,32,c_12 !=
- stuw t_1,rp(6) !r[6]=c1;
- stuw c_12,rp(7) !r[7]=c2;
-
- ret
- restore %g0,%g0,%o0
-
-.type bn_mul_comba4,#function
-.size bn_mul_comba4,(.-bn_mul_comba4)
-
-.align 32
-
-.global bn_sqr_comba8
-bn_sqr_comba8:
- save %sp,FRAME_SIZE,%sp
- mov 1,t_2
- lduw ap(0),a_0
- sllx t_2,32,t_2
- lduw ap(1),a_1
- mulx a_0,a_0,t_1 !sqr_add_c(a,0,c1,c2,c3);
- srlx t_1,32,c_12
- stuw t_1,rp(0) !r[0]=c1;
-
- lduw ap(2),a_2
- mulx a_0,a_1,t_1 !=!sqr_add_c2(a,1,0,c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(1) !r[1]=c2;
- or c_12,c_3,c_12
-
- mulx a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw ap(3),a_3
- mulx a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(2) !r[2]=c3;
- or c_12,c_3,c_12
-
- mulx a_0,a_3,t_1 !sqr_add_c2(a,3,0,c1,c2,c3);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw ap(4),a_4
- mulx a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- st t_1,rp(3) !r[3]=c1;
- or c_12,c_3,c_12
-
- mulx a_4,a_0,t_1 !sqr_add_c2(a,4,0,c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw ap(5),a_5
- mulx a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(4) !r[4]=c2;
- or c_12,c_3,c_12
-
- mulx a_0,a_5,t_1 !sqr_add_c2(a,5,0,c3,c1,c2);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_1,a_4,t_1 !sqr_add_c2(a,4,1,c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw ap(6),a_6
- mulx a_2,a_3,t_1 !sqr_add_c2(a,3,2,c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(5) !r[5]=c3;
- or c_12,c_3,c_12
-
- mulx a_6,a_0,t_1 !sqr_add_c2(a,6,0,c1,c2,c3);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_5,a_1,t_1 !sqr_add_c2(a,5,1,c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_4,a_2,t_1 !sqr_add_c2(a,4,2,c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw ap(7),a_7
- mulx a_3,a_3,t_1 !=!sqr_add_c(a,3,c1,c2,c3);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(6) !r[6]=c1;
- or c_12,c_3,c_12
-
- mulx a_0,a_7,t_1 !sqr_add_c2(a,7,0,c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_1,a_6,t_1 !sqr_add_c2(a,6,1,c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_2,a_5,t_1 !sqr_add_c2(a,5,2,c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_3,a_4,t_1 !sqr_add_c2(a,4,3,c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(7) !r[7]=c2;
- or c_12,c_3,c_12
-
- mulx a_7,a_1,t_1 !sqr_add_c2(a,7,1,c3,c1,c2);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_6,a_2,t_1 !sqr_add_c2(a,6,2,c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_5,a_3,t_1 !sqr_add_c2(a,5,3,c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_4,a_4,t_1 !sqr_add_c(a,4,c3,c1,c2);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(8) !r[8]=c3;
- or c_12,c_3,c_12
-
- mulx a_2,a_7,t_1 !sqr_add_c2(a,7,2,c1,c2,c3);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_3,a_6,t_1 !sqr_add_c2(a,6,3,c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_4,a_5,t_1 !sqr_add_c2(a,5,4,c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(9) !r[9]=c1;
- or c_12,c_3,c_12
-
- mulx a_7,a_3,t_1 !sqr_add_c2(a,7,3,c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_6,a_4,t_1 !sqr_add_c2(a,6,4,c2,c3,c1);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_5,a_5,t_1 !sqr_add_c(a,5,c2,c3,c1);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(10) !r[10]=c2;
- or c_12,c_3,c_12
-
- mulx a_4,a_7,t_1 !sqr_add_c2(a,7,4,c3,c1,c2);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_5,a_6,t_1 !sqr_add_c2(a,6,5,c3,c1,c2);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(11) !r[11]=c3;
- or c_12,c_3,c_12
-
- mulx a_7,a_5,t_1 !sqr_add_c2(a,7,5,c1,c2,c3);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_6,a_6,t_1 !sqr_add_c(a,6,c1,c2,c3);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(12) !r[12]=c1;
- or c_12,c_3,c_12
-
- mulx a_6,a_7,t_1 !sqr_add_c2(a,7,6,c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(13) !r[13]=c2;
- or c_12,c_3,c_12
-
- mulx a_7,a_7,t_1 !sqr_add_c(a,7,c3,c1,c2);
- addcc c_12,t_1,t_1
- srlx t_1,32,c_12
- stuw t_1,rp(14) !r[14]=c3;
- stuw c_12,rp(15) !r[15]=c1;
-
- ret
- restore %g0,%g0,%o0
-
-.type bn_sqr_comba8,#function
-.size bn_sqr_comba8,(.-bn_sqr_comba8)
-
-.align 32
-
-.global bn_sqr_comba4
-/*
- * void bn_sqr_comba4(r,a)
- * BN_ULONG *r,*a;
- */
-bn_sqr_comba4:
- save %sp,FRAME_SIZE,%sp
- mov 1,t_2
- lduw ap(0),a_0
- sllx t_2,32,t_2
- lduw ap(1),a_1
- mulx a_0,a_0,t_1 !sqr_add_c(a,0,c1,c2,c3);
- srlx t_1,32,c_12
- stuw t_1,rp(0) !r[0]=c1;
-
- lduw ap(2),a_2
- mulx a_0,a_1,t_1 !sqr_add_c2(a,1,0,c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(1) !r[1]=c2;
- or c_12,c_3,c_12
-
- mulx a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- lduw ap(3),a_3
- mulx a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(2) !r[2]=c3;
- or c_12,c_3,c_12
-
- mulx a_0,a_3,t_1 !sqr_add_c2(a,3,0,c1,c2,c3);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3);
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(3) !r[3]=c1;
- or c_12,c_3,c_12
-
- mulx a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,c_12
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- mulx a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1);
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(4) !r[4]=c2;
- or c_12,c_3,c_12
-
- mulx a_2,a_3,t_1 !sqr_add_c2(a,3,2,c3,c1,c2);
- addcc c_12,t_1,c_12
- clr c_3
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- addcc c_12,t_1,t_1
- bcs,a %xcc,.+8
- add c_3,t_2,c_3
- srlx t_1,32,c_12
- stuw t_1,rp(5) !r[5]=c3;
- or c_12,c_3,c_12
-
- mulx a_3,a_3,t_1 !sqr_add_c(a,3,c1,c2,c3);
- addcc c_12,t_1,t_1
- srlx t_1,32,c_12
- stuw t_1,rp(6) !r[6]=c1;
- stuw c_12,rp(7) !r[7]=c2;
-
- ret
- restore %g0,%g0,%o0
-
-.type bn_sqr_comba4,#function
-.size bn_sqr_comba4,(.-bn_sqr_comba4)
-
-.align 32
diff --git a/src/lib/libcrypto/bn/asm/x86.pl b/src/lib/libcrypto/bn/asm/x86.pl
deleted file mode 100644
index 1bc4f1bb27..0000000000
--- a/src/lib/libcrypto/bn/asm/x86.pl
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/usr/local/bin/perl
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-require("x86/mul_add.pl");
-require("x86/mul.pl");
-require("x86/sqr.pl");
-require("x86/div.pl");
-require("x86/add.pl");
-require("x86/sub.pl");
-require("x86/comba.pl");
-
-&asm_init($ARGV[0],$0);
-
-&bn_mul_add_words("bn_mul_add_words");
-&bn_mul_words("bn_mul_words");
-&bn_sqr_words("bn_sqr_words");
-&bn_div_words("bn_div_words");
-&bn_add_words("bn_add_words");
-&bn_sub_words("bn_sub_words");
-&bn_mul_comba("bn_mul_comba8",8);
-&bn_mul_comba("bn_mul_comba4",4);
-&bn_sqr_comba("bn_sqr_comba8",8);
-&bn_sqr_comba("bn_sqr_comba4",4);
-
-&asm_finish();
-
diff --git a/src/lib/libcrypto/bn/asm/x86/add.pl b/src/lib/libcrypto/bn/asm/x86/add.pl
deleted file mode 100644
index 0b5cf583e3..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/add.pl
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_add_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $a="esi";
- $b="edi";
- $c="eax";
- $r="ebx";
- $tmp1="ecx";
- $tmp2="edx";
- $num="ebp";
-
- &mov($r,&wparam(0)); # get r
- &mov($a,&wparam(1)); # get a
- &mov($b,&wparam(2)); # get b
- &mov($num,&wparam(3)); # get num
- &xor($c,$c); # clear carry
- &and($num,0xfffffff8); # num / 8
-
- &jz(&label("aw_finish"));
-
- &set_label("aw_loop",0);
- for ($i=0; $i<8; $i++)
- {
- &comment("Round $i");
-
- &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
- &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
- &add($tmp1,$c);
- &mov($c,0);
- &adc($c,$c);
- &add($tmp1,$tmp2);
- &adc($c,0);
- &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
- }
-
- &comment("");
- &add($a,32);
- &add($b,32);
- &add($r,32);
- &sub($num,8);
- &jnz(&label("aw_loop"));
-
- &set_label("aw_finish",0);
- &mov($num,&wparam(3)); # get num
- &and($num,7);
- &jz(&label("aw_end"));
-
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
- &mov($tmp2,&DWP($i*4,$b,"",0));# *b
- &add($tmp1,$c);
- &mov($c,0);
- &adc($c,$c);
- &add($tmp1,$tmp2);
- &adc($c,0);
- &dec($num) if ($i != 6);
- &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
- &jz(&label("aw_end")) if ($i != 6);
- }
- &set_label("aw_end",0);
-
-# &mov("eax",$c); # $c is "eax"
-
- &function_end($name);
- }
-
-1;
diff --git a/src/lib/libcrypto/bn/asm/x86/comba.pl b/src/lib/libcrypto/bn/asm/x86/comba.pl
deleted file mode 100644
index 2291253629..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/comba.pl
+++ /dev/null
@@ -1,277 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub mul_add_c
- {
- local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
- # pos == -1 if eax and edx are pre-loaded, 0 to load from next
- # words, and 1 if load return value
-
- &comment("mul a[$ai]*b[$bi]");
-
- # "eax" and "edx" will always be pre-loaded.
- # &mov("eax",&DWP($ai*4,$a,"",0)) ;
- # &mov("edx",&DWP($bi*4,$b,"",0));
-
- &mul("edx");
- &add($c0,"eax");
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a
- &mov("eax",&wparam(0)) if $pos > 0; # load r[]
- ###
- &adc($c1,"edx");
- &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b
- &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b
- ###
- &adc($c2,0);
- # is pos > 1, it means it is the last loop
- &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[];
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a
- }
-
-sub sqr_add_c
- {
- local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
- # pos == -1 if eax and edx are pre-loaded, 0 to load from next
- # words, and 1 if load return value
-
- &comment("sqr a[$ai]*a[$bi]");
-
- # "eax" and "edx" will always be pre-loaded.
- # &mov("eax",&DWP($ai*4,$a,"",0)) ;
- # &mov("edx",&DWP($bi*4,$b,"",0));
-
- if ($ai == $bi)
- { &mul("eax");}
- else
- { &mul("edx");}
- &add($c0,"eax");
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
- ###
- &adc($c1,"edx");
- &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
- ###
- &adc($c2,0);
- # is pos > 1, it means it is the last loop
- &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
- }
-
-sub sqr_add_c2
- {
- local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
- # pos == -1 if eax and edx are pre-loaded, 0 to load from next
- # words, and 1 if load return value
-
- &comment("sqr a[$ai]*a[$bi]");
-
- # "eax" and "edx" will always be pre-loaded.
- # &mov("eax",&DWP($ai*4,$a,"",0)) ;
- # &mov("edx",&DWP($bi*4,$a,"",0));
-
- if ($ai == $bi)
- { &mul("eax");}
- else
- { &mul("edx");}
- &add("eax","eax");
- ###
- &adc("edx","edx");
- ###
- &adc($c2,0);
- &add($c0,"eax");
- &adc($c1,"edx");
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b
- &adc($c2,0);
- &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[];
- &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
- ###
- }
-
-sub bn_mul_comba
- {
- local($name,$num)=@_;
- local($a,$b,$c0,$c1,$c2);
- local($i,$as,$ae,$bs,$be,$ai,$bi);
- local($tot,$end);
-
- &function_begin_B($name,"");
-
- $c0="ebx";
- $c1="ecx";
- $c2="ebp";
- $a="esi";
- $b="edi";
-
- $as=0;
- $ae=0;
- $bs=0;
- $be=0;
- $tot=$num+$num-1;
-
- &push("esi");
- &mov($a,&wparam(1));
- &push("edi");
- &mov($b,&wparam(2));
- &push("ebp");
- &push("ebx");
-
- &xor($c0,$c0);
- &mov("eax",&DWP(0,$a,"",0)); # load the first word
- &xor($c1,$c1);
- &mov("edx",&DWP(0,$b,"",0)); # load the first second
-
- for ($i=0; $i<$tot; $i++)
- {
- $ai=$as;
- $bi=$bs;
- $end=$be+1;
-
- &comment("################## Calculate word $i");
-
- for ($j=$bs; $j<$end; $j++)
- {
- &xor($c2,$c2) if ($j == $bs);
- if (($j+1) == $end)
- {
- $v=1;
- $v=2 if (($i+1) == $tot);
- }
- else
- { $v=0; }
- if (($j+1) != $end)
- {
- $na=($ai-1);
- $nb=($bi+1);
- }
- else
- {
- $na=$as+($i < ($num-1));
- $nb=$bs+($i >= ($num-1));
- }
-#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
- &mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
- if ($v)
- {
- &comment("saved r[$i]");
- # &mov("eax",&wparam(0));
- # &mov(&DWP($i*4,"eax","",0),$c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- }
- $ai--;
- $bi++;
- }
- $as++ if ($i < ($num-1));
- $ae++ if ($i >= ($num-1));
-
- $bs++ if ($i >= ($num-1));
- $be++ if ($i < ($num-1));
- }
- &comment("save r[$i]");
- # &mov("eax",&wparam(0));
- &mov(&DWP($i*4,"eax","",0),$c0);
-
- &pop("ebx");
- &pop("ebp");
- &pop("edi");
- &pop("esi");
- &ret();
- &function_end_B($name);
- }
-
-sub bn_sqr_comba
- {
- local($name,$num)=@_;
- local($r,$a,$c0,$c1,$c2)=@_;
- local($i,$as,$ae,$bs,$be,$ai,$bi);
- local($b,$tot,$end,$half);
-
- &function_begin_B($name,"");
-
- $c0="ebx";
- $c1="ecx";
- $c2="ebp";
- $a="esi";
- $r="edi";
-
- &push("esi");
- &push("edi");
- &push("ebp");
- &push("ebx");
- &mov($r,&wparam(0));
- &mov($a,&wparam(1));
- &xor($c0,$c0);
- &xor($c1,$c1);
- &mov("eax",&DWP(0,$a,"",0)); # load the first word
-
- $as=0;
- $ae=0;
- $bs=0;
- $be=0;
- $tot=$num+$num-1;
-
- for ($i=0; $i<$tot; $i++)
- {
- $ai=$as;
- $bi=$bs;
- $end=$be+1;
-
- &comment("############### Calculate word $i");
- for ($j=$bs; $j<$end; $j++)
- {
- &xor($c2,$c2) if ($j == $bs);
- if (($ai-1) < ($bi+1))
- {
- $v=1;
- $v=2 if ($i+1) == $tot;
- }
- else
- { $v=0; }
- if (!$v)
- {
- $na=$ai-1;
- $nb=$bi+1;
- }
- else
- {
- $na=$as+($i < ($num-1));
- $nb=$bs+($i >= ($num-1));
- }
- if ($ai == $bi)
- {
- &sqr_add_c($r,$a,$ai,$bi,
- $c0,$c1,$c2,$v,$i,$na,$nb);
- }
- else
- {
- &sqr_add_c2($r,$a,$ai,$bi,
- $c0,$c1,$c2,$v,$i,$na,$nb);
- }
- if ($v)
- {
- &comment("saved r[$i]");
- #&mov(&DWP($i*4,$r,"",0),$c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- last;
- }
- $ai--;
- $bi++;
- }
- $as++ if ($i < ($num-1));
- $ae++ if ($i >= ($num-1));
-
- $bs++ if ($i >= ($num-1));
- $be++ if ($i < ($num-1));
- }
- &mov(&DWP($i*4,$r,"",0),$c0);
- &pop("ebx");
- &pop("ebp");
- &pop("edi");
- &pop("esi");
- &ret();
- &function_end_B($name);
- }
-
-1;
diff --git a/src/lib/libcrypto/bn/asm/x86/div.pl b/src/lib/libcrypto/bn/asm/x86/div.pl
deleted file mode 100644
index 0e90152caa..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/div.pl
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_div_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
- &mov("edx",&wparam(0)); #
- &mov("eax",&wparam(1)); #
- &mov("ebx",&wparam(2)); #
- &div("ebx");
- &function_end($name);
- }
-1;
diff --git a/src/lib/libcrypto/bn/asm/x86/mul.pl b/src/lib/libcrypto/bn/asm/x86/mul.pl
deleted file mode 100644
index 674cb9b055..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/mul.pl
+++ /dev/null
@@ -1,77 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_mul_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $Low="eax";
- $High="edx";
- $a="ebx";
- $w="ecx";
- $r="edi";
- $c="esi";
- $num="ebp";
-
- &xor($c,$c); # clear carry
- &mov($r,&wparam(0)); #
- &mov($a,&wparam(1)); #
- &mov($num,&wparam(2)); #
- &mov($w,&wparam(3)); #
-
- &and($num,0xfffffff8); # num / 8
- &jz(&label("mw_finish"));
-
- &set_label("mw_loop",0);
- for ($i=0; $i<32; $i+=4)
- {
- &comment("Round $i");
-
- &mov("eax",&DWP($i,$a,"",0)); # *a
- &mul($w); # *a * w
- &add("eax",$c); # L(t)+=c
- # XXX
-
- &adc("edx",0); # H(t)+=carry
- &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
-
- &mov($c,"edx"); # c= H(t);
- }
-
- &comment("");
- &add($a,32);
- &add($r,32);
- &sub($num,8);
- &jz(&label("mw_finish"));
- &jmp(&label("mw_loop"));
-
- &set_label("mw_finish",0);
- &mov($num,&wparam(2)); # get num
- &and($num,7);
- &jnz(&label("mw_finish2"));
- &jmp(&label("mw_end"));
-
- &set_label("mw_finish2",1);
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov("eax",&DWP($i*4,$a,"",0));# *a
- &mul($w); # *a * w
- &add("eax",$c); # L(t)+=c
- # XXX
- &adc("edx",0); # H(t)+=carry
- &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
- &mov($c,"edx"); # c= H(t);
- &dec($num) if ($i != 7-1);
- &jz(&label("mw_end")) if ($i != 7-1);
- }
- &set_label("mw_end",0);
- &mov("eax",$c);
-
- &function_end($name);
- }
-
-1;
diff --git a/src/lib/libcrypto/bn/asm/x86/mul_add.pl b/src/lib/libcrypto/bn/asm/x86/mul_add.pl
deleted file mode 100644
index 61830d3a90..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/mul_add.pl
+++ /dev/null
@@ -1,87 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_mul_add_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $Low="eax";
- $High="edx";
- $a="ebx";
- $w="ebp";
- $r="edi";
- $c="esi";
-
- &xor($c,$c); # clear carry
- &mov($r,&wparam(0)); #
-
- &mov("ecx",&wparam(2)); #
- &mov($a,&wparam(1)); #
-
- &and("ecx",0xfffffff8); # num / 8
- &mov($w,&wparam(3)); #
-
- &push("ecx"); # Up the stack for a tmp variable
-
- &jz(&label("maw_finish"));
-
- &set_label("maw_loop",0);
-
- &mov(&swtmp(0),"ecx"); #
-
- for ($i=0; $i<32; $i+=4)
- {
- &comment("Round $i");
-
- &mov("eax",&DWP($i,$a,"",0)); # *a
- &mul($w); # *a * w
- &add("eax",$c); # L(t)+= *r
- &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r
- &adc("edx",0); # H(t)+=carry
- &add("eax",$c); # L(t)+=c
- &adc("edx",0); # H(t)+=carry
- &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
- &mov($c,"edx"); # c= H(t);
- }
-
- &comment("");
- &mov("ecx",&swtmp(0)); #
- &add($a,32);
- &add($r,32);
- &sub("ecx",8);
- &jnz(&label("maw_loop"));
-
- &set_label("maw_finish",0);
- &mov("ecx",&wparam(2)); # get num
- &and("ecx",7);
- &jnz(&label("maw_finish2")); # helps branch prediction
- &jmp(&label("maw_end"));
-
- &set_label("maw_finish2",1);
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov("eax",&DWP($i*4,$a,"",0));# *a
- &mul($w); # *a * w
- &add("eax",$c); # L(t)+=c
- &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r
- &adc("edx",0); # H(t)+=carry
- &add("eax",$c);
- &adc("edx",0); # H(t)+=carry
- &dec("ecx") if ($i != 7-1);
- &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t);
- &mov($c,"edx"); # c= H(t);
- &jz(&label("maw_end")) if ($i != 7-1);
- }
- &set_label("maw_end",0);
- &mov("eax",$c);
-
- &pop("ecx"); # clear variable from
-
- &function_end($name);
- }
-
-1;
diff --git a/src/lib/libcrypto/bn/asm/x86/sqr.pl b/src/lib/libcrypto/bn/asm/x86/sqr.pl
deleted file mode 100644
index 1f90993cf6..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/sqr.pl
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_sqr_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $r="esi";
- $a="edi";
- $num="ebx";
-
- &mov($r,&wparam(0)); #
- &mov($a,&wparam(1)); #
- &mov($num,&wparam(2)); #
-
- &and($num,0xfffffff8); # num / 8
- &jz(&label("sw_finish"));
-
- &set_label("sw_loop",0);
- for ($i=0; $i<32; $i+=4)
- {
- &comment("Round $i");
- &mov("eax",&DWP($i,$a,"",0)); # *a
- # XXX
- &mul("eax"); # *a * *a
- &mov(&DWP($i*2,$r,"",0),"eax"); #
- &mov(&DWP($i*2+4,$r,"",0),"edx");#
- }
-
- &comment("");
- &add($a,32);
- &add($r,64);
- &sub($num,8);
- &jnz(&label("sw_loop"));
-
- &set_label("sw_finish",0);
- &mov($num,&wparam(2)); # get num
- &and($num,7);
- &jz(&label("sw_end"));
-
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov("eax",&DWP($i*4,$a,"",0)); # *a
- # XXX
- &mul("eax"); # *a * *a
- &mov(&DWP($i*8,$r,"",0),"eax"); #
- &dec($num) if ($i != 7-1);
- &mov(&DWP($i*8+4,$r,"",0),"edx");
- &jz(&label("sw_end")) if ($i != 7-1);
- }
- &set_label("sw_end",0);
-
- &function_end($name);
- }
-
-1;
diff --git a/src/lib/libcrypto/bn/asm/x86/sub.pl b/src/lib/libcrypto/bn/asm/x86/sub.pl
deleted file mode 100644
index 837b0e1b07..0000000000
--- a/src/lib/libcrypto/bn/asm/x86/sub.pl
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
-sub bn_sub_words
- {
- local($name)=@_;
-
- &function_begin($name,"");
-
- &comment("");
- $a="esi";
- $b="edi";
- $c="eax";
- $r="ebx";
- $tmp1="ecx";
- $tmp2="edx";
- $num="ebp";
-
- &mov($r,&wparam(0)); # get r
- &mov($a,&wparam(1)); # get a
- &mov($b,&wparam(2)); # get b
- &mov($num,&wparam(3)); # get num
- &xor($c,$c); # clear carry
- &and($num,0xfffffff8); # num / 8
-
- &jz(&label("aw_finish"));
-
- &set_label("aw_loop",0);
- for ($i=0; $i<8; $i++)
- {
- &comment("Round $i");
-
- &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
- &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
- &sub($tmp1,$c);
- &mov($c,0);
- &adc($c,$c);
- &sub($tmp1,$tmp2);
- &adc($c,0);
- &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
- }
-
- &comment("");
- &add($a,32);
- &add($b,32);
- &add($r,32);
- &sub($num,8);
- &jnz(&label("aw_loop"));
-
- &set_label("aw_finish",0);
- &mov($num,&wparam(3)); # get num
- &and($num,7);
- &jz(&label("aw_end"));
-
- for ($i=0; $i<7; $i++)
- {
- &comment("Tail Round $i");
- &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
- &mov($tmp2,&DWP($i*4,$b,"",0));# *b
- &sub($tmp1,$c);
- &mov($c,0);
- &adc($c,$c);
- &sub($tmp1,$tmp2);
- &adc($c,0);
- &dec($num) if ($i != 6);
- &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
- &jz(&label("aw_end")) if ($i != 6);
- }
- &set_label("aw_end",0);
-
-# &mov("eax",$c); # $c is "eax"
-
- &function_end($name);
- }
-
-1;
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h
deleted file mode 100644
index b232c2ceae..0000000000
--- a/src/lib/libcrypto/bn/bn.h
+++ /dev/null
@@ -1,520 +0,0 @@
-/* crypto/bn/bn.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BN_H
-#define HEADER_BN_H
-
-#ifndef NO_FP_API
-#include <stdio.h> /* FILE */
-#endif
-#include <openssl/opensslconf.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef VMS
-#undef BN_LLONG /* experimental, so far... */
-#endif
-
-#define BN_MUL_COMBA
-#define BN_SQR_COMBA
-#define BN_RECURSION
-#define RECP_MUL_MOD
-#define MONT_MUL_MOD
-
-/* This next option uses the C libraries (2 word)/(1 word) function.
- * If it is not defined, I use my C version (which is slower).
- * The reason for this flag is that when the particular C compiler
- * library routine is used, and the library is linked with a different
- * compiler, the library is missing. This mostly happens when the
- * library is built with gcc and then linked using normal cc. This would
- * be a common occurrence because gcc normally produces code that is
- * 2 times faster than system compilers for the big number stuff.
- * For machines with only one compiler (or shared libraries), this should
- * be on. Again this in only really a problem on machines
- * using "long long's", are 32bit, and are not using my assembler code. */
-#if defined(MSDOS) || defined(WINDOWS) || defined(WIN32) || defined(linux)
-#define BN_DIV2W
-#endif
-
-/* assuming long is 64bit - this is the DEC Alpha
- * unsigned long long is only 64 bits :-(, don't define
- * BN_LLONG for the DEC Alpha */
-#ifdef SIXTY_FOUR_BIT_LONG
-#define BN_ULLONG unsigned long long
-#define BN_ULONG unsigned long
-#define BN_LONG long
-#define BN_BITS 128
-#define BN_BYTES 8
-#define BN_BITS2 64
-#define BN_BITS4 32
-#define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
-#define BN_MASK2 (0xffffffffffffffffL)
-#define BN_MASK2l (0xffffffffL)
-#define BN_MASK2h (0xffffffff00000000L)
-#define BN_MASK2h1 (0xffffffff80000000L)
-#define BN_TBIT (0x8000000000000000L)
-#define BN_DEC_CONV (10000000000000000000UL)
-#define BN_DEC_FMT1 "%lu"
-#define BN_DEC_FMT2 "%019lu"
-#define BN_DEC_NUM 19
-#endif
-
-/* This is where the long long data type is 64 bits, but long is 32.
- * For machines where there are 64bit registers, this is the mode to use.
- * IRIX, on R4000 and above should use this mode, along with the relevant
- * assembler code :-). Do NOT define BN_LLONG.
- */
-#ifdef SIXTY_FOUR_BIT
-#undef BN_LLONG
-#undef BN_ULLONG
-#define BN_ULONG unsigned long long
-#define BN_LONG long long
-#define BN_BITS 128
-#define BN_BYTES 8
-#define BN_BITS2 64
-#define BN_BITS4 32
-#define BN_MASK2 (0xffffffffffffffffLL)
-#define BN_MASK2l (0xffffffffL)
-#define BN_MASK2h (0xffffffff00000000LL)
-#define BN_MASK2h1 (0xffffffff80000000LL)
-#define BN_TBIT (0x8000000000000000LL)
-#define BN_DEC_CONV (10000000000000000000LL)
-#define BN_DEC_FMT1 "%llu"
-#define BN_DEC_FMT2 "%019llu"
-#define BN_DEC_NUM 19
-#endif
-
-#ifdef THIRTY_TWO_BIT
-#if defined(WIN32) && !defined(__GNUC__)
-#define BN_ULLONG unsigned _int64
-#else
-#define BN_ULLONG unsigned long long
-#endif
-#define BN_ULONG unsigned long
-#define BN_LONG long
-#define BN_BITS 64
-#define BN_BYTES 4
-#define BN_BITS2 32
-#define BN_BITS4 16
-#ifdef WIN32
-/* VC++ doesn't like the LL suffix */
-#define BN_MASK (0xffffffffffffffffL)
-#else
-#define BN_MASK (0xffffffffffffffffLL)
-#endif
-#define BN_MASK2 (0xffffffffL)
-#define BN_MASK2l (0xffff)
-#define BN_MASK2h1 (0xffff8000L)
-#define BN_MASK2h (0xffff0000L)
-#define BN_TBIT (0x80000000L)
-#define BN_DEC_CONV (1000000000L)
-#define BN_DEC_FMT1 "%lu"
-#define BN_DEC_FMT2 "%09lu"
-#define BN_DEC_NUM 9
-#endif
-
-#ifdef SIXTEEN_BIT
-#ifndef BN_DIV2W
-#define BN_DIV2W
-#endif
-#define BN_ULLONG unsigned long
-#define BN_ULONG unsigned short
-#define BN_LONG short
-#define BN_BITS 32
-#define BN_BYTES 2
-#define BN_BITS2 16
-#define BN_BITS4 8
-#define BN_MASK (0xffffffff)
-#define BN_MASK2 (0xffff)
-#define BN_MASK2l (0xff)
-#define BN_MASK2h1 (0xff80)
-#define BN_MASK2h (0xff00)
-#define BN_TBIT (0x8000)
-#define BN_DEC_CONV (100000)
-#define BN_DEC_FMT1 "%u"
-#define BN_DEC_FMT2 "%05u"
-#define BN_DEC_NUM 5
-#endif
-
-#ifdef EIGHT_BIT
-#ifndef BN_DIV2W
-#define BN_DIV2W
-#endif
-#define BN_ULLONG unsigned short
-#define BN_ULONG unsigned char
-#define BN_LONG char
-#define BN_BITS 16
-#define BN_BYTES 1
-#define BN_BITS2 8
-#define BN_BITS4 4
-#define BN_MASK (0xffff)
-#define BN_MASK2 (0xff)
-#define BN_MASK2l (0xf)
-#define BN_MASK2h1 (0xf8)
-#define BN_MASK2h (0xf0)
-#define BN_TBIT (0x80)
-#define BN_DEC_CONV (100)
-#define BN_DEC_FMT1 "%u"
-#define BN_DEC_FMT2 "%02u"
-#define BN_DEC_NUM 2
-#endif
-
-#define BN_DEFAULT_BITS 1280
-
-#ifdef BIGNUM
-#undef BIGNUM
-#endif
-
-#define BN_FLG_MALLOCED 0x01
-#define BN_FLG_STATIC_DATA 0x02
-#define BN_FLG_FREE 0x8000 /* used for debuging */
-#define BN_set_flags(b,n) ((b)->flags|=(n))
-#define BN_get_flags(b,n) ((b)->flags&(n))
-
-typedef struct bignum_st
- {
- BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
- int top; /* Index of last used d +1. */
- /* The next are internal book keeping for bn_expand. */
- int dmax; /* Size of the d array. */
- int neg; /* one if the number is negative */
- int flags;
- } BIGNUM;
-
-/* Used for temp variables */
-#define BN_CTX_NUM 16
-#define BN_CTX_NUM_POS 12
-typedef struct bignum_ctx
- {
- int tos;
- BIGNUM bn[BN_CTX_NUM];
- int flags;
- int depth;
- int pos[BN_CTX_NUM_POS];
- int too_many;
- } BN_CTX;
-
-typedef struct bn_blinding_st
- {
- int init;
- BIGNUM *A;
- BIGNUM *Ai;
- BIGNUM *mod; /* just a reference */
- } BN_BLINDING;
-
-/* Used for montgomery multiplication */
-typedef struct bn_mont_ctx_st
- {
- int ri; /* number of bits in R */
- BIGNUM RR; /* used to convert to montgomery form */
- BIGNUM N; /* The modulus */
- BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1
- * (Ni is only stored for bignum algorithm) */
- BN_ULONG n0; /* least significant word of Ni */
- int flags;
- } BN_MONT_CTX;
-
-/* Used for reciprocal division/mod functions
- * It cannot be shared between threads
- */
-typedef struct bn_recp_ctx_st
- {
- BIGNUM N; /* the divisor */
- BIGNUM Nr; /* the reciprocal */
- int num_bits;
- int shift;
- int flags;
- } BN_RECP_CTX;
-
-#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
- r,a,&((mont)->RR),(mont),ctx)
-
-#define BN_prime_checks 0 /* default: select number of iterations
- based on the size of the number */
-
-/* number of Miller-Rabin iterations for an error rate of less than 2^-80
- * for random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook
- * of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
- * original paper: Damgaard, Landrock, Pomerance: Average case error estimates
- * for the strong probable prime test. -- Math. Comp. 61 (1993) 177-194) */
-#define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
- (b) >= 850 ? 3 : \
- (b) >= 650 ? 4 : \
- (b) >= 550 ? 5 : \
- (b) >= 450 ? 6 : \
- (b) >= 400 ? 7 : \
- (b) >= 350 ? 8 : \
- (b) >= 300 ? 9 : \
- (b) >= 250 ? 12 : \
- (b) >= 200 ? 15 : \
- (b) >= 150 ? 18 : \
- /* b >= 100 */ 27)
-
-#define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
-#define BN_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w)))
-#define BN_is_zero(a) (((a)->top == 0) || BN_is_word(a,0))
-#define BN_is_one(a) (BN_is_word((a),1))
-#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1))
-#define BN_one(a) (BN_set_word((a),1))
-#define BN_zero(a) (BN_set_word((a),0))
-
-/*#define BN_ascii2bn(a) BN_hex2bn(a) */
-/*#define BN_bn2ascii(a) BN_bn2hex(a) */
-
-BIGNUM *BN_value_one(void);
-char * BN_options(void);
-BN_CTX *BN_CTX_new(void);
-void BN_CTX_init(BN_CTX *c);
-void BN_CTX_free(BN_CTX *c);
-void BN_CTX_start(BN_CTX *ctx);
-BIGNUM *BN_CTX_get(BN_CTX *ctx);
-void BN_CTX_end(BN_CTX *ctx);
-int BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
-int BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom);
-int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
-int BN_num_bits(const BIGNUM *a);
-int BN_num_bits_word(BN_ULONG);
-BIGNUM *BN_new(void);
-void BN_init(BIGNUM *);
-void BN_clear_free(BIGNUM *a);
-BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
-BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret);
-int BN_bn2bin(const BIGNUM *a, unsigned char *to);
-BIGNUM *BN_mpi2bn(unsigned char *s,int len,BIGNUM *ret);
-int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
-int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
-int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
- BN_CTX *ctx);
-int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
-int BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx);
-BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
-int BN_mul_word(BIGNUM *a, BN_ULONG w);
-int BN_add_word(BIGNUM *a, BN_ULONG w);
-int BN_sub_word(BIGNUM *a, BN_ULONG w);
-int BN_set_word(BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_get_word(BIGNUM *a);
-int BN_cmp(const BIGNUM *a, const BIGNUM *b);
-void BN_free(BIGNUM *a);
-int BN_is_bit_set(const BIGNUM *a, int n);
-int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
-int BN_lshift1(BIGNUM *r, BIGNUM *a);
-int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p,BN_CTX *ctx);
-int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m,BN_CTX *ctx);
-int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp2_mont(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2,
- BIGNUM *p2,BIGNUM *m,BN_CTX *ctx,BN_MONT_CTX *m_ctx);
-int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p,
- BIGNUM *m,BN_CTX *ctx);
-int BN_mask_bits(BIGNUM *a,int n);
-int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
-#ifndef NO_FP_API
-int BN_print_fp(FILE *fp, const BIGNUM *a);
-#endif
-#ifdef HEADER_BIO_H
-int BN_print(BIO *fp, const BIGNUM *a);
-#else
-int BN_print(void *fp, const BIGNUM *a);
-#endif
-int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx);
-int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
-int BN_rshift1(BIGNUM *r, BIGNUM *a);
-void BN_clear(BIGNUM *a);
-BIGNUM *BN_dup(const BIGNUM *a);
-int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
-int BN_set_bit(BIGNUM *a, int n);
-int BN_clear_bit(BIGNUM *a, int n);
-char * BN_bn2hex(const BIGNUM *a);
-char * BN_bn2dec(const BIGNUM *a);
-int BN_hex2bn(BIGNUM **a, const char *str);
-int BN_dec2bn(BIGNUM **a, const char *str);
-int BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx);
-BIGNUM *BN_mod_inverse(BIGNUM *ret,BIGNUM *a, const BIGNUM *n,BN_CTX *ctx);
-BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe,BIGNUM *add,
- BIGNUM *rem,void (*callback)(int,int,void *),void *cb_arg);
-int BN_is_prime(const BIGNUM *p,int nchecks,
- void (*callback)(int,int,void *),
- BN_CTX *ctx,void *cb_arg);
-int BN_is_prime_fasttest(const BIGNUM *p,int nchecks,
- void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg,
- int do_trial_division);
-void ERR_load_BN_strings(void );
-
-BN_MONT_CTX *BN_MONT_CTX_new(void );
-void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
-int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont,
- BN_CTX *ctx);
-int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx);
-void BN_MONT_CTX_free(BN_MONT_CTX *mont);
-int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *modulus,BN_CTX *ctx);
-BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from);
-
-BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod);
-void BN_BLINDING_free(BN_BLINDING *b);
-int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
-int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx);
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-
-void BN_set_params(int mul,int high,int low,int mont);
-int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
-
-void BN_RECP_CTX_init(BN_RECP_CTX *recp);
-BN_RECP_CTX *BN_RECP_CTX_new(void);
-void BN_RECP_CTX_free(BN_RECP_CTX *recp);
-int BN_RECP_CTX_set(BN_RECP_CTX *recp,const BIGNUM *rdiv,BN_CTX *ctx);
-int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y,
- BN_RECP_CTX *recp,BN_CTX *ctx);
-int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m,
- BN_RECP_CTX *recp, BN_CTX *ctx);
-
-/* library internal functions */
-
-#define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
- (a):bn_expand2((a),(bits)/BN_BITS2+1))
-#define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
-BIGNUM *bn_expand2(BIGNUM *a, int words);
-
-#define bn_fix_top(a) \
- { \
- BN_ULONG *ftl; \
- if ((a)->top > 0) \
- { \
- for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
- if (*(ftl--)) break; \
- } \
- }
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
-BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
-void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
-BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
-BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
-
-#ifdef BN_DEBUG
- void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n);
-# define bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \
- fprintf(stderr,"\n");}
-# define bn_dump(a,n) bn_dump1(stderr,#a,a,n);
-#else
-# define bn_print(a)
-# define bn_dump(a,b)
-#endif
-
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the BN functions. */
-
-/* Function codes. */
-#define BN_F_BN_BLINDING_CONVERT 100
-#define BN_F_BN_BLINDING_INVERT 101
-#define BN_F_BN_BLINDING_NEW 102
-#define BN_F_BN_BLINDING_UPDATE 103
-#define BN_F_BN_BN2DEC 104
-#define BN_F_BN_BN2HEX 105
-#define BN_F_BN_CTX_GET 116
-#define BN_F_BN_CTX_NEW 106
-#define BN_F_BN_DIV 107
-#define BN_F_BN_EXPAND2 108
-#define BN_F_BN_MOD_EXP2_MONT 118
-#define BN_F_BN_MOD_EXP_MONT 109
-#define BN_F_BN_MOD_EXP_MONT_WORD 117
-#define BN_F_BN_MOD_INVERSE 110
-#define BN_F_BN_MOD_MUL_RECIPROCAL 111
-#define BN_F_BN_MPI2BN 112
-#define BN_F_BN_NEW 113
-#define BN_F_BN_RAND 114
-#define BN_F_BN_RAND_RANGE 122
-#define BN_F_BN_USUB 115
-
-/* Reason codes. */
-#define BN_R_ARG2_LT_ARG3 100
-#define BN_R_BAD_RECIPROCAL 101
-#define BN_R_BIGNUM_TOO_LONG 114
-#define BN_R_CALLED_WITH_EVEN_MODULUS 102
-#define BN_R_DIV_BY_ZERO 103
-#define BN_R_ENCODING_ERROR 104
-#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
-#define BN_R_INVALID_LENGTH 106
-#define BN_R_INVALID_RANGE 115
-#define BN_R_NOT_INITIALIZED 107
-#define BN_R_NO_INVERSE 108
-#define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/bn/bn_add.c b/src/lib/libcrypto/bn/bn_add.c
deleted file mode 100644
index 5d24691233..0000000000
--- a/src/lib/libcrypto/bn/bn_add.c
+++ /dev/null
@@ -1,307 +0,0 @@
-/* crypto/bn/bn_add.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-/* r can == a or b */
-int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
- {
- const BIGNUM *tmp;
-
- bn_check_top(a);
- bn_check_top(b);
-
- /* a + b a+b
- * a + -b a-b
- * -a + b b-a
- * -a + -b -(a+b)
- */
- if (a->neg ^ b->neg)
- {
- /* only one is negative */
- if (a->neg)
- { tmp=a; a=b; b=tmp; }
-
- /* we are now a - b */
-
- if (BN_ucmp(a,b) < 0)
- {
- if (!BN_usub(r,b,a)) return(0);
- r->neg=1;
- }
- else
- {
- if (!BN_usub(r,a,b)) return(0);
- r->neg=0;
- }
- return(1);
- }
-
- if (a->neg) /* both are neg */
- r->neg=1;
- else
- r->neg=0;
-
- if (!BN_uadd(r,a,b)) return(0);
- return(1);
- }
-
-/* unsigned add of b to a, r must be large enough */
-int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
- {
- register int i;
- int max,min;
- BN_ULONG *ap,*bp,*rp,carry,t1;
- const BIGNUM *tmp;
-
- bn_check_top(a);
- bn_check_top(b);
-
- if (a->top < b->top)
- { tmp=a; a=b; b=tmp; }
- max=a->top;
- min=b->top;
-
- if (bn_wexpand(r,max+1) == NULL)
- return(0);
-
- r->top=max;
-
-
- ap=a->d;
- bp=b->d;
- rp=r->d;
- carry=0;
-
- carry=bn_add_words(rp,ap,bp,min);
- rp+=min;
- ap+=min;
- bp+=min;
- i=min;
-
- if (carry)
- {
- while (i < max)
- {
- i++;
- t1= *(ap++);
- if ((*(rp++)=(t1+1)&BN_MASK2) >= t1)
- {
- carry=0;
- break;
- }
- }
- if ((i >= max) && carry)
- {
- *(rp++)=1;
- r->top++;
- }
- }
- if (rp != ap)
- {
- for (; i<max; i++)
- *(rp++)= *(ap++);
- }
- /* memcpy(rp,ap,sizeof(*ap)*(max-i));*/
- return(1);
- }
-
-/* unsigned subtraction of b from a, a must be larger than b. */
-int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
- {
- int max,min;
- register BN_ULONG t1,t2,*ap,*bp,*rp;
- int i,carry;
-#if defined(IRIX_CC_BUG) && !defined(LINT)
- int dummy;
-#endif
-
- bn_check_top(a);
- bn_check_top(b);
-
- if (a->top < b->top) /* hmm... should not be happening */
- {
- BNerr(BN_F_BN_USUB,BN_R_ARG2_LT_ARG3);
- return(0);
- }
-
- max=a->top;
- min=b->top;
- if (bn_wexpand(r,max) == NULL) return(0);
-
- ap=a->d;
- bp=b->d;
- rp=r->d;
-
-#if 1
- carry=0;
- for (i=0; i<min; i++)
- {
- t1= *(ap++);
- t2= *(bp++);
- if (carry)
- {
- carry=(t1 <= t2);
- t1=(t1-t2-1)&BN_MASK2;
- }
- else
- {
- carry=(t1 < t2);
- t1=(t1-t2)&BN_MASK2;
- }
-#if defined(IRIX_CC_BUG) && !defined(LINT)
- dummy=t1;
-#endif
- *(rp++)=t1&BN_MASK2;
- }
-#else
- carry=bn_sub_words(rp,ap,bp,min);
- ap+=min;
- bp+=min;
- rp+=min;
- i=min;
-#endif
- if (carry) /* subtracted */
- {
- while (i < max)
- {
- i++;
- t1= *(ap++);
- t2=(t1-1)&BN_MASK2;
- *(rp++)=t2;
- if (t1 > t2) break;
- }
- }
-#if 0
- memcpy(rp,ap,sizeof(*rp)*(max-i));
-#else
- if (rp != ap)
- {
- for (;;)
- {
- if (i++ >= max) break;
- rp[0]=ap[0];
- if (i++ >= max) break;
- rp[1]=ap[1];
- if (i++ >= max) break;
- rp[2]=ap[2];
- if (i++ >= max) break;
- rp[3]=ap[3];
- rp+=4;
- ap+=4;
- }
- }
-#endif
-
- r->top=max;
- bn_fix_top(r);
- return(1);
- }
-
-int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
- {
- int max;
- int add=0,neg=0;
- const BIGNUM *tmp;
-
- bn_check_top(a);
- bn_check_top(b);
-
- /* a - b a-b
- * a - -b a+b
- * -a - b -(a+b)
- * -a - -b b-a
- */
- if (a->neg)
- {
- if (b->neg)
- { tmp=a; a=b; b=tmp; }
- else
- { add=1; neg=1; }
- }
- else
- {
- if (b->neg) { add=1; neg=0; }
- }
-
- if (add)
- {
- if (!BN_uadd(r,a,b)) return(0);
- r->neg=neg;
- return(1);
- }
-
- /* We are actually doing a - b :-) */
-
- max=(a->top > b->top)?a->top:b->top;
- if (bn_wexpand(r,max) == NULL) return(0);
- if (BN_ucmp(a,b) < 0)
- {
- if (!BN_usub(r,b,a)) return(0);
- r->neg=1;
- }
- else
- {
- if (!BN_usub(r,a,b)) return(0);
- r->neg=0;
- }
- return(1);
- }
-
diff --git a/src/lib/libcrypto/bn/bn_asm.c b/src/lib/libcrypto/bn/bn_asm.c
deleted file mode 100644
index 44e52a40db..0000000000
--- a/src/lib/libcrypto/bn/bn_asm.c
+++ /dev/null
@@ -1,832 +0,0 @@
-/* crypto/bn/bn_asm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef BN_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <stdio.h>
-#include <assert.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#if defined(BN_LLONG) || defined(BN_UMULT_HIGH)
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
- {
- BN_ULONG c1=0;
-
- assert(num >= 0);
- if (num <= 0) return(c1);
-
- while (num&~3)
- {
- mul_add(rp[0],ap[0],w,c1);
- mul_add(rp[1],ap[1],w,c1);
- mul_add(rp[2],ap[2],w,c1);
- mul_add(rp[3],ap[3],w,c1);
- ap+=4; rp+=4; num-=4;
- }
- if (num)
- {
- mul_add(rp[0],ap[0],w,c1); if (--num==0) return c1;
- mul_add(rp[1],ap[1],w,c1); if (--num==0) return c1;
- mul_add(rp[2],ap[2],w,c1); return c1;
- }
-
- return(c1);
- }
-
-BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
- {
- BN_ULONG c1=0;
-
- assert(num >= 0);
- if (num <= 0) return(c1);
-
- while (num&~3)
- {
- mul(rp[0],ap[0],w,c1);
- mul(rp[1],ap[1],w,c1);
- mul(rp[2],ap[2],w,c1);
- mul(rp[3],ap[3],w,c1);
- ap+=4; rp+=4; num-=4;
- }
- if (num)
- {
- mul(rp[0],ap[0],w,c1); if (--num == 0) return c1;
- mul(rp[1],ap[1],w,c1); if (--num == 0) return c1;
- mul(rp[2],ap[2],w,c1);
- }
- return(c1);
- }
-
-void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
- {
- assert(n >= 0);
- if (n <= 0) return;
- while (n&~3)
- {
- sqr(r[0],r[1],a[0]);
- sqr(r[2],r[3],a[1]);
- sqr(r[4],r[5],a[2]);
- sqr(r[6],r[7],a[3]);
- a+=4; r+=8; n-=4;
- }
- if (n)
- {
- sqr(r[0],r[1],a[0]); if (--n == 0) return;
- sqr(r[2],r[3],a[1]); if (--n == 0) return;
- sqr(r[4],r[5],a[2]);
- }
- }
-
-#else /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
- {
- BN_ULONG c=0;
- BN_ULONG bl,bh;
-
- assert(num >= 0);
- if (num <= 0) return((BN_ULONG)0);
-
- bl=LBITS(w);
- bh=HBITS(w);
-
- for (;;)
- {
- mul_add(rp[0],ap[0],bl,bh,c);
- if (--num == 0) break;
- mul_add(rp[1],ap[1],bl,bh,c);
- if (--num == 0) break;
- mul_add(rp[2],ap[2],bl,bh,c);
- if (--num == 0) break;
- mul_add(rp[3],ap[3],bl,bh,c);
- if (--num == 0) break;
- ap+=4;
- rp+=4;
- }
- return(c);
- }
-
-BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
- {
- BN_ULONG carry=0;
- BN_ULONG bl,bh;
-
- assert(num >= 0);
- if (num <= 0) return((BN_ULONG)0);
-
- bl=LBITS(w);
- bh=HBITS(w);
-
- for (;;)
- {
- mul(rp[0],ap[0],bl,bh,carry);
- if (--num == 0) break;
- mul(rp[1],ap[1],bl,bh,carry);
- if (--num == 0) break;
- mul(rp[2],ap[2],bl,bh,carry);
- if (--num == 0) break;
- mul(rp[3],ap[3],bl,bh,carry);
- if (--num == 0) break;
- ap+=4;
- rp+=4;
- }
- return(carry);
- }
-
-void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
- {
- assert(n >= 0);
- if (n <= 0) return;
- for (;;)
- {
- sqr64(r[0],r[1],a[0]);
- if (--n == 0) break;
-
- sqr64(r[2],r[3],a[1]);
- if (--n == 0) break;
-
- sqr64(r[4],r[5],a[2]);
- if (--n == 0) break;
-
- sqr64(r[6],r[7],a[3]);
- if (--n == 0) break;
-
- a+=4;
- r+=8;
- }
- }
-
-#endif /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */
-
-#if defined(BN_LLONG) && defined(BN_DIV2W)
-
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
- {
- return((BN_ULONG)(((((BN_ULLONG)h)<<BN_BITS2)|l)/(BN_ULLONG)d));
- }
-
-#else
-
-/* Divide h,l by d and return the result. */
-/* I need to test this some more :-( */
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
- {
- BN_ULONG dh,dl,q,ret=0,th,tl,t;
- int i,count=2;
-
- if (d == 0) return(BN_MASK2);
-
- i=BN_num_bits_word(d);
- assert((i == BN_BITS2) || (h > (BN_ULONG)1<<i));
-
- i=BN_BITS2-i;
- if (h >= d) h-=d;
-
- if (i)
- {
- d<<=i;
- h=(h<<i)|(l>>(BN_BITS2-i));
- l<<=i;
- }
- dh=(d&BN_MASK2h)>>BN_BITS4;
- dl=(d&BN_MASK2l);
- for (;;)
- {
- if ((h>>BN_BITS4) == dh)
- q=BN_MASK2l;
- else
- q=h/dh;
-
- th=q*dh;
- tl=dl*q;
- for (;;)
- {
- t=h-th;
- if ((t&BN_MASK2h) ||
- ((tl) <= (
- (t<<BN_BITS4)|
- ((l&BN_MASK2h)>>BN_BITS4))))
- break;
- q--;
- th-=dh;
- tl-=dl;
- }
- t=(tl>>BN_BITS4);
- tl=(tl<<BN_BITS4)&BN_MASK2h;
- th+=t;
-
- if (l < tl) th++;
- l-=tl;
- if (h < th)
- {
- h+=d;
- q--;
- }
- h-=th;
-
- if (--count == 0) break;
-
- ret=q<<BN_BITS4;
- h=((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2;
- l=(l&BN_MASK2l)<<BN_BITS4;
- }
- ret|=q;
- return(ret);
- }
-#endif /* !defined(BN_LLONG) && defined(BN_DIV2W) */
-
-#ifdef BN_LLONG
-BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
- {
- BN_ULLONG ll=0;
-
- assert(n >= 0);
- if (n <= 0) return((BN_ULONG)0);
-
- for (;;)
- {
- ll+=(BN_ULLONG)a[0]+b[0];
- r[0]=(BN_ULONG)ll&BN_MASK2;
- ll>>=BN_BITS2;
- if (--n <= 0) break;
-
- ll+=(BN_ULLONG)a[1]+b[1];
- r[1]=(BN_ULONG)ll&BN_MASK2;
- ll>>=BN_BITS2;
- if (--n <= 0) break;
-
- ll+=(BN_ULLONG)a[2]+b[2];
- r[2]=(BN_ULONG)ll&BN_MASK2;
- ll>>=BN_BITS2;
- if (--n <= 0) break;
-
- ll+=(BN_ULLONG)a[3]+b[3];
- r[3]=(BN_ULONG)ll&BN_MASK2;
- ll>>=BN_BITS2;
- if (--n <= 0) break;
-
- a+=4;
- b+=4;
- r+=4;
- }
- return((BN_ULONG)ll);
- }
-#else /* !BN_LLONG */
-BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
- {
- BN_ULONG c,l,t;
-
- assert(n >= 0);
- if (n <= 0) return((BN_ULONG)0);
-
- c=0;
- for (;;)
- {
- t=a[0];
- t=(t+c)&BN_MASK2;
- c=(t < c);
- l=(t+b[0])&BN_MASK2;
- c+=(l < t);
- r[0]=l;
- if (--n <= 0) break;
-
- t=a[1];
- t=(t+c)&BN_MASK2;
- c=(t < c);
- l=(t+b[1])&BN_MASK2;
- c+=(l < t);
- r[1]=l;
- if (--n <= 0) break;
-
- t=a[2];
- t=(t+c)&BN_MASK2;
- c=(t < c);
- l=(t+b[2])&BN_MASK2;
- c+=(l < t);
- r[2]=l;
- if (--n <= 0) break;
-
- t=a[3];
- t=(t+c)&BN_MASK2;
- c=(t < c);
- l=(t+b[3])&BN_MASK2;
- c+=(l < t);
- r[3]=l;
- if (--n <= 0) break;
-
- a+=4;
- b+=4;
- r+=4;
- }
- return((BN_ULONG)c);
- }
-#endif /* !BN_LLONG */
-
-BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
- {
- BN_ULONG t1,t2;
- int c=0;
-
- assert(n >= 0);
- if (n <= 0) return((BN_ULONG)0);
-
- for (;;)
- {
- t1=a[0]; t2=b[0];
- r[0]=(t1-t2-c)&BN_MASK2;
- if (t1 != t2) c=(t1 < t2);
- if (--n <= 0) break;
-
- t1=a[1]; t2=b[1];
- r[1]=(t1-t2-c)&BN_MASK2;
- if (t1 != t2) c=(t1 < t2);
- if (--n <= 0) break;
-
- t1=a[2]; t2=b[2];
- r[2]=(t1-t2-c)&BN_MASK2;
- if (t1 != t2) c=(t1 < t2);
- if (--n <= 0) break;
-
- t1=a[3]; t2=b[3];
- r[3]=(t1-t2-c)&BN_MASK2;
- if (t1 != t2) c=(t1 < t2);
- if (--n <= 0) break;
-
- a+=4;
- b+=4;
- r+=4;
- }
- return(c);
- }
-
-#ifdef BN_MUL_COMBA
-
-#undef bn_mul_comba8
-#undef bn_mul_comba4
-#undef bn_sqr_comba8
-#undef bn_sqr_comba4
-
-/* mul_add_c(a,b,c0,c1,c2) -- c+=a*b for three word number c=(c2,c1,c0) */
-/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */
-/* sqr_add_c(a,i,c0,c1,c2) -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
-/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */
-
-#ifdef BN_LLONG
-#define mul_add_c(a,b,c0,c1,c2) \
- t=(BN_ULLONG)a*b; \
- t1=(BN_ULONG)Lw(t); \
- t2=(BN_ULONG)Hw(t); \
- c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
- c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define mul_add_c2(a,b,c0,c1,c2) \
- t=(BN_ULLONG)a*b; \
- tt=(t+t)&BN_MASK; \
- if (tt < t) c2++; \
- t1=(BN_ULONG)Lw(tt); \
- t2=(BN_ULONG)Hw(tt); \
- c0=(c0+t1)&BN_MASK2; \
- if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \
- c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c(a,i,c0,c1,c2) \
- t=(BN_ULLONG)a[i]*a[i]; \
- t1=(BN_ULONG)Lw(t); \
- t2=(BN_ULONG)Hw(t); \
- c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
- c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \
- mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-#elif defined(BN_UMULT_HIGH)
-
-#define mul_add_c(a,b,c0,c1,c2) { \
- BN_ULONG ta=(a),tb=(b); \
- t1 = ta * tb; \
- t2 = BN_UMULT_HIGH(ta,tb); \
- c0 += t1; t2 += (c0<t1)?1:0; \
- c1 += t2; c2 += (c1<t2)?1:0; \
- }
-
-#define mul_add_c2(a,b,c0,c1,c2) { \
- BN_ULONG ta=(a),tb=(b),t0; \
- t1 = BN_UMULT_HIGH(ta,tb); \
- t0 = ta * tb; \
- t2 = t1+t1; c2 += (t2<t1)?1:0; \
- t1 = t0+t0; t2 += (t1<t0)?1:0; \
- c0 += t1; t2 += (c0<t1)?1:0; \
- c1 += t2; c2 += (c1<t2)?1:0; \
- }
-
-#define sqr_add_c(a,i,c0,c1,c2) { \
- BN_ULONG ta=(a)[i]; \
- t1 = ta * ta; \
- t2 = BN_UMULT_HIGH(ta,ta); \
- c0 += t1; t2 += (c0<t1)?1:0; \
- c1 += t2; c2 += (c1<t2)?1:0; \
- }
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \
- mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-#else /* !BN_LLONG */
-#define mul_add_c(a,b,c0,c1,c2) \
- t1=LBITS(a); t2=HBITS(a); \
- bl=LBITS(b); bh=HBITS(b); \
- mul64(t1,t2,bl,bh); \
- c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
- c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define mul_add_c2(a,b,c0,c1,c2) \
- t1=LBITS(a); t2=HBITS(a); \
- bl=LBITS(b); bh=HBITS(b); \
- mul64(t1,t2,bl,bh); \
- if (t2 & BN_TBIT) c2++; \
- t2=(t2+t2)&BN_MASK2; \
- if (t1 & BN_TBIT) t2++; \
- t1=(t1+t1)&BN_MASK2; \
- c0=(c0+t1)&BN_MASK2; \
- if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \
- c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c(a,i,c0,c1,c2) \
- sqr64(t1,t2,(a)[i]); \
- c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \
- c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++;
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \
- mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-#endif /* !BN_LLONG */
-
-void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
- {
-#ifdef BN_LLONG
- BN_ULLONG t;
-#else
- BN_ULONG bl,bh;
-#endif
- BN_ULONG t1,t2;
- BN_ULONG c1,c2,c3;
-
- c1=0;
- c2=0;
- c3=0;
- mul_add_c(a[0],b[0],c1,c2,c3);
- r[0]=c1;
- c1=0;
- mul_add_c(a[0],b[1],c2,c3,c1);
- mul_add_c(a[1],b[0],c2,c3,c1);
- r[1]=c2;
- c2=0;
- mul_add_c(a[2],b[0],c3,c1,c2);
- mul_add_c(a[1],b[1],c3,c1,c2);
- mul_add_c(a[0],b[2],c3,c1,c2);
- r[2]=c3;
- c3=0;
- mul_add_c(a[0],b[3],c1,c2,c3);
- mul_add_c(a[1],b[2],c1,c2,c3);
- mul_add_c(a[2],b[1],c1,c2,c3);
- mul_add_c(a[3],b[0],c1,c2,c3);
- r[3]=c1;
- c1=0;
- mul_add_c(a[4],b[0],c2,c3,c1);
- mul_add_c(a[3],b[1],c2,c3,c1);
- mul_add_c(a[2],b[2],c2,c3,c1);
- mul_add_c(a[1],b[3],c2,c3,c1);
- mul_add_c(a[0],b[4],c2,c3,c1);
- r[4]=c2;
- c2=0;
- mul_add_c(a[0],b[5],c3,c1,c2);
- mul_add_c(a[1],b[4],c3,c1,c2);
- mul_add_c(a[2],b[3],c3,c1,c2);
- mul_add_c(a[3],b[2],c3,c1,c2);
- mul_add_c(a[4],b[1],c3,c1,c2);
- mul_add_c(a[5],b[0],c3,c1,c2);
- r[5]=c3;
- c3=0;
- mul_add_c(a[6],b[0],c1,c2,c3);
- mul_add_c(a[5],b[1],c1,c2,c3);
- mul_add_c(a[4],b[2],c1,c2,c3);
- mul_add_c(a[3],b[3],c1,c2,c3);
- mul_add_c(a[2],b[4],c1,c2,c3);
- mul_add_c(a[1],b[5],c1,c2,c3);
- mul_add_c(a[0],b[6],c1,c2,c3);
- r[6]=c1;
- c1=0;
- mul_add_c(a[0],b[7],c2,c3,c1);
- mul_add_c(a[1],b[6],c2,c3,c1);
- mul_add_c(a[2],b[5],c2,c3,c1);
- mul_add_c(a[3],b[4],c2,c3,c1);
- mul_add_c(a[4],b[3],c2,c3,c1);
- mul_add_c(a[5],b[2],c2,c3,c1);
- mul_add_c(a[6],b[1],c2,c3,c1);
- mul_add_c(a[7],b[0],c2,c3,c1);
- r[7]=c2;
- c2=0;
- mul_add_c(a[7],b[1],c3,c1,c2);
- mul_add_c(a[6],b[2],c3,c1,c2);
- mul_add_c(a[5],b[3],c3,c1,c2);
- mul_add_c(a[4],b[4],c3,c1,c2);
- mul_add_c(a[3],b[5],c3,c1,c2);
- mul_add_c(a[2],b[6],c3,c1,c2);
- mul_add_c(a[1],b[7],c3,c1,c2);
- r[8]=c3;
- c3=0;
- mul_add_c(a[2],b[7],c1,c2,c3);
- mul_add_c(a[3],b[6],c1,c2,c3);
- mul_add_c(a[4],b[5],c1,c2,c3);
- mul_add_c(a[5],b[4],c1,c2,c3);
- mul_add_c(a[6],b[3],c1,c2,c3);
- mul_add_c(a[7],b[2],c1,c2,c3);
- r[9]=c1;
- c1=0;
- mul_add_c(a[7],b[3],c2,c3,c1);
- mul_add_c(a[6],b[4],c2,c3,c1);
- mul_add_c(a[5],b[5],c2,c3,c1);
- mul_add_c(a[4],b[6],c2,c3,c1);
- mul_add_c(a[3],b[7],c2,c3,c1);
- r[10]=c2;
- c2=0;
- mul_add_c(a[4],b[7],c3,c1,c2);
- mul_add_c(a[5],b[6],c3,c1,c2);
- mul_add_c(a[6],b[5],c3,c1,c2);
- mul_add_c(a[7],b[4],c3,c1,c2);
- r[11]=c3;
- c3=0;
- mul_add_c(a[7],b[5],c1,c2,c3);
- mul_add_c(a[6],b[6],c1,c2,c3);
- mul_add_c(a[5],b[7],c1,c2,c3);
- r[12]=c1;
- c1=0;
- mul_add_c(a[6],b[7],c2,c3,c1);
- mul_add_c(a[7],b[6],c2,c3,c1);
- r[13]=c2;
- c2=0;
- mul_add_c(a[7],b[7],c3,c1,c2);
- r[14]=c3;
- r[15]=c1;
- }
-
-void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
- {
-#ifdef BN_LLONG
- BN_ULLONG t;
-#else
- BN_ULONG bl,bh;
-#endif
- BN_ULONG t1,t2;
- BN_ULONG c1,c2,c3;
-
- c1=0;
- c2=0;
- c3=0;
- mul_add_c(a[0],b[0],c1,c2,c3);
- r[0]=c1;
- c1=0;
- mul_add_c(a[0],b[1],c2,c3,c1);
- mul_add_c(a[1],b[0],c2,c3,c1);
- r[1]=c2;
- c2=0;
- mul_add_c(a[2],b[0],c3,c1,c2);
- mul_add_c(a[1],b[1],c3,c1,c2);
- mul_add_c(a[0],b[2],c3,c1,c2);
- r[2]=c3;
- c3=0;
- mul_add_c(a[0],b[3],c1,c2,c3);
- mul_add_c(a[1],b[2],c1,c2,c3);
- mul_add_c(a[2],b[1],c1,c2,c3);
- mul_add_c(a[3],b[0],c1,c2,c3);
- r[3]=c1;
- c1=0;
- mul_add_c(a[3],b[1],c2,c3,c1);
- mul_add_c(a[2],b[2],c2,c3,c1);
- mul_add_c(a[1],b[3],c2,c3,c1);
- r[4]=c2;
- c2=0;
- mul_add_c(a[2],b[3],c3,c1,c2);
- mul_add_c(a[3],b[2],c3,c1,c2);
- r[5]=c3;
- c3=0;
- mul_add_c(a[3],b[3],c1,c2,c3);
- r[6]=c1;
- r[7]=c2;
- }
-
-void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
- {
-#ifdef BN_LLONG
- BN_ULLONG t,tt;
-#else
- BN_ULONG bl,bh;
-#endif
- BN_ULONG t1,t2;
- BN_ULONG c1,c2,c3;
-
- c1=0;
- c2=0;
- c3=0;
- sqr_add_c(a,0,c1,c2,c3);
- r[0]=c1;
- c1=0;
- sqr_add_c2(a,1,0,c2,c3,c1);
- r[1]=c2;
- c2=0;
- sqr_add_c(a,1,c3,c1,c2);
- sqr_add_c2(a,2,0,c3,c1,c2);
- r[2]=c3;
- c3=0;
- sqr_add_c2(a,3,0,c1,c2,c3);
- sqr_add_c2(a,2,1,c1,c2,c3);
- r[3]=c1;
- c1=0;
- sqr_add_c(a,2,c2,c3,c1);
- sqr_add_c2(a,3,1,c2,c3,c1);
- sqr_add_c2(a,4,0,c2,c3,c1);
- r[4]=c2;
- c2=0;
- sqr_add_c2(a,5,0,c3,c1,c2);
- sqr_add_c2(a,4,1,c3,c1,c2);
- sqr_add_c2(a,3,2,c3,c1,c2);
- r[5]=c3;
- c3=0;
- sqr_add_c(a,3,c1,c2,c3);
- sqr_add_c2(a,4,2,c1,c2,c3);
- sqr_add_c2(a,5,1,c1,c2,c3);
- sqr_add_c2(a,6,0,c1,c2,c3);
- r[6]=c1;
- c1=0;
- sqr_add_c2(a,7,0,c2,c3,c1);
- sqr_add_c2(a,6,1,c2,c3,c1);
- sqr_add_c2(a,5,2,c2,c3,c1);
- sqr_add_c2(a,4,3,c2,c3,c1);
- r[7]=c2;
- c2=0;
- sqr_add_c(a,4,c3,c1,c2);
- sqr_add_c2(a,5,3,c3,c1,c2);
- sqr_add_c2(a,6,2,c3,c1,c2);
- sqr_add_c2(a,7,1,c3,c1,c2);
- r[8]=c3;
- c3=0;
- sqr_add_c2(a,7,2,c1,c2,c3);
- sqr_add_c2(a,6,3,c1,c2,c3);
- sqr_add_c2(a,5,4,c1,c2,c3);
- r[9]=c1;
- c1=0;
- sqr_add_c(a,5,c2,c3,c1);
- sqr_add_c2(a,6,4,c2,c3,c1);
- sqr_add_c2(a,7,3,c2,c3,c1);
- r[10]=c2;
- c2=0;
- sqr_add_c2(a,7,4,c3,c1,c2);
- sqr_add_c2(a,6,5,c3,c1,c2);
- r[11]=c3;
- c3=0;
- sqr_add_c(a,6,c1,c2,c3);
- sqr_add_c2(a,7,5,c1,c2,c3);
- r[12]=c1;
- c1=0;
- sqr_add_c2(a,7,6,c2,c3,c1);
- r[13]=c2;
- c2=0;
- sqr_add_c(a,7,c3,c1,c2);
- r[14]=c3;
- r[15]=c1;
- }
-
-void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
- {
-#ifdef BN_LLONG
- BN_ULLONG t,tt;
-#else
- BN_ULONG bl,bh;
-#endif
- BN_ULONG t1,t2;
- BN_ULONG c1,c2,c3;
-
- c1=0;
- c2=0;
- c3=0;
- sqr_add_c(a,0,c1,c2,c3);
- r[0]=c1;
- c1=0;
- sqr_add_c2(a,1,0,c2,c3,c1);
- r[1]=c2;
- c2=0;
- sqr_add_c(a,1,c3,c1,c2);
- sqr_add_c2(a,2,0,c3,c1,c2);
- r[2]=c3;
- c3=0;
- sqr_add_c2(a,3,0,c1,c2,c3);
- sqr_add_c2(a,2,1,c1,c2,c3);
- r[3]=c1;
- c1=0;
- sqr_add_c(a,2,c2,c3,c1);
- sqr_add_c2(a,3,1,c2,c3,c1);
- r[4]=c2;
- c2=0;
- sqr_add_c2(a,3,2,c3,c1,c2);
- r[5]=c3;
- c3=0;
- sqr_add_c(a,3,c1,c2,c3);
- r[6]=c1;
- r[7]=c2;
- }
-#else /* !BN_MUL_COMBA */
-
-/* hmm... is it faster just to do a multiply? */
-#undef bn_sqr_comba4
-void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
- {
- BN_ULONG t[8];
- bn_sqr_normal(r,a,4,t);
- }
-
-#undef bn_sqr_comba8
-void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
- {
- BN_ULONG t[16];
- bn_sqr_normal(r,a,8,t);
- }
-
-void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
- {
- r[4]=bn_mul_words( &(r[0]),a,4,b[0]);
- r[5]=bn_mul_add_words(&(r[1]),a,4,b[1]);
- r[6]=bn_mul_add_words(&(r[2]),a,4,b[2]);
- r[7]=bn_mul_add_words(&(r[3]),a,4,b[3]);
- }
-
-void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
- {
- r[ 8]=bn_mul_words( &(r[0]),a,8,b[0]);
- r[ 9]=bn_mul_add_words(&(r[1]),a,8,b[1]);
- r[10]=bn_mul_add_words(&(r[2]),a,8,b[2]);
- r[11]=bn_mul_add_words(&(r[3]),a,8,b[3]);
- r[12]=bn_mul_add_words(&(r[4]),a,8,b[4]);
- r[13]=bn_mul_add_words(&(r[5]),a,8,b[5]);
- r[14]=bn_mul_add_words(&(r[6]),a,8,b[6]);
- r[15]=bn_mul_add_words(&(r[7]),a,8,b[7]);
- }
-
-#endif /* !BN_MUL_COMBA */
diff --git a/src/lib/libcrypto/bn/bn_blind.c b/src/lib/libcrypto/bn/bn_blind.c
deleted file mode 100644
index 2d287e6d1b..0000000000
--- a/src/lib/libcrypto/bn/bn_blind.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/* crypto/bn/bn_blind.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-BN_BLINDING *BN_BLINDING_new(BIGNUM *A, BIGNUM *Ai, BIGNUM *mod)
- {
- BN_BLINDING *ret=NULL;
-
- bn_check_top(Ai);
- bn_check_top(mod);
-
- if ((ret=(BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL)
- {
- BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- memset(ret,0,sizeof(BN_BLINDING));
- if ((ret->A=BN_new()) == NULL) goto err;
- if ((ret->Ai=BN_new()) == NULL) goto err;
- if (!BN_copy(ret->A,A)) goto err;
- if (!BN_copy(ret->Ai,Ai)) goto err;
- ret->mod=mod;
- return(ret);
-err:
- if (ret != NULL) BN_BLINDING_free(ret);
- return(NULL);
- }
-
-void BN_BLINDING_free(BN_BLINDING *r)
- {
- if(r == NULL)
- return;
-
- if (r->A != NULL) BN_free(r->A );
- if (r->Ai != NULL) BN_free(r->Ai);
- OPENSSL_free(r);
- }
-
-int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
- {
- int ret=0;
-
- if ((b->A == NULL) || (b->Ai == NULL))
- {
- BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITIALIZED);
- goto err;
- }
-
- if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err;
- if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err;
-
- ret=1;
-err:
- return(ret);
- }
-
-int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
- {
- bn_check_top(n);
-
- if ((b->A == NULL) || (b->Ai == NULL))
- {
- BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITIALIZED);
- return(0);
- }
- return(BN_mod_mul(n,n,b->A,b->mod,ctx));
- }
-
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
- {
- int ret;
-
- bn_check_top(n);
- if ((b->A == NULL) || (b->Ai == NULL))
- {
- BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITIALIZED);
- return(0);
- }
- if ((ret=BN_mod_mul(n,n,b->Ai,b->mod,ctx)) >= 0)
- {
- if (!BN_BLINDING_update(b,ctx))
- return(0);
- }
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/bn/bn_ctx.c b/src/lib/libcrypto/bn/bn_ctx.c
deleted file mode 100644
index b1a8d7571e..0000000000
--- a/src/lib/libcrypto/bn/bn_ctx.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/* crypto/bn/bn_ctx.c */
-/* Written by Ulf Moeller for the OpenSSL project. */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef BN_CTX_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <stdio.h>
-#include <assert.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-
-
-BN_CTX *BN_CTX_new(void)
- {
- BN_CTX *ret;
-
- ret=(BN_CTX *)OPENSSL_malloc(sizeof(BN_CTX));
- if (ret == NULL)
- {
- BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
-
- BN_CTX_init(ret);
- ret->flags=BN_FLG_MALLOCED;
- return(ret);
- }
-
-void BN_CTX_init(BN_CTX *ctx)
- {
- int i;
- ctx->tos = 0;
- ctx->flags = 0;
- ctx->depth = 0;
- ctx->too_many = 0;
- for (i = 0; i < BN_CTX_NUM; i++)
- BN_init(&(ctx->bn[i]));
- }
-
-void BN_CTX_free(BN_CTX *ctx)
- {
- int i;
-
- if (ctx == NULL) return;
- assert(ctx->depth == 0);
-
- for (i=0; i < BN_CTX_NUM; i++)
- BN_clear_free(&(ctx->bn[i]));
- if (ctx->flags & BN_FLG_MALLOCED)
- OPENSSL_free(ctx);
- }
-
-void BN_CTX_start(BN_CTX *ctx)
- {
- if (ctx->depth < BN_CTX_NUM_POS)
- ctx->pos[ctx->depth] = ctx->tos;
- ctx->depth++;
- }
-
-BIGNUM *BN_CTX_get(BN_CTX *ctx)
- {
- if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM)
- {
- if (!ctx->too_many)
- {
- BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES);
- /* disable error code until BN_CTX_end is called: */
- ctx->too_many = 1;
- }
- return NULL;
- }
- return (&(ctx->bn[ctx->tos++]));
- }
-
-void BN_CTX_end(BN_CTX *ctx)
- {
- if (ctx == NULL) return;
- assert(ctx->depth > 0);
- if (ctx->depth == 0)
- /* should never happen, but we can tolerate it if not in
- * debug mode (could be a 'goto err' in the calling function
- * before BN_CTX_start was reached) */
- BN_CTX_start(ctx);
-
- ctx->too_many = 0;
- ctx->depth--;
- if (ctx->depth < BN_CTX_NUM_POS)
- ctx->tos = ctx->pos[ctx->depth];
- }
diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c
deleted file mode 100644
index c328b5b411..0000000000
--- a/src/lib/libcrypto/bn/bn_div.c
+++ /dev/null
@@ -1,381 +0,0 @@
-/* crypto/bn/bn_div.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-/* The old slow way */
-#if 0
-int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
- BN_CTX *ctx)
- {
- int i,nm,nd;
- int ret = 0;
- BIGNUM *D;
-
- bn_check_top(m);
- bn_check_top(d);
- if (BN_is_zero(d))
- {
- BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
- return(0);
- }
-
- if (BN_ucmp(m,d) < 0)
- {
- if (rem != NULL)
- { if (BN_copy(rem,m) == NULL) return(0); }
- if (dv != NULL) BN_zero(dv);
- return(1);
- }
-
- BN_CTX_start(ctx);
- D = BN_CTX_get(ctx);
- if (dv == NULL) dv = BN_CTX_get(ctx);
- if (rem == NULL) rem = BN_CTX_get(ctx);
- if (D == NULL || dv == NULL || rem == NULL)
- goto end;
-
- nd=BN_num_bits(d);
- nm=BN_num_bits(m);
- if (BN_copy(D,d) == NULL) goto end;
- if (BN_copy(rem,m) == NULL) goto end;
-
- /* The next 2 are needed so we can do a dv->d[0]|=1 later
- * since BN_lshift1 will only work once there is a value :-) */
- BN_zero(dv);
- bn_wexpand(dv,1);
- dv->top=1;
-
- if (!BN_lshift(D,D,nm-nd)) goto end;
- for (i=nm-nd; i>=0; i--)
- {
- if (!BN_lshift1(dv,dv)) goto end;
- if (BN_ucmp(rem,D) >= 0)
- {
- dv->d[0]|=1;
- if (!BN_usub(rem,rem,D)) goto end;
- }
-/* CAN IMPROVE (and have now :=) */
- if (!BN_rshift1(D,D)) goto end;
- }
- rem->neg=BN_is_zero(rem)?0:m->neg;
- dv->neg=m->neg^d->neg;
- ret = 1;
- end:
- BN_CTX_end(ctx);
- return(ret);
- }
-
-#else
-
-#if !defined(NO_ASM) && !defined(NO_INLINE_ASM) && !defined(PEDANTIC) && !defined(BN_DIV3W)
-# if defined(__GNUC__) && __GNUC__>=2
-# if defined(__i386)
- /*
- * There were two reasons for implementing this template:
- * - GNU C generates a call to a function (__udivdi3 to be exact)
- * in reply to ((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0 (I fail to
- * understand why...);
- * - divl doesn't only calculate quotient, but also leaves
- * remainder in %edx which we can definitely use here:-)
- *
- * <appro@fy.chalmers.se>
- */
-# define bn_div_words(n0,n1,d0) \
- ({ asm volatile ( \
- "divl %4" \
- : "=a"(q), "=d"(rem) \
- : "a"(n1), "d"(n0), "g"(d0) \
- : "cc"); \
- q; \
- })
-# define REMAINDER_IS_ALREADY_CALCULATED
-# endif /* __<cpu> */
-# endif /* __GNUC__ */
-#endif /* NO_ASM */
-
-int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
- BN_CTX *ctx)
- {
- int norm_shift,i,j,loop;
- BIGNUM *tmp,wnum,*snum,*sdiv,*res;
- BN_ULONG *resp,*wnump;
- BN_ULONG d0,d1;
- int num_n,div_n;
-
- bn_check_top(num);
- bn_check_top(divisor);
-
- if (BN_is_zero(divisor))
- {
- BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
- return(0);
- }
-
- if (BN_ucmp(num,divisor) < 0)
- {
- if (rm != NULL)
- { if (BN_copy(rm,num) == NULL) return(0); }
- if (dv != NULL) BN_zero(dv);
- return(1);
- }
-
- BN_CTX_start(ctx);
- tmp=BN_CTX_get(ctx);
- snum=BN_CTX_get(ctx);
- sdiv=BN_CTX_get(ctx);
- if (dv == NULL)
- res=BN_CTX_get(ctx);
- else res=dv;
- if (sdiv==NULL || res == NULL) goto err;
- tmp->neg=0;
-
- /* First we normalise the numbers */
- norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
- BN_lshift(sdiv,divisor,norm_shift);
- sdiv->neg=0;
- norm_shift+=BN_BITS2;
- BN_lshift(snum,num,norm_shift);
- snum->neg=0;
- div_n=sdiv->top;
- num_n=snum->top;
- loop=num_n-div_n;
-
- /* Lets setup a 'window' into snum
- * This is the part that corresponds to the current
- * 'area' being divided */
- BN_init(&wnum);
- wnum.d= &(snum->d[loop]);
- wnum.top= div_n;
- wnum.dmax= snum->dmax+1; /* a bit of a lie */
-
- /* Get the top 2 words of sdiv */
- /* i=sdiv->top; */
- d0=sdiv->d[div_n-1];
- d1=(div_n == 1)?0:sdiv->d[div_n-2];
-
- /* pointer to the 'top' of snum */
- wnump= &(snum->d[num_n-1]);
-
- /* Setup to 'res' */
- res->neg= (num->neg^divisor->neg);
- if (!bn_wexpand(res,(loop+1))) goto err;
- res->top=loop;
- resp= &(res->d[loop-1]);
-
- /* space for temp */
- if (!bn_wexpand(tmp,(div_n+1))) goto err;
-
- if (BN_ucmp(&wnum,sdiv) >= 0)
- {
- if (!BN_usub(&wnum,&wnum,sdiv)) goto err;
- *resp=1;
- res->d[res->top-1]=1;
- }
- else
- res->top--;
- resp--;
-
- for (i=0; i<loop-1; i++)
- {
- BN_ULONG q,l0;
-#if defined(BN_DIV3W) && !defined(NO_ASM)
- BN_ULONG bn_div_3_words(BN_ULONG*,BN_ULONG,BN_ULONG);
- q=bn_div_3_words(wnump,d1,d0);
-#else
- BN_ULONG n0,n1,rem=0;
-
- n0=wnump[0];
- n1=wnump[-1];
- if (n0 == d0)
- q=BN_MASK2;
- else /* n0 < d0 */
- {
-#ifdef BN_LLONG
- BN_ULLONG t2;
-
-#if defined(BN_LLONG) && defined(BN_DIV2W) && !defined(bn_div_words)
- q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0);
-#else
- q=bn_div_words(n0,n1,d0);
-#endif
-
-#ifndef REMAINDER_IS_ALREADY_CALCULATED
- /*
- * rem doesn't have to be BN_ULLONG. The least we
- * know it's less that d0, isn't it?
- */
- rem=(n1-q*d0)&BN_MASK2;
-#endif
- t2=(BN_ULLONG)d1*q;
-
- for (;;)
- {
- if (t2 <= ((((BN_ULLONG)rem)<<BN_BITS2)|wnump[-2]))
- break;
- q--;
- rem += d0;
- if (rem < d0) break; /* don't let rem overflow */
- t2 -= d1;
- }
-#else /* !BN_LLONG */
- BN_ULONG t2l,t2h,ql,qh;
-
- q=bn_div_words(n0,n1,d0);
-#ifndef REMAINDER_IS_ALREADY_CALCULATED
- rem=(n1-q*d0)&BN_MASK2;
-#endif
-
-#ifdef BN_UMULT_HIGH
- t2l = d1 * q;
- t2h = BN_UMULT_HIGH(d1,q);
-#else
- t2l=LBITS(d1); t2h=HBITS(d1);
- ql =LBITS(q); qh =HBITS(q);
- mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */
-#endif
-
- for (;;)
- {
- if ((t2h < rem) ||
- ((t2h == rem) && (t2l <= wnump[-2])))
- break;
- q--;
- rem += d0;
- if (rem < d0) break; /* don't let rem overflow */
- if (t2l < d1) t2h--; t2l -= d1;
- }
-#endif /* !BN_LLONG */
- }
-#endif /* !BN_DIV3W */
-
- l0=bn_mul_words(tmp->d,sdiv->d,div_n,q);
- wnum.d--; wnum.top++;
- tmp->d[div_n]=l0;
- for (j=div_n+1; j>0; j--)
- if (tmp->d[j-1]) break;
- tmp->top=j;
-
- j=wnum.top;
- BN_sub(&wnum,&wnum,tmp);
-
- snum->top=snum->top+wnum.top-j;
-
- if (wnum.neg)
- {
- q--;
- j=wnum.top;
- BN_add(&wnum,&wnum,sdiv);
- snum->top+=wnum.top-j;
- }
- *(resp--)=q;
- wnump--;
- }
- if (rm != NULL)
- {
- BN_rshift(rm,snum,norm_shift);
- rm->neg=num->neg;
- }
- BN_CTX_end(ctx);
- return(1);
-err:
- BN_CTX_end(ctx);
- return(0);
- }
-
-#endif
-
-/* rem != m */
-int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
- {
-#if 0 /* The old slow way */
- int i,nm,nd;
- BIGNUM *dv;
-
- if (BN_ucmp(m,d) < 0)
- return((BN_copy(rem,m) == NULL)?0:1);
-
- BN_CTX_start(ctx);
- dv=BN_CTX_get(ctx);
-
- if (!BN_copy(rem,m)) goto err;
-
- nm=BN_num_bits(rem);
- nd=BN_num_bits(d);
- if (!BN_lshift(dv,d,nm-nd)) goto err;
- for (i=nm-nd; i>=0; i--)
- {
- if (BN_cmp(rem,dv) >= 0)
- {
- if (!BN_sub(rem,rem,dv)) goto err;
- }
- if (!BN_rshift1(dv,dv)) goto err;
- }
- BN_CTX_end(ctx);
- return(1);
- err:
- BN_CTX_end(ctx);
- return(0);
-#else
- return(BN_div(NULL,rem,m,d,ctx));
-#endif
- }
-
diff --git a/src/lib/libcrypto/bn/bn_err.c b/src/lib/libcrypto/bn/bn_err.c
deleted file mode 100644
index adc6a214fc..0000000000
--- a/src/lib/libcrypto/bn/bn_err.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* crypto/bn/bn_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA BN_str_functs[]=
- {
-{ERR_PACK(0,BN_F_BN_BLINDING_CONVERT,0), "BN_BLINDING_convert"},
-{ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0), "BN_BLINDING_invert"},
-{ERR_PACK(0,BN_F_BN_BLINDING_NEW,0), "BN_BLINDING_new"},
-{ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0), "BN_BLINDING_update"},
-{ERR_PACK(0,BN_F_BN_BN2DEC,0), "BN_bn2dec"},
-{ERR_PACK(0,BN_F_BN_BN2HEX,0), "BN_bn2hex"},
-{ERR_PACK(0,BN_F_BN_CTX_GET,0), "BN_CTX_get"},
-{ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"},
-{ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"},
-{ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"},
-{ERR_PACK(0,BN_F_BN_MOD_EXP2_MONT,0), "BN_mod_exp2_mont"},
-{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0), "BN_mod_exp_mont"},
-{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT_WORD,0), "BN_mod_exp_mont_word"},
-{ERR_PACK(0,BN_F_BN_MOD_INVERSE,0), "BN_mod_inverse"},
-{ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0), "BN_mod_mul_reciprocal"},
-{ERR_PACK(0,BN_F_BN_MPI2BN,0), "BN_mpi2bn"},
-{ERR_PACK(0,BN_F_BN_NEW,0), "BN_new"},
-{ERR_PACK(0,BN_F_BN_RAND,0), "BN_rand"},
-{ERR_PACK(0,BN_F_BN_RAND_RANGE,0), "BN_rand_range"},
-{ERR_PACK(0,BN_F_BN_USUB,0), "BN_usub"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA BN_str_reasons[]=
- {
-{BN_R_ARG2_LT_ARG3 ,"arg2 lt arg3"},
-{BN_R_BAD_RECIPROCAL ,"bad reciprocal"},
-{BN_R_BIGNUM_TOO_LONG ,"bignum too long"},
-{BN_R_CALLED_WITH_EVEN_MODULUS ,"called with even modulus"},
-{BN_R_DIV_BY_ZERO ,"div by zero"},
-{BN_R_ENCODING_ERROR ,"encoding error"},
-{BN_R_EXPAND_ON_STATIC_BIGNUM_DATA ,"expand on static bignum data"},
-{BN_R_INVALID_LENGTH ,"invalid length"},
-{BN_R_INVALID_RANGE ,"invalid range"},
-{BN_R_NOT_INITIALIZED ,"not initialized"},
-{BN_R_NO_INVERSE ,"no inverse"},
-{BN_R_TOO_MANY_TEMPORARY_VARIABLES ,"too many temporary variables"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_BN_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_BN,BN_str_functs);
- ERR_load_strings(ERR_LIB_BN,BN_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c
deleted file mode 100644
index d2c91628ac..0000000000
--- a/src/lib/libcrypto/bn/bn_exp.c
+++ /dev/null
@@ -1,696 +0,0 @@
-/* crypto/bn/bn_exp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define TABLE_SIZE 32
-
-/* slow but works */
-int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
- {
- BIGNUM *t;
- int r=0;
-
- bn_check_top(a);
- bn_check_top(b);
- bn_check_top(m);
-
- BN_CTX_start(ctx);
- if ((t = BN_CTX_get(ctx)) == NULL) goto err;
- if (a == b)
- { if (!BN_sqr(t,a,ctx)) goto err; }
- else
- { if (!BN_mul(t,a,b,ctx)) goto err; }
- if (!BN_mod(ret,t,m,ctx)) goto err;
- r=1;
-err:
- BN_CTX_end(ctx);
- return(r);
- }
-
-
-/* this one works - simple but works */
-int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx)
- {
- int i,bits,ret=0;
- BIGNUM *v,*rr;
-
- BN_CTX_start(ctx);
- if ((r == a) || (r == p))
- rr = BN_CTX_get(ctx);
- else
- rr = r;
- if ((v = BN_CTX_get(ctx)) == NULL) goto err;
-
- if (BN_copy(v,a) == NULL) goto err;
- bits=BN_num_bits(p);
-
- if (BN_is_odd(p))
- { if (BN_copy(rr,a) == NULL) goto err; }
- else { if (!BN_one(rr)) goto err; }
-
- for (i=1; i<bits; i++)
- {
- if (!BN_sqr(v,v,ctx)) goto err;
- if (BN_is_bit_set(p,i))
- {
- if (!BN_mul(rr,rr,v,ctx)) goto err;
- }
- }
- ret=1;
-err:
- if (r != rr) BN_copy(r,rr);
- BN_CTX_end(ctx);
- return(ret);
- }
-
-
-int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
- BN_CTX *ctx)
- {
- int ret;
-
- bn_check_top(a);
- bn_check_top(p);
- bn_check_top(m);
-
-#ifdef MONT_MUL_MOD
- /* I have finally been able to take out this pre-condition of
- * the top bit being set. It was caused by an error in BN_div
- * with negatives. There was also another problem when for a^b%m
- * a >= m. eay 07-May-97 */
-/* if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
-
- if (BN_is_odd(m))
- {
- if (a->top == 1)
- {
- BN_ULONG A = a->d[0];
- ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL);
- }
- else
- ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL);
- }
- else
-#endif
-#ifdef RECP_MUL_MOD
- { ret=BN_mod_exp_recp(r,a,p,m,ctx); }
-#else
- { ret=BN_mod_exp_simple(r,a,p,m,ctx); }
-#endif
-
- return(ret);
- }
-
-
-int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
- {
- int i,j,bits,ret=0,wstart,wend,window,wvalue;
- int start=1,ts=0;
- BIGNUM *aa;
- BIGNUM val[TABLE_SIZE];
- BN_RECP_CTX recp;
-
- bits=BN_num_bits(p);
-
- if (bits == 0)
- {
- BN_one(r);
- return(1);
- }
-
- BN_CTX_start(ctx);
- if ((aa = BN_CTX_get(ctx)) == NULL) goto err;
-
- BN_RECP_CTX_init(&recp);
- if (BN_RECP_CTX_set(&recp,m,ctx) <= 0) goto err;
-
- BN_init(&(val[0]));
- ts=1;
-
- if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */
-
- window = BN_window_bits_for_exponent_size(bits);
- if (window > 1)
- {
- if (!BN_mod_mul_reciprocal(aa,&(val[0]),&(val[0]),&recp,ctx))
- goto err; /* 2 */
- j=1<<(window-1);
- for (i=1; i<j; i++)
- {
- BN_init(&val[i]);
- if (!BN_mod_mul_reciprocal(&(val[i]),&(val[i-1]),aa,&recp,ctx))
- goto err;
- }
- ts=i;
- }
-
- start=1; /* This is used to avoid multiplication etc
- * when there is only the value '1' in the
- * buffer. */
- wvalue=0; /* The 'value' of the window */
- wstart=bits-1; /* The top bit of the window */
- wend=0; /* The bottom bit of the window */
-
- if (!BN_one(r)) goto err;
-
- for (;;)
- {
- if (BN_is_bit_set(p,wstart) == 0)
- {
- if (!start)
- if (!BN_mod_mul_reciprocal(r,r,r,&recp,ctx))
- goto err;
- if (wstart == 0) break;
- wstart--;
- continue;
- }
- /* We now have wstart on a 'set' bit, we now need to work out
- * how bit a window to do. To do this we need to scan
- * forward until the last set bit before the end of the
- * window */
- j=wstart;
- wvalue=1;
- wend=0;
- for (i=1; i<window; i++)
- {
- if (wstart-i < 0) break;
- if (BN_is_bit_set(p,wstart-i))
- {
- wvalue<<=(i-wend);
- wvalue|=1;
- wend=i;
- }
- }
-
- /* wend is the size of the current window */
- j=wend+1;
- /* add the 'bytes above' */
- if (!start)
- for (i=0; i<j; i++)
- {
- if (!BN_mod_mul_reciprocal(r,r,r,&recp,ctx))
- goto err;
- }
-
- /* wvalue will be an odd number < 2^window */
- if (!BN_mod_mul_reciprocal(r,r,&(val[wvalue>>1]),&recp,ctx))
- goto err;
-
- /* move the 'window' down further */
- wstart-=wend+1;
- wvalue=0;
- start=0;
- if (wstart < 0) break;
- }
- ret=1;
-err:
- BN_CTX_end(ctx);
- for (i=0; i<ts; i++)
- BN_clear_free(&(val[i]));
- BN_RECP_CTX_free(&recp);
- return(ret);
- }
-
-
-int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
- {
- int i,j,bits,ret=0,wstart,wend,window,wvalue;
- int start=1,ts=0;
- BIGNUM *d,*r;
- BIGNUM *aa;
- BIGNUM val[TABLE_SIZE];
- BN_MONT_CTX *mont=NULL;
-
- bn_check_top(a);
- bn_check_top(p);
- bn_check_top(m);
-
- if (!(m->d[0] & 1))
- {
- BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
- return(0);
- }
- bits=BN_num_bits(p);
- if (bits == 0)
- {
- BN_one(rr);
- return(1);
- }
- BN_CTX_start(ctx);
- d = BN_CTX_get(ctx);
- r = BN_CTX_get(ctx);
- if (d == NULL || r == NULL) goto err;
-
- /* If this is not done, things will break in the montgomery
- * part */
-
- if (in_mont != NULL)
- mont=in_mont;
- else
- {
- if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
- if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
- }
-
- BN_init(&val[0]);
- ts=1;
- if (BN_ucmp(a,m) >= 0)
- {
- if (!BN_mod(&(val[0]),a,m,ctx))
- goto err;
- aa= &(val[0]);
- }
- else
- aa=a;
- if (!BN_to_montgomery(&(val[0]),aa,mont,ctx)) goto err; /* 1 */
-
- window = BN_window_bits_for_exponent_size(bits);
- if (window > 1)
- {
- if (!BN_mod_mul_montgomery(d,&(val[0]),&(val[0]),mont,ctx)) goto err; /* 2 */
- j=1<<(window-1);
- for (i=1; i<j; i++)
- {
- BN_init(&(val[i]));
- if (!BN_mod_mul_montgomery(&(val[i]),&(val[i-1]),d,mont,ctx))
- goto err;
- }
- ts=i;
- }
-
- start=1; /* This is used to avoid multiplication etc
- * when there is only the value '1' in the
- * buffer. */
- wvalue=0; /* The 'value' of the window */
- wstart=bits-1; /* The top bit of the window */
- wend=0; /* The bottom bit of the window */
-
- if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
- for (;;)
- {
- if (BN_is_bit_set(p,wstart) == 0)
- {
- if (!start)
- {
- if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
- goto err;
- }
- if (wstart == 0) break;
- wstart--;
- continue;
- }
- /* We now have wstart on a 'set' bit, we now need to work out
- * how bit a window to do. To do this we need to scan
- * forward until the last set bit before the end of the
- * window */
- j=wstart;
- wvalue=1;
- wend=0;
- for (i=1; i<window; i++)
- {
- if (wstart-i < 0) break;
- if (BN_is_bit_set(p,wstart-i))
- {
- wvalue<<=(i-wend);
- wvalue|=1;
- wend=i;
- }
- }
-
- /* wend is the size of the current window */
- j=wend+1;
- /* add the 'bytes above' */
- if (!start)
- for (i=0; i<j; i++)
- {
- if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
- goto err;
- }
-
- /* wvalue will be an odd number < 2^window */
- if (!BN_mod_mul_montgomery(r,r,&(val[wvalue>>1]),mont,ctx))
- goto err;
-
- /* move the 'window' down further */
- wstart-=wend+1;
- wvalue=0;
- start=0;
- if (wstart < 0) break;
- }
- if (!BN_from_montgomery(rr,r,mont,ctx)) goto err;
- ret=1;
-err:
- if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
- BN_CTX_end(ctx);
- for (i=0; i<ts; i++)
- BN_clear_free(&(val[i]));
- return(ret);
- }
-
-int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
- {
- BN_MONT_CTX *mont = NULL;
- int b, bits, ret=0;
- int r_is_one;
- BN_ULONG w, next_w;
- BIGNUM *d, *r, *t;
- BIGNUM *swap_tmp;
-#define BN_MOD_MUL_WORD(r, w, m) \
- (BN_mul_word(r, (w)) && \
- (/* BN_ucmp(r, (m)) < 0 ? 1 :*/ \
- (BN_mod(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))
- /* BN_MOD_MUL_WORD is only used with 'w' large,
- * so the BN_ucmp test is probably more overhead
- * than always using BN_mod (which uses BN_copy if
- * a similar test returns true). */
-#define BN_TO_MONTGOMERY_WORD(r, w, mont) \
- (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
-
- bn_check_top(p);
- bn_check_top(m);
-
- if (!(m->d[0] & 1))
- {
- BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS);
- return(0);
- }
- bits = BN_num_bits(p);
- if (bits == 0)
- {
- BN_one(rr);
- return(1);
- }
- BN_CTX_start(ctx);
- d = BN_CTX_get(ctx);
- r = BN_CTX_get(ctx);
- t = BN_CTX_get(ctx);
- if (d == NULL || r == NULL || t == NULL) goto err;
-
- if (in_mont != NULL)
- mont=in_mont;
- else
- {
- if ((mont = BN_MONT_CTX_new()) == NULL) goto err;
- if (!BN_MONT_CTX_set(mont, m, ctx)) goto err;
- }
-
- r_is_one = 1; /* except for Montgomery factor */
-
- /* bits-1 >= 0 */
-
- /* The result is accumulated in the product r*w. */
- w = a; /* bit 'bits-1' of 'p' is always set */
- for (b = bits-2; b >= 0; b--)
- {
- /* First, square r*w. */
- next_w = w*w;
- if ((next_w/w) != w) /* overflow */
- {
- if (r_is_one)
- {
- if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err;
- r_is_one = 0;
- }
- else
- {
- if (!BN_MOD_MUL_WORD(r, w, m)) goto err;
- }
- next_w = 1;
- }
- w = next_w;
- if (!r_is_one)
- {
- if (!BN_mod_mul_montgomery(r, r, r, mont, ctx)) goto err;
- }
-
- /* Second, multiply r*w by 'a' if exponent bit is set. */
- if (BN_is_bit_set(p, b))
- {
- next_w = w*a;
- if ((next_w/a) != w) /* overflow */
- {
- if (r_is_one)
- {
- if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err;
- r_is_one = 0;
- }
- else
- {
- if (!BN_MOD_MUL_WORD(r, w, m)) goto err;
- }
- next_w = a;
- }
- w = next_w;
- }
- }
-
- /* Finally, set r:=r*w. */
- if (w != 1)
- {
- if (r_is_one)
- {
- if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err;
- r_is_one = 0;
- }
- else
- {
- if (!BN_MOD_MUL_WORD(r, w, m)) goto err;
- }
- }
-
- if (r_is_one) /* can happen only if a == 1*/
- {
- if (!BN_one(rr)) goto err;
- }
- else
- {
- if (!BN_from_montgomery(rr, r, mont, ctx)) goto err;
- }
- ret = 1;
-err:
- if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
- BN_CTX_end(ctx);
- return(ret);
- }
-
-
-/* The old fallback, simple version :-) */
-int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,
- BN_CTX *ctx)
- {
- int i,j,bits,ret=0,wstart,wend,window,wvalue,ts=0;
- int start=1;
- BIGNUM *d;
- BIGNUM val[TABLE_SIZE];
-
- bits=BN_num_bits(p);
-
- if (bits == 0)
- {
- BN_one(r);
- return(1);
- }
-
- BN_CTX_start(ctx);
- if ((d = BN_CTX_get(ctx)) == NULL) goto err;
-
- BN_init(&(val[0]));
- ts=1;
- if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */
-
- window = BN_window_bits_for_exponent_size(bits);
- if (window > 1)
- {
- if (!BN_mod_mul(d,&(val[0]),&(val[0]),m,ctx))
- goto err; /* 2 */
- j=1<<(window-1);
- for (i=1; i<j; i++)
- {
- BN_init(&(val[i]));
- if (!BN_mod_mul(&(val[i]),&(val[i-1]),d,m,ctx))
- goto err;
- }
- ts=i;
- }
-
- start=1; /* This is used to avoid multiplication etc
- * when there is only the value '1' in the
- * buffer. */
- wvalue=0; /* The 'value' of the window */
- wstart=bits-1; /* The top bit of the window */
- wend=0; /* The bottom bit of the window */
-
- if (!BN_one(r)) goto err;
-
- for (;;)
- {
- if (BN_is_bit_set(p,wstart) == 0)
- {
- if (!start)
- if (!BN_mod_mul(r,r,r,m,ctx))
- goto err;
- if (wstart == 0) break;
- wstart--;
- continue;
- }
- /* We now have wstart on a 'set' bit, we now need to work out
- * how bit a window to do. To do this we need to scan
- * forward until the last set bit before the end of the
- * window */
- j=wstart;
- wvalue=1;
- wend=0;
- for (i=1; i<window; i++)
- {
- if (wstart-i < 0) break;
- if (BN_is_bit_set(p,wstart-i))
- {
- wvalue<<=(i-wend);
- wvalue|=1;
- wend=i;
- }
- }
-
- /* wend is the size of the current window */
- j=wend+1;
- /* add the 'bytes above' */
- if (!start)
- for (i=0; i<j; i++)
- {
- if (!BN_mod_mul(r,r,r,m,ctx))
- goto err;
- }
-
- /* wvalue will be an odd number < 2^window */
- if (!BN_mod_mul(r,r,&(val[wvalue>>1]),m,ctx))
- goto err;
-
- /* move the 'window' down further */
- wstart-=wend+1;
- wvalue=0;
- start=0;
- if (wstart < 0) break;
- }
- ret=1;
-err:
- BN_CTX_end(ctx);
- for (i=0; i<ts; i++)
- BN_clear_free(&(val[i]));
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/bn/bn_exp2.c b/src/lib/libcrypto/bn/bn_exp2.c
deleted file mode 100644
index 29029f4c72..0000000000
--- a/src/lib/libcrypto/bn/bn_exp2.c
+++ /dev/null
@@ -1,300 +0,0 @@
-/* crypto/bn/bn_exp2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define TABLE_SIZE 32
-
-int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2,
- BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
- {
- int i,j,bits,b,bits1,bits2,ret=0,wpos1,wpos2,window1,window2,wvalue1,wvalue2;
- int r_is_one=1,ts1=0,ts2=0;
- BIGNUM *d,*r;
- BIGNUM *a_mod_m;
- BIGNUM val1[TABLE_SIZE], val2[TABLE_SIZE];
- BN_MONT_CTX *mont=NULL;
-
- bn_check_top(a1);
- bn_check_top(p1);
- bn_check_top(a2);
- bn_check_top(p2);
- bn_check_top(m);
-
- if (!(m->d[0] & 1))
- {
- BNerr(BN_F_BN_MOD_EXP2_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
- return(0);
- }
- bits1=BN_num_bits(p1);
- bits2=BN_num_bits(p2);
- if ((bits1 == 0) && (bits2 == 0))
- {
- BN_one(rr);
- return(1);
- }
- bits=(bits1 > bits2)?bits1:bits2;
-
- BN_CTX_start(ctx);
- d = BN_CTX_get(ctx);
- r = BN_CTX_get(ctx);
- if (d == NULL || r == NULL) goto err;
-
- if (in_mont != NULL)
- mont=in_mont;
- else
- {
- if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
- if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
- }
-
- window1 = BN_window_bits_for_exponent_size(bits1);
- window2 = BN_window_bits_for_exponent_size(bits2);
-
- /*
- * Build table for a1: val1[i] := a1^(2*i + 1) mod m for i = 0 .. 2^(window1-1)
- */
- BN_init(&val1[0]);
- ts1=1;
- if (BN_ucmp(a1,m) >= 0)
- {
- if (!BN_mod(&(val1[0]),a1,m,ctx))
- goto err;
- a_mod_m = &(val1[0]);
- }
- else
- a_mod_m = a1;
- if (!BN_to_montgomery(&(val1[0]),a_mod_m,mont,ctx)) goto err;
- if (window1 > 1)
- {
- if (!BN_mod_mul_montgomery(d,&(val1[0]),&(val1[0]),mont,ctx)) goto err;
-
- j=1<<(window1-1);
- for (i=1; i<j; i++)
- {
- BN_init(&(val1[i]));
- if (!BN_mod_mul_montgomery(&(val1[i]),&(val1[i-1]),d,mont,ctx))
- goto err;
- }
- ts1=i;
- }
-
-
- /*
- * Build table for a2: val2[i] := a2^(2*i + 1) mod m for i = 0 .. 2^(window2-1)
- */
- BN_init(&val2[0]);
- ts2=1;
- if (BN_ucmp(a2,m) >= 0)
- {
- if (!BN_mod(&(val2[0]),a2,m,ctx))
- goto err;
- a_mod_m = &(val2[0]);
- }
- else
- a_mod_m = a2;
- if (!BN_to_montgomery(&(val2[0]),a_mod_m,mont,ctx)) goto err;
- if (window2 > 1)
- {
- if (!BN_mod_mul_montgomery(d,&(val2[0]),&(val2[0]),mont,ctx)) goto err;
-
- j=1<<(window2-1);
- for (i=1; i<j; i++)
- {
- BN_init(&(val2[i]));
- if (!BN_mod_mul_montgomery(&(val2[i]),&(val2[i-1]),d,mont,ctx))
- goto err;
- }
- ts2=i;
- }
-
-
- /* Now compute the power product, using independent windows. */
- r_is_one=1;
- wvalue1=0; /* The 'value' of the first window */
- wvalue2=0; /* The 'value' of the second window */
- wpos1=0; /* If wvalue1 > 0, the bottom bit of the first window */
- wpos2=0; /* If wvalue2 > 0, the bottom bit of the second window */
-
- if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
- for (b=bits-1; b>=0; b--)
- {
- if (!r_is_one)
- {
- if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
- goto err;
- }
-
- if (!wvalue1)
- if (BN_is_bit_set(p1, b))
- {
- /* consider bits b-window1+1 .. b for this window */
- i = b-window1+1;
- while (!BN_is_bit_set(p1, i)) /* works for i<0 */
- i++;
- wpos1 = i;
- wvalue1 = 1;
- for (i = b-1; i >= wpos1; i--)
- {
- wvalue1 <<= 1;
- if (BN_is_bit_set(p1, i))
- wvalue1++;
- }
- }
-
- if (!wvalue2)
- if (BN_is_bit_set(p2, b))
- {
- /* consider bits b-window2+1 .. b for this window */
- i = b-window2+1;
- while (!BN_is_bit_set(p2, i))
- i++;
- wpos2 = i;
- wvalue2 = 1;
- for (i = b-1; i >= wpos2; i--)
- {
- wvalue2 <<= 1;
- if (BN_is_bit_set(p2, i))
- wvalue2++;
- }
- }
-
- if (wvalue1 && b == wpos1)
- {
- /* wvalue1 is odd and < 2^window1 */
- if (!BN_mod_mul_montgomery(r,r,&(val1[wvalue1>>1]),mont,ctx))
- goto err;
- wvalue1 = 0;
- r_is_one = 0;
- }
-
- if (wvalue2 && b == wpos2)
- {
- /* wvalue2 is odd and < 2^window2 */
- if (!BN_mod_mul_montgomery(r,r,&(val2[wvalue2>>1]),mont,ctx))
- goto err;
- wvalue2 = 0;
- r_is_one = 0;
- }
- }
- BN_from_montgomery(rr,r,mont,ctx);
- ret=1;
-err:
- if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
- BN_CTX_end(ctx);
- for (i=0; i<ts1; i++)
- BN_clear_free(&(val1[i]));
- for (i=0; i<ts2; i++)
- BN_clear_free(&(val2[i]));
- return(ret);
- }
diff --git a/src/lib/libcrypto/bn/bn_gcd.c b/src/lib/libcrypto/bn/bn_gcd.c
deleted file mode 100644
index 398207196b..0000000000
--- a/src/lib/libcrypto/bn/bn_gcd.c
+++ /dev/null
@@ -1,210 +0,0 @@
-/* crypto/bn/bn_gcd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
-
-int BN_gcd(BIGNUM *r, BIGNUM *in_a, BIGNUM *in_b, BN_CTX *ctx)
- {
- BIGNUM *a,*b,*t;
- int ret=0;
-
- bn_check_top(in_a);
- bn_check_top(in_b);
-
- BN_CTX_start(ctx);
- a = BN_CTX_get(ctx);
- b = BN_CTX_get(ctx);
- if (a == NULL || b == NULL) goto err;
-
- if (BN_copy(a,in_a) == NULL) goto err;
- if (BN_copy(b,in_b) == NULL) goto err;
-
- if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; }
- t=euclid(a,b);
- if (t == NULL) goto err;
-
- if (BN_copy(r,t) == NULL) goto err;
- ret=1;
-err:
- BN_CTX_end(ctx);
- return(ret);
- }
-
-static BIGNUM *euclid(BIGNUM *a, BIGNUM *b)
- {
- BIGNUM *t;
- int shifts=0;
-
- bn_check_top(a);
- bn_check_top(b);
-
- for (;;)
- {
- if (BN_is_zero(b))
- break;
-
- if (BN_is_odd(a))
- {
- if (BN_is_odd(b))
- {
- if (!BN_sub(a,a,b)) goto err;
- if (!BN_rshift1(a,a)) goto err;
- if (BN_cmp(a,b) < 0)
- { t=a; a=b; b=t; }
- }
- else /* a odd - b even */
- {
- if (!BN_rshift1(b,b)) goto err;
- if (BN_cmp(a,b) < 0)
- { t=a; a=b; b=t; }
- }
- }
- else /* a is even */
- {
- if (BN_is_odd(b))
- {
- if (!BN_rshift1(a,a)) goto err;
- if (BN_cmp(a,b) < 0)
- { t=a; a=b; b=t; }
- }
- else /* a even - b even */
- {
- if (!BN_rshift1(a,a)) goto err;
- if (!BN_rshift1(b,b)) goto err;
- shifts++;
- }
- }
- }
- if (shifts)
- {
- if (!BN_lshift(a,a,shifts)) goto err;
- }
- return(a);
-err:
- return(NULL);
- }
-
-/* solves ax == 1 (mod n) */
-BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
- {
- BIGNUM *A,*B,*X,*Y,*M,*D,*R=NULL;
- BIGNUM *T,*ret=NULL;
- int sign;
-
- bn_check_top(a);
- bn_check_top(n);
-
- BN_CTX_start(ctx);
- A = BN_CTX_get(ctx);
- B = BN_CTX_get(ctx);
- X = BN_CTX_get(ctx);
- D = BN_CTX_get(ctx);
- M = BN_CTX_get(ctx);
- Y = BN_CTX_get(ctx);
- if (Y == NULL) goto err;
-
- if (in == NULL)
- R=BN_new();
- else
- R=in;
- if (R == NULL) goto err;
-
- BN_zero(X);
- BN_one(Y);
- if (BN_copy(A,a) == NULL) goto err;
- if (BN_copy(B,n) == NULL) goto err;
- sign=1;
-
- while (!BN_is_zero(B))
- {
- if (!BN_div(D,M,A,B,ctx)) goto err;
- T=A;
- A=B;
- B=M;
- /* T has a struct, M does not */
-
- if (!BN_mul(T,D,X,ctx)) goto err;
- if (!BN_add(T,T,Y)) goto err;
- M=Y;
- Y=X;
- X=T;
- sign= -sign;
- }
- if (sign < 0)
- {
- if (!BN_sub(Y,n,Y)) goto err;
- }
-
- if (BN_is_one(A))
- { if (!BN_mod(R,Y,n,ctx)) goto err; }
- else
- {
- BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE);
- goto err;
- }
- ret=R;
-err:
- if ((ret == NULL) && (in == NULL)) BN_free(R);
- BN_CTX_end(ctx);
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/bn/bn_lcl.h b/src/lib/libcrypto/bn/bn_lcl.h
deleted file mode 100644
index 9c959921b4..0000000000
--- a/src/lib/libcrypto/bn/bn_lcl.h
+++ /dev/null
@@ -1,419 +0,0 @@
-/* crypto/bn/bn_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_BN_LCL_H
-#define HEADER_BN_LCL_H
-
-#include <openssl/bn.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-
-/*
- * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions
- *
- *
- * For window size 'w' (w >= 2) and a random 'b' bits exponent,
- * the number of multiplications is a constant plus on average
- *
- * 2^(w-1) + (b-w)/(w+1);
- *
- * here 2^(w-1) is for precomputing the table (we actually need
- * entries only for windows that have the lowest bit set), and
- * (b-w)/(w+1) is an approximation for the expected number of
- * w-bit windows, not counting the first one.
- *
- * Thus we should use
- *
- * w >= 6 if b > 671
- * w = 5 if 671 > b > 239
- * w = 4 if 239 > b > 79
- * w = 3 if 79 > b > 23
- * w <= 2 if 23 > b
- *
- * (with draws in between). Very small exponents are often selected
- * with low Hamming weight, so we use w = 1 for b <= 23.
- */
-#if 1
-#define BN_window_bits_for_exponent_size(b) \
- ((b) > 671 ? 6 : \
- (b) > 239 ? 5 : \
- (b) > 79 ? 4 : \
- (b) > 23 ? 3 : 1)
-#else
-/* Old SSLeay/OpenSSL table.
- * Maximum window size was 5, so this table differs for b==1024;
- * but it coincides for other interesting values (b==160, b==512).
- */
-#define BN_window_bits_for_exponent_size(b) \
- ((b) > 255 ? 5 : \
- (b) > 127 ? 4 : \
- (b) > 17 ? 3 : 1)
-#endif
-
-
-
-/* Pentium pro 16,16,16,32,64 */
-/* Alpha 16,16,16,16.64 */
-#define BN_MULL_SIZE_NORMAL (16) /* 32 */
-#define BN_MUL_RECURSIVE_SIZE_NORMAL (16) /* 32 less than */
-#define BN_SQR_RECURSIVE_SIZE_NORMAL (16) /* 32 */
-#define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL (32) /* 32 */
-#define BN_MONT_CTX_SET_SIZE_WORD (64) /* 32 */
-
-#if !defined(NO_ASM) && !defined(NO_INLINE_ASM) && !defined(PEDANTIC)
-/*
- * BN_UMULT_HIGH section.
- *
- * No, I'm not trying to overwhelm you when stating that the
- * product of N-bit numbers is 2*N bits wide:-) No, I don't expect
- * you to be impressed when I say that if the compiler doesn't
- * support 2*N integer type, then you have to replace every N*N
- * multiplication with 4 (N/2)*(N/2) accompanied by some shifts
- * and additions which unavoidably results in severe performance
- * penalties. Of course provided that the hardware is capable of
- * producing 2*N result... That's when you normally start
- * considering assembler implementation. However! It should be
- * pointed out that some CPUs (most notably Alpha, PowerPC and
- * upcoming IA-64 family:-) provide *separate* instruction
- * calculating the upper half of the product placing the result
- * into a general purpose register. Now *if* the compiler supports
- * inline assembler, then it's not impossible to implement the
- * "bignum" routines (and have the compiler optimize 'em)
- * exhibiting "native" performance in C. That's what BN_UMULT_HIGH
- * macro is about:-)
- *
- * <appro@fy.chalmers.se>
- */
-# if defined(__alpha) && (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
-# if defined(__DECC)
-# include <c_asm.h>
-# define BN_UMULT_HIGH(a,b) (BN_ULONG)asm("umulh %a0,%a1,%v0",(a),(b))
-# elif defined(__GNUC__)
-# define BN_UMULT_HIGH(a,b) ({ \
- register BN_ULONG ret; \
- asm ("umulh %1,%2,%0" \
- : "=r"(ret) \
- : "r"(a), "r"(b)); \
- ret; })
-# endif /* compiler */
-# elif defined(_ARCH_PPC) && defined(__64BIT__) && defined(SIXTY_FOUR_BIT_LONG)
-# if defined(__GNUC__)
-# define BN_UMULT_HIGH(a,b) ({ \
- register BN_ULONG ret; \
- asm ("mulhdu %0,%1,%2" \
- : "=r"(ret) \
- : "r"(a), "r"(b)); \
- ret; })
-# endif /* compiler */
-# endif /* cpu */
-#endif /* NO_ASM */
-
-/*************************************************************
- * Using the long long type
- */
-#define Lw(t) (((BN_ULONG)(t))&BN_MASK2)
-#define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
-
-/* This is used for internal error checking and is not normally used */
-#ifdef BN_DEBUG
-# include <assert.h>
-# define bn_check_top(a) assert ((a)->top >= 0 && (a)->top <= (a)->dmax);
-#else
-# define bn_check_top(a)
-#endif
-
-/* This macro is to add extra stuff for development checking */
-#ifdef BN_DEBUG
-#define bn_set_max(r) ((r)->max=(r)->top,BN_set_flags((r),BN_FLG_STATIC_DATA))
-#else
-#define bn_set_max(r)
-#endif
-
-/* These macros are used to 'take' a section of a bignum for read only use */
-#define bn_set_low(r,a,n) \
- { \
- (r)->top=((a)->top > (n))?(n):(a)->top; \
- (r)->d=(a)->d; \
- (r)->neg=(a)->neg; \
- (r)->flags|=BN_FLG_STATIC_DATA; \
- bn_set_max(r); \
- }
-
-#define bn_set_high(r,a,n) \
- { \
- if ((a)->top > (n)) \
- { \
- (r)->top=(a)->top-n; \
- (r)->d= &((a)->d[n]); \
- } \
- else \
- (r)->top=0; \
- (r)->neg=(a)->neg; \
- (r)->flags|=BN_FLG_STATIC_DATA; \
- bn_set_max(r); \
- }
-
-#ifdef BN_LLONG
-#define mul_add(r,a,w,c) { \
- BN_ULLONG t; \
- t=(BN_ULLONG)w * (a) + (r) + (c); \
- (r)= Lw(t); \
- (c)= Hw(t); \
- }
-
-#define mul(r,a,w,c) { \
- BN_ULLONG t; \
- t=(BN_ULLONG)w * (a) + (c); \
- (r)= Lw(t); \
- (c)= Hw(t); \
- }
-
-#define sqr(r0,r1,a) { \
- BN_ULLONG t; \
- t=(BN_ULLONG)(a)*(a); \
- (r0)=Lw(t); \
- (r1)=Hw(t); \
- }
-
-#elif defined(BN_UMULT_HIGH)
-#define mul_add(r,a,w,c) { \
- BN_ULONG high,low,ret,tmp=(a); \
- ret = (r); \
- high= BN_UMULT_HIGH(w,tmp); \
- ret += (c); \
- low = (w) * tmp; \
- (c) = (ret<(c))?1:0; \
- (c) += high; \
- ret += low; \
- (c) += (ret<low)?1:0; \
- (r) = ret; \
- }
-
-#define mul(r,a,w,c) { \
- BN_ULONG high,low,ret,ta=(a); \
- low = (w) * ta; \
- high= BN_UMULT_HIGH(w,ta); \
- ret = low + (c); \
- (c) = high; \
- (c) += (ret<low)?1:0; \
- (r) = ret; \
- }
-
-#define sqr(r0,r1,a) { \
- BN_ULONG tmp=(a); \
- (r0) = tmp * tmp; \
- (r1) = BN_UMULT_HIGH(tmp,tmp); \
- }
-
-#else
-/*************************************************************
- * No long long type
- */
-
-#define LBITS(a) ((a)&BN_MASK2l)
-#define HBITS(a) (((a)>>BN_BITS4)&BN_MASK2l)
-#define L2HBITS(a) ((BN_ULONG)((a)&BN_MASK2l)<<BN_BITS4)
-
-#define LLBITS(a) ((a)&BN_MASKl)
-#define LHBITS(a) (((a)>>BN_BITS2)&BN_MASKl)
-#define LL2HBITS(a) ((BN_ULLONG)((a)&BN_MASKl)<<BN_BITS2)
-
-#define mul64(l,h,bl,bh) \
- { \
- BN_ULONG m,m1,lt,ht; \
- \
- lt=l; \
- ht=h; \
- m =(bh)*(lt); \
- lt=(bl)*(lt); \
- m1=(bl)*(ht); \
- ht =(bh)*(ht); \
- m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS(1L); \
- ht+=HBITS(m); \
- m1=L2HBITS(m); \
- lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \
- (l)=lt; \
- (h)=ht; \
- }
-
-#define sqr64(lo,ho,in) \
- { \
- BN_ULONG l,h,m; \
- \
- h=(in); \
- l=LBITS(h); \
- h=HBITS(h); \
- m =(l)*(h); \
- l*=l; \
- h*=h; \
- h+=(m&BN_MASK2h1)>>(BN_BITS4-1); \
- m =(m&BN_MASK2l)<<(BN_BITS4+1); \
- l=(l+m)&BN_MASK2; if (l < m) h++; \
- (lo)=l; \
- (ho)=h; \
- }
-
-#define mul_add(r,a,bl,bh,c) { \
- BN_ULONG l,h; \
- \
- h= (a); \
- l=LBITS(h); \
- h=HBITS(h); \
- mul64(l,h,(bl),(bh)); \
- \
- /* non-multiply part */ \
- l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
- (c)=(r); \
- l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
- (c)=h&BN_MASK2; \
- (r)=l; \
- }
-
-#define mul(r,a,bl,bh,c) { \
- BN_ULONG l,h; \
- \
- h= (a); \
- l=LBITS(h); \
- h=HBITS(h); \
- mul64(l,h,(bl),(bh)); \
- \
- /* non-multiply part */ \
- l+=(c); if ((l&BN_MASK2) < (c)) h++; \
- (c)=h&BN_MASK2; \
- (r)=l&BN_MASK2; \
- }
-#endif /* !BN_LLONG */
-
-void bn_mul_normal(BN_ULONG *r,BN_ULONG *a,int na,BN_ULONG *b,int nb);
-void bn_mul_comba8(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
-void bn_mul_comba4(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
-void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp);
-void bn_sqr_comba8(BN_ULONG *r,BN_ULONG *a);
-void bn_sqr_comba4(BN_ULONG *r,BN_ULONG *a);
-int bn_cmp_words(BN_ULONG *a,BN_ULONG *b,int n);
-void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,BN_ULONG *t);
-void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,
- int tn, int n,BN_ULONG *t);
-void bn_sqr_recursive(BN_ULONG *r,BN_ULONG *a, int n2, BN_ULONG *t);
-void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n);
-void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,
- BN_ULONG *t);
-void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2,
- BN_ULONG *t);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
deleted file mode 100644
index 7767d65170..0000000000
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ /dev/null
@@ -1,762 +0,0 @@
-/* crypto/bn/bn_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef BN_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <assert.h>
-#include <limits.h>
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT;
-
-/* For a 32 bit machine
- * 2 - 4 == 128
- * 3 - 8 == 256
- * 4 - 16 == 512
- * 5 - 32 == 1024
- * 6 - 64 == 2048
- * 7 - 128 == 4096
- * 8 - 256 == 8192
- */
-static int bn_limit_bits=0;
-static int bn_limit_num=8; /* (1<<bn_limit_bits) */
-static int bn_limit_bits_low=0;
-static int bn_limit_num_low=8; /* (1<<bn_limit_bits_low) */
-static int bn_limit_bits_high=0;
-static int bn_limit_num_high=8; /* (1<<bn_limit_bits_high) */
-static int bn_limit_bits_mont=0;
-static int bn_limit_num_mont=8; /* (1<<bn_limit_bits_mont) */
-
-void BN_set_params(int mult, int high, int low, int mont)
- {
- if (mult >= 0)
- {
- if (mult > (sizeof(int)*8)-1)
- mult=sizeof(int)*8-1;
- bn_limit_bits=mult;
- bn_limit_num=1<<mult;
- }
- if (high >= 0)
- {
- if (high > (sizeof(int)*8)-1)
- high=sizeof(int)*8-1;
- bn_limit_bits_high=high;
- bn_limit_num_high=1<<high;
- }
- if (low >= 0)
- {
- if (low > (sizeof(int)*8)-1)
- low=sizeof(int)*8-1;
- bn_limit_bits_low=low;
- bn_limit_num_low=1<<low;
- }
- if (mont >= 0)
- {
- if (mont > (sizeof(int)*8)-1)
- mont=sizeof(int)*8-1;
- bn_limit_bits_mont=mont;
- bn_limit_num_mont=1<<mont;
- }
- }
-
-int BN_get_params(int which)
- {
- if (which == 0) return(bn_limit_bits);
- else if (which == 1) return(bn_limit_bits_high);
- else if (which == 2) return(bn_limit_bits_low);
- else if (which == 3) return(bn_limit_bits_mont);
- else return(0);
- }
-
-BIGNUM *BN_value_one(void)
- {
- static BN_ULONG data_one=1L;
- static BIGNUM const_one={&data_one,1,1,0};
-
- return(&const_one);
- }
-
-char *BN_options(void)
- {
- static int init=0;
- static char data[16];
-
- if (!init)
- {
- init++;
-#ifdef BN_LLONG
- sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULLONG)*8,
- (int)sizeof(BN_ULONG)*8);
-#else
- sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULONG)*8,
- (int)sizeof(BN_ULONG)*8);
-#endif
- }
- return(data);
- }
-
-int BN_num_bits_word(BN_ULONG l)
- {
- static const char bits[256]={
- 0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4,
- 5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,
- 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
- 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
- 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
- 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
- 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
- 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
- 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
- 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
- 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
- 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
- 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
- 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
- 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
- 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
- };
-
-#if defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xffffffff00000000L)
- {
- if (l & 0xffff000000000000L)
- {
- if (l & 0xff00000000000000L)
- {
- return(bits[(int)(l>>56)]+56);
- }
- else return(bits[(int)(l>>48)]+48);
- }
- else
- {
- if (l & 0x0000ff0000000000L)
- {
- return(bits[(int)(l>>40)]+40);
- }
- else return(bits[(int)(l>>32)]+32);
- }
- }
- else
-#else
-#ifdef SIXTY_FOUR_BIT
- if (l & 0xffffffff00000000LL)
- {
- if (l & 0xffff000000000000LL)
- {
- if (l & 0xff00000000000000LL)
- {
- return(bits[(int)(l>>56)]+56);
- }
- else return(bits[(int)(l>>48)]+48);
- }
- else
- {
- if (l & 0x0000ff0000000000LL)
- {
- return(bits[(int)(l>>40)]+40);
- }
- else return(bits[(int)(l>>32)]+32);
- }
- }
- else
-#endif
-#endif
- {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xffff0000L)
- {
- if (l & 0xff000000L)
- return(bits[(int)(l>>24L)]+24);
- else return(bits[(int)(l>>16L)]+16);
- }
- else
-#endif
- {
-#if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xff00L)
- return(bits[(int)(l>>8)]+8);
- else
-#endif
- return(bits[(int)(l )] );
- }
- }
- }
-
-int BN_num_bits(const BIGNUM *a)
- {
- BN_ULONG l;
- int i;
-
- bn_check_top(a);
-
- if (a->top == 0) return(0);
- l=a->d[a->top-1];
- assert(l != 0);
- i=(a->top-1)*BN_BITS2;
- return(i+BN_num_bits_word(l));
- }
-
-void BN_clear_free(BIGNUM *a)
- {
- int i;
-
- if (a == NULL) return;
- if (a->d != NULL)
- {
- memset(a->d,0,a->dmax*sizeof(a->d[0]));
- if (!(BN_get_flags(a,BN_FLG_STATIC_DATA)))
- OPENSSL_free(a->d);
- }
- i=BN_get_flags(a,BN_FLG_MALLOCED);
- memset(a,0,sizeof(BIGNUM));
- if (i)
- OPENSSL_free(a);
- }
-
-void BN_free(BIGNUM *a)
- {
- if (a == NULL) return;
- if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA)))
- OPENSSL_free(a->d);
- a->flags|=BN_FLG_FREE; /* REMOVE? */
- if (a->flags & BN_FLG_MALLOCED)
- OPENSSL_free(a);
- }
-
-void BN_init(BIGNUM *a)
- {
- memset(a,0,sizeof(BIGNUM));
- }
-
-BIGNUM *BN_new(void)
- {
- BIGNUM *ret;
-
- if ((ret=(BIGNUM *)OPENSSL_malloc(sizeof(BIGNUM))) == NULL)
- {
- BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- ret->flags=BN_FLG_MALLOCED;
- ret->top=0;
- ret->neg=0;
- ret->dmax=0;
- ret->d=NULL;
- return(ret);
- }
-
-/* This is an internal function that should not be used in applications.
- * It ensures that 'b' has enough room for a 'words' word number number.
- * It is mostly used by the various BIGNUM routines. If there is an error,
- * NULL is returned. If not, 'b' is returned. */
-
-BIGNUM *bn_expand2(BIGNUM *b, int words)
- {
- BN_ULONG *A,*a;
- const BN_ULONG *B;
- int i;
-
- bn_check_top(b);
-
- if (words > b->dmax)
- {
- if (words > (INT_MAX/(4*BN_BITS2)))
- {
- BNerr(BN_F_BN_EXPAND2,BN_R_BIGNUM_TOO_LONG);
- return NULL;
- }
-
- bn_check_top(b);
- if (BN_get_flags(b,BN_FLG_STATIC_DATA))
- {
- BNerr(BN_F_BN_EXPAND2,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
- return(NULL);
- }
- a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1));
- if (A == NULL)
- {
- BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
-#if 1
- B=b->d;
- /* Check if the previous number needs to be copied */
- if (B != NULL)
- {
-#if 0
- /* This lot is an unrolled loop to copy b->top
- * BN_ULONGs from B to A
- */
-/*
- * I have nothing against unrolling but it's usually done for
- * several reasons, namely:
- * - minimize percentage of decision making code, i.e. branches;
- * - avoid cache trashing;
- * - make it possible to schedule loads earlier;
- * Now let's examine the code below. The cornerstone of C is
- * "programmer is always right" and that's what we love it for:-)
- * For this very reason C compilers have to be paranoid when it
- * comes to data aliasing and assume the worst. Yeah, but what
- * does it mean in real life? This means that loop body below will
- * be compiled to sequence of loads immediately followed by stores
- * as compiler assumes the worst, something in A==B+1 style. As a
- * result CPU pipeline is going to starve for incoming data. Secondly
- * if A and B happen to share same cache line such code is going to
- * cause severe cache trashing. Both factors have severe impact on
- * performance of modern CPUs and this is the reason why this
- * particular piece of code is #ifdefed away and replaced by more
- * "friendly" version found in #else section below. This comment
- * also applies to BN_copy function.
- *
- * <appro@fy.chalmers.se>
- */
- for (i=b->top&(~7); i>0; i-=8)
- {
- A[0]=B[0]; A[1]=B[1]; A[2]=B[2]; A[3]=B[3];
- A[4]=B[4]; A[5]=B[5]; A[6]=B[6]; A[7]=B[7];
- A+=8;
- B+=8;
- }
- switch (b->top&7)
- {
- case 7:
- A[6]=B[6];
- case 6:
- A[5]=B[5];
- case 5:
- A[4]=B[4];
- case 4:
- A[3]=B[3];
- case 3:
- A[2]=B[2];
- case 2:
- A[1]=B[1];
- case 1:
- A[0]=B[0];
- case 0:
- /* I need the 'case 0' entry for utrix cc.
- * If the optimizer is turned on, it does the
- * switch table by doing
- * a=top&7
- * a--;
- * goto jump_table[a];
- * If top is 0, this makes us jump to 0xffffffc
- * which is rather bad :-(.
- * eric 23-Apr-1998
- */
- ;
- }
-#else
- for (i=b->top>>2; i>0; i--,A+=4,B+=4)
- {
- /*
- * The fact that the loop is unrolled
- * 4-wise is a tribute to Intel. It's
- * the one that doesn't have enough
- * registers to accomodate more data.
- * I'd unroll it 8-wise otherwise:-)
- *
- * <appro@fy.chalmers.se>
- */
- BN_ULONG a0,a1,a2,a3;
- a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3];
- A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3;
- }
- switch (b->top&3)
- {
- case 3: A[2]=B[2];
- case 2: A[1]=B[1];
- case 1: A[0]=B[0];
- case 0: ; /* ultrix cc workaround, see above */
- }
-#endif
- OPENSSL_free(b->d);
- }
-
- b->d=a;
- b->dmax=words;
-
- /* Now need to zero any data between b->top and b->max */
-
- A= &(b->d[b->top]);
- for (i=(b->dmax - b->top)>>3; i>0; i--,A+=8)
- {
- A[0]=0; A[1]=0; A[2]=0; A[3]=0;
- A[4]=0; A[5]=0; A[6]=0; A[7]=0;
- }
- for (i=(b->dmax - b->top)&7; i>0; i--,A++)
- A[0]=0;
-#else
- memset(A,0,sizeof(BN_ULONG)*(words+1));
- memcpy(A,b->d,sizeof(b->d[0])*b->top);
- b->d=a;
- b->max=words;
-#endif
-
-/* memset(&(p[b->max]),0,((words+1)-b->max)*sizeof(BN_ULONG)); */
-/* { int i; for (i=b->max; i<words+1; i++) p[i]=i;} */
-
- }
- return(b);
- }
-
-BIGNUM *BN_dup(const BIGNUM *a)
- {
- BIGNUM *r;
-
- if (a == NULL) return NULL;
-
- bn_check_top(a);
-
- r=BN_new();
- if (r == NULL) return(NULL);
- return((BIGNUM *)BN_copy(r,a));
- }
-
-BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
- {
- int i;
- BN_ULONG *A;
- const BN_ULONG *B;
-
- bn_check_top(b);
-
- if (a == b) return(a);
- if (bn_wexpand(a,b->top) == NULL) return(NULL);
-
-#if 1
- A=a->d;
- B=b->d;
- for (i=b->top>>2; i>0; i--,A+=4,B+=4)
- {
- BN_ULONG a0,a1,a2,a3;
- a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3];
- A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3;
- }
- switch (b->top&3)
- {
- case 3: A[2]=B[2];
- case 2: A[1]=B[1];
- case 1: A[0]=B[0];
- case 0: ; /* ultrix cc workaround, see comments in bn_expand2 */
- }
-#else
- memcpy(a->d,b->d,sizeof(b->d[0])*b->top);
-#endif
-
-/* memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/
- a->top=b->top;
- if ((a->top == 0) && (a->d != NULL))
- a->d[0]=0;
- a->neg=b->neg;
- return(a);
- }
-
-void BN_clear(BIGNUM *a)
- {
- if (a->d != NULL)
- memset(a->d,0,a->dmax*sizeof(a->d[0]));
- a->top=0;
- a->neg=0;
- }
-
-BN_ULONG BN_get_word(BIGNUM *a)
- {
- int i,n;
- BN_ULONG ret=0;
-
- n=BN_num_bytes(a);
- if (n > sizeof(BN_ULONG))
- return(BN_MASK2);
- for (i=a->top-1; i>=0; i--)
- {
-#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
- ret<<=BN_BITS4; /* stops the compiler complaining */
- ret<<=BN_BITS4;
-#else
- ret=0;
-#endif
- ret|=a->d[i];
- }
- return(ret);
- }
-
-int BN_set_word(BIGNUM *a, BN_ULONG w)
- {
- int i,n;
- if (bn_expand(a,sizeof(BN_ULONG)*8) == NULL) return(0);
-
- n=sizeof(BN_ULONG)/BN_BYTES;
- a->neg=0;
- a->top=0;
- a->d[0]=(BN_ULONG)w&BN_MASK2;
- if (a->d[0] != 0) a->top=1;
- for (i=1; i<n; i++)
- {
- /* the following is done instead of
- * w>>=BN_BITS2 so compilers don't complain
- * on builds where sizeof(long) == BN_TYPES */
-#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
- w>>=BN_BITS4;
- w>>=BN_BITS4;
-#else
- w=0;
-#endif
- a->d[i]=(BN_ULONG)w&BN_MASK2;
- if (a->d[i] != 0) a->top=i+1;
- }
- return(1);
- }
-
-/* ignore negative */
-BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
- {
- unsigned int i,m;
- unsigned int n;
- BN_ULONG l;
-
- if (ret == NULL) ret=BN_new();
- if (ret == NULL) return(NULL);
- l=0;
- n=len;
- if (n == 0)
- {
- ret->top=0;
- return(ret);
- }
- if (bn_expand(ret,(int)(n+2)*8) == NULL)
- return(NULL);
- i=((n-1)/BN_BYTES)+1;
- m=((n-1)%(BN_BYTES));
- ret->top=i;
- while (n-- > 0)
- {
- l=(l<<8L)| *(s++);
- if (m-- == 0)
- {
- ret->d[--i]=l;
- l=0;
- m=BN_BYTES-1;
- }
- }
- /* need to call this due to clear byte at top if avoiding
- * having the top bit set (-ve number) */
- bn_fix_top(ret);
- return(ret);
- }
-
-/* ignore negative */
-int BN_bn2bin(const BIGNUM *a, unsigned char *to)
- {
- int n,i;
- BN_ULONG l;
-
- n=i=BN_num_bytes(a);
- while (i-- > 0)
- {
- l=a->d[i/BN_BYTES];
- *(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff;
- }
- return(n);
- }
-
-int BN_ucmp(const BIGNUM *a, const BIGNUM *b)
- {
- int i;
- BN_ULONG t1,t2,*ap,*bp;
-
- bn_check_top(a);
- bn_check_top(b);
-
- i=a->top-b->top;
- if (i != 0) return(i);
- ap=a->d;
- bp=b->d;
- for (i=a->top-1; i>=0; i--)
- {
- t1= ap[i];
- t2= bp[i];
- if (t1 != t2)
- return(t1 > t2?1:-1);
- }
- return(0);
- }
-
-int BN_cmp(const BIGNUM *a, const BIGNUM *b)
- {
- int i;
- int gt,lt;
- BN_ULONG t1,t2;
-
- if ((a == NULL) || (b == NULL))
- {
- if (a != NULL)
- return(-1);
- else if (b != NULL)
- return(1);
- else
- return(0);
- }
-
- bn_check_top(a);
- bn_check_top(b);
-
- if (a->neg != b->neg)
- {
- if (a->neg)
- return(-1);
- else return(1);
- }
- if (a->neg == 0)
- { gt=1; lt= -1; }
- else { gt= -1; lt=1; }
-
- if (a->top > b->top) return(gt);
- if (a->top < b->top) return(lt);
- for (i=a->top-1; i>=0; i--)
- {
- t1=a->d[i];
- t2=b->d[i];
- if (t1 > t2) return(gt);
- if (t1 < t2) return(lt);
- }
- return(0);
- }
-
-int BN_set_bit(BIGNUM *a, int n)
- {
- int i,j,k;
-
- i=n/BN_BITS2;
- j=n%BN_BITS2;
- if (a->top <= i)
- {
- if (bn_wexpand(a,i+1) == NULL) return(0);
- for(k=a->top; k<i+1; k++)
- a->d[k]=0;
- a->top=i+1;
- }
-
- a->d[i]|=(((BN_ULONG)1)<<j);
- return(1);
- }
-
-int BN_clear_bit(BIGNUM *a, int n)
- {
- int i,j;
-
- i=n/BN_BITS2;
- j=n%BN_BITS2;
- if (a->top <= i) return(0);
-
- a->d[i]&=(~(((BN_ULONG)1)<<j));
- bn_fix_top(a);
- return(1);
- }
-
-int BN_is_bit_set(const BIGNUM *a, int n)
- {
- int i,j;
-
- if (n < 0) return(0);
- i=n/BN_BITS2;
- j=n%BN_BITS2;
- if (a->top <= i) return(0);
- return((a->d[i]&(((BN_ULONG)1)<<j))?1:0);
- }
-
-int BN_mask_bits(BIGNUM *a, int n)
- {
- int b,w;
-
- w=n/BN_BITS2;
- b=n%BN_BITS2;
- if (w >= a->top) return(0);
- if (b == 0)
- a->top=w;
- else
- {
- a->top=w+1;
- a->d[w]&= ~(BN_MASK2<<b);
- }
- bn_fix_top(a);
- return(1);
- }
-
-int bn_cmp_words(BN_ULONG *a, BN_ULONG *b, int n)
- {
- int i;
- BN_ULONG aa,bb;
-
- aa=a[n-1];
- bb=b[n-1];
- if (aa != bb) return((aa > bb)?1:-1);
- for (i=n-2; i>=0; i--)
- {
- aa=a[i];
- bb=b[i];
- if (aa != bb) return((aa > bb)?1:-1);
- }
- return(0);
- }
-
diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c
deleted file mode 100644
index 8cf1febacc..0000000000
--- a/src/lib/libcrypto/bn/bn_mont.c
+++ /dev/null
@@ -1,346 +0,0 @@
-/* crypto/bn/bn_mont.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * Details about Montgomery multiplication algorithms can be found at
- * http://security.ece.orst.edu/publications.html, e.g.
- * http://security.ece.orst.edu/koc/papers/j37acmon.pdf and
- * sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define MONT_WORD /* use the faster word-based algorithm */
-
-int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
- BN_MONT_CTX *mont, BN_CTX *ctx)
- {
- BIGNUM *tmp,*tmp2;
- int ret=0;
-
- BN_CTX_start(ctx);
- tmp = BN_CTX_get(ctx);
- tmp2 = BN_CTX_get(ctx);
- if (tmp == NULL || tmp2 == NULL) goto err;
-
- bn_check_top(tmp);
- bn_check_top(tmp2);
-
- if (a == b)
- {
- if (!BN_sqr(tmp,a,ctx)) goto err;
- }
- else
- {
- if (!BN_mul(tmp,a,b,ctx)) goto err;
- }
- /* reduce from aRR to aR */
- if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
- ret=1;
-err:
- BN_CTX_end(ctx);
- return(ret);
- }
-
-int BN_from_montgomery(BIGNUM *ret, BIGNUM *a, BN_MONT_CTX *mont,
- BN_CTX *ctx)
- {
- int retn=0;
-
-#ifdef MONT_WORD
- BIGNUM *n,*r;
- BN_ULONG *ap,*np,*rp,n0,v,*nrp;
- int al,nl,max,i,x,ri;
-
- BN_CTX_start(ctx);
- if ((r = BN_CTX_get(ctx)) == NULL) goto err;
-
- if (!BN_copy(r,a)) goto err;
- n= &(mont->N);
-
- ap=a->d;
- /* mont->ri is the size of mont->N in bits (rounded up
- to the word size) */
- al=ri=mont->ri/BN_BITS2;
-
- nl=n->top;
- if ((al == 0) || (nl == 0)) { r->top=0; return(1); }
-
- max=(nl+al+1); /* allow for overflow (no?) XXX */
- if (bn_wexpand(r,max) == NULL) goto err;
- if (bn_wexpand(ret,max) == NULL) goto err;
-
- r->neg=a->neg^n->neg;
- np=n->d;
- rp=r->d;
- nrp= &(r->d[nl]);
-
- /* clear the top words of T */
-#if 1
- for (i=r->top; i<max; i++) /* memset? XXX */
- r->d[i]=0;
-#else
- memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG));
-#endif
-
- r->top=max;
- n0=mont->n0;
-
-#ifdef BN_COUNT
- printf("word BN_from_montgomery %d * %d\n",nl,nl);
-#endif
- for (i=0; i<nl; i++)
- {
-#ifdef __TANDEM
- {
- long long t1;
- long long t2;
- long long t3;
- t1 = rp[0] * (n0 & 0177777);
- t2 = 037777600000l;
- t2 = n0 & t2;
- t3 = rp[0] & 0177777;
- t2 = (t3 * t2) & BN_MASK2;
- t1 = t1 + t2;
- v=bn_mul_add_words(rp,np,nl,(BN_ULONG) t1);
- }
-#else
- v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2);
-#endif
- nrp++;
- rp++;
- if (((nrp[-1]+=v)&BN_MASK2) >= v)
- continue;
- else
- {
- if (((++nrp[0])&BN_MASK2) != 0) continue;
- if (((++nrp[1])&BN_MASK2) != 0) continue;
- for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ;
- }
- }
- bn_fix_top(r);
-
- /* mont->ri will be a multiple of the word size */
-#if 0
- BN_rshift(ret,r,mont->ri);
-#else
- ret->neg = r->neg;
- x=ri;
- rp=ret->d;
- ap= &(r->d[x]);
- if (r->top < x)
- al=0;
- else
- al=r->top-x;
- ret->top=al;
- al-=4;
- for (i=0; i<al; i+=4)
- {
- BN_ULONG t1,t2,t3,t4;
-
- t1=ap[i+0];
- t2=ap[i+1];
- t3=ap[i+2];
- t4=ap[i+3];
- rp[i+0]=t1;
- rp[i+1]=t2;
- rp[i+2]=t3;
- rp[i+3]=t4;
- }
- al+=4;
- for (; i<al; i++)
- rp[i]=ap[i];
-#endif
-#else /* !MONT_WORD */
- BIGNUM *t1,*t2;
-
- BN_CTX_start(ctx);
- t1 = BN_CTX_get(ctx);
- t2 = BN_CTX_get(ctx);
- if (t1 == NULL || t2 == NULL) goto err;
-
- if (!BN_copy(t1,a)) goto err;
- BN_mask_bits(t1,mont->ri);
-
- if (!BN_mul(t2,t1,&mont->Ni,ctx)) goto err;
- BN_mask_bits(t2,mont->ri);
-
- if (!BN_mul(t1,t2,&mont->N,ctx)) goto err;
- if (!BN_add(t2,a,t1)) goto err;
- BN_rshift(ret,t2,mont->ri);
-#endif /* MONT_WORD */
-
- if (BN_ucmp(ret, &(mont->N)) >= 0)
- {
- BN_usub(ret,ret,&(mont->N));
- }
- retn=1;
- err:
- BN_CTX_end(ctx);
- return(retn);
- }
-
-BN_MONT_CTX *BN_MONT_CTX_new(void)
- {
- BN_MONT_CTX *ret;
-
- if ((ret=(BN_MONT_CTX *)OPENSSL_malloc(sizeof(BN_MONT_CTX))) == NULL)
- return(NULL);
-
- BN_MONT_CTX_init(ret);
- ret->flags=BN_FLG_MALLOCED;
- return(ret);
- }
-
-void BN_MONT_CTX_init(BN_MONT_CTX *ctx)
- {
- ctx->ri=0;
- BN_init(&(ctx->RR));
- BN_init(&(ctx->N));
- BN_init(&(ctx->Ni));
- ctx->flags=0;
- }
-
-void BN_MONT_CTX_free(BN_MONT_CTX *mont)
- {
- if(mont == NULL)
- return;
-
- BN_free(&(mont->RR));
- BN_free(&(mont->N));
- BN_free(&(mont->Ni));
- if (mont->flags & BN_FLG_MALLOCED)
- OPENSSL_free(mont);
- }
-
-int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
- {
- BIGNUM Ri,*R;
-
- BN_init(&Ri);
- R= &(mont->RR); /* grab RR as a temp */
- BN_copy(&(mont->N),mod); /* Set N */
-
-#ifdef MONT_WORD
- {
- BIGNUM tmod;
- BN_ULONG buf[2];
-
- mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
- BN_zero(R);
- BN_set_bit(R,BN_BITS2); /* R */
-
- buf[0]=mod->d[0]; /* tmod = N mod word size */
- buf[1]=0;
- tmod.d=buf;
- tmod.top=1;
- tmod.dmax=2;
- tmod.neg=mod->neg;
- /* Ri = R^-1 mod N*/
- if ((BN_mod_inverse(&Ri,R,&tmod,ctx)) == NULL)
- goto err;
- BN_lshift(&Ri,&Ri,BN_BITS2); /* R*Ri */
- if (!BN_is_zero(&Ri))
- BN_sub_word(&Ri,1);
- else /* if N mod word size == 1 */
- BN_set_word(&Ri,BN_MASK2); /* Ri-- (mod word size) */
- BN_div(&Ri,NULL,&Ri,&tmod,ctx); /* Ni = (R*Ri-1)/N,
- * keep only least significant word: */
- mont->n0=Ri.d[0];
- BN_free(&Ri);
- }
-#else /* !MONT_WORD */
- { /* bignum version */
- mont->ri=BN_num_bits(mod);
- BN_zero(R);
- BN_set_bit(R,mont->ri); /* R = 2^ri */
- /* Ri = R^-1 mod N*/
- if ((BN_mod_inverse(&Ri,R,mod,ctx)) == NULL)
- goto err;
- BN_lshift(&Ri,&Ri,mont->ri); /* R*Ri */
- BN_sub_word(&Ri,1);
- /* Ni = (R*Ri-1) / N */
- BN_div(&(mont->Ni),NULL,&Ri,mod,ctx);
- BN_free(&Ri);
- }
-#endif
-
- /* setup RR for conversions */
- BN_zero(&(mont->RR));
- BN_set_bit(&(mont->RR),mont->ri*2);
- BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx);
-
- return(1);
-err:
- return(0);
- }
-
-BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
- {
- if (to == from) return(to);
-
- BN_copy(&(to->RR),&(from->RR));
- BN_copy(&(to->N),&(from->N));
- BN_copy(&(to->Ni),&(from->Ni));
- to->ri=from->ri;
- to->n0=from->n0;
- return(to);
- }
-
diff --git a/src/lib/libcrypto/bn/bn_mpi.c b/src/lib/libcrypto/bn/bn_mpi.c
deleted file mode 100644
index 80e1dca6b7..0000000000
--- a/src/lib/libcrypto/bn/bn_mpi.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* crypto/bn/bn_mpi.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-int BN_bn2mpi(const BIGNUM *a, unsigned char *d)
- {
- int bits;
- int num=0;
- int ext=0;
- long l;
-
- bits=BN_num_bits(a);
- num=(bits+7)/8;
- if (bits > 0)
- {
- ext=((bits & 0x07) == 0);
- }
- if (d == NULL)
- return(num+4+ext);
-
- l=num+ext;
- d[0]=(unsigned char)(l>>24)&0xff;
- d[1]=(unsigned char)(l>>16)&0xff;
- d[2]=(unsigned char)(l>> 8)&0xff;
- d[3]=(unsigned char)(l )&0xff;
- if (ext) d[4]=0;
- num=BN_bn2bin(a,&(d[4+ext]));
- if (a->neg)
- d[4]|=0x80;
- return(num+4+ext);
- }
-
-BIGNUM *BN_mpi2bn(unsigned char *d, int n, BIGNUM *a)
- {
- long len;
- int neg=0;
-
- if (n < 4)
- {
- BNerr(BN_F_BN_MPI2BN,BN_R_INVALID_LENGTH);
- return(NULL);
- }
- len=((long)d[0]<<24)|((long)d[1]<<16)|((int)d[2]<<8)|(int)d[3];
- if ((len+4) != n)
- {
- BNerr(BN_F_BN_MPI2BN,BN_R_ENCODING_ERROR);
- return(NULL);
- }
-
- if (a == NULL) a=BN_new();
- if (a == NULL) return(NULL);
-
- if (len == 0)
- {
- a->neg=0;
- a->top=0;
- return(a);
- }
- d+=4;
- if ((*d) & 0x80)
- neg=1;
- if (BN_bin2bn(d,(int)len,a) == NULL)
- return(NULL);
- a->neg=neg;
- if (neg)
- {
- BN_clear_bit(a,BN_num_bits(a)-1);
- }
- return(a);
- }
-
diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c
deleted file mode 100644
index 3e8d8b9567..0000000000
--- a/src/lib/libcrypto/bn/bn_mul.c
+++ /dev/null
@@ -1,794 +0,0 @@
-/* crypto/bn/bn_mul.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#ifdef BN_RECURSION
-/* Karatsuba recursive multiplication algorithm
- * (cf. Knuth, The Art of Computer Programming, Vol. 2) */
-
-/* r is 2*n2 words in size,
- * a and b are both n2 words in size.
- * n2 must be a power of 2.
- * We multiply and return the result.
- * t must be 2*n2 words in size
- * We calculate
- * a[0]*b[0]
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
- BN_ULONG *t)
- {
- int n=n2/2,c1,c2;
- unsigned int neg,zero;
- BN_ULONG ln,lo,*p;
-
-# ifdef BN_COUNT
- printf(" bn_mul_recursive %d * %d\n",n2,n2);
-# endif
-# ifdef BN_MUL_COMBA
-# if 0
- if (n2 == 4)
- {
- bn_mul_comba4(r,a,b);
- return;
- }
-# endif
- if (n2 == 8)
- {
- bn_mul_comba8(r,a,b);
- return;
- }
-# endif /* BN_MUL_COMBA */
- if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL)
- {
- /* This should not happen */
- bn_mul_normal(r,a,n2,b,n2);
- return;
- }
- /* r=(a[0]-a[1])*(b[1]-b[0]) */
- c1=bn_cmp_words(a,&(a[n]),n);
- c2=bn_cmp_words(&(b[n]),b,n);
- zero=neg=0;
- switch (c1*3+c2)
- {
- case -4:
- bn_sub_words(t, &(a[n]),a, n); /* - */
- bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */
- break;
- case -3:
- zero=1;
- break;
- case -2:
- bn_sub_words(t, &(a[n]),a, n); /* - */
- bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */
- neg=1;
- break;
- case -1:
- case 0:
- case 1:
- zero=1;
- break;
- case 2:
- bn_sub_words(t, a, &(a[n]),n); /* + */
- bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */
- neg=1;
- break;
- case 3:
- zero=1;
- break;
- case 4:
- bn_sub_words(t, a, &(a[n]),n);
- bn_sub_words(&(t[n]),&(b[n]),b, n);
- break;
- }
-
-# ifdef BN_MUL_COMBA
- if (n == 4)
- {
- if (!zero)
- bn_mul_comba4(&(t[n2]),t,&(t[n]));
- else
- memset(&(t[n2]),0,8*sizeof(BN_ULONG));
-
- bn_mul_comba4(r,a,b);
- bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n]));
- }
- else if (n == 8)
- {
- if (!zero)
- bn_mul_comba8(&(t[n2]),t,&(t[n]));
- else
- memset(&(t[n2]),0,16*sizeof(BN_ULONG));
-
- bn_mul_comba8(r,a,b);
- bn_mul_comba8(&(r[n2]),&(a[n]),&(b[n]));
- }
- else
-# endif /* BN_MUL_COMBA */
- {
- p= &(t[n2*2]);
- if (!zero)
- bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p);
- else
- memset(&(t[n2]),0,n2*sizeof(BN_ULONG));
- bn_mul_recursive(r,a,b,n,p);
- bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p);
- }
-
- /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
- * r[10] holds (a[0]*b[0])
- * r[32] holds (b[1]*b[1])
- */
-
- c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
-
- if (neg) /* if t[32] is negative */
- {
- c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
- }
- else
- {
- /* Might have a carry */
- c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
- }
-
- /* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
- * r[10] holds (a[0]*b[0])
- * r[32] holds (b[1]*b[1])
- * c1 holds the carry bits
- */
- c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
- if (c1)
- {
- p= &(r[n+n2]);
- lo= *p;
- ln=(lo+c1)&BN_MASK2;
- *p=ln;
-
- /* The overflow will stop before we over write
- * words we should not overwrite */
- if (ln < (BN_ULONG)c1)
- {
- do {
- p++;
- lo= *p;
- ln=(lo+1)&BN_MASK2;
- *p=ln;
- } while (ln == 0);
- }
- }
- }
-
-/* n+tn is the word length
- * t needs to be n*4 is size, as does r */
-void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn,
- int n, BN_ULONG *t)
- {
- int i,j,n2=n*2;
- unsigned int c1,c2,neg,zero;
- BN_ULONG ln,lo,*p;
-
-# ifdef BN_COUNT
- printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n);
-# endif
- if (n < 8)
- {
- i=tn+n;
- bn_mul_normal(r,a,i,b,i);
- return;
- }
-
- /* r=(a[0]-a[1])*(b[1]-b[0]) */
- c1=bn_cmp_words(a,&(a[n]),n);
- c2=bn_cmp_words(&(b[n]),b,n);
- zero=neg=0;
- switch (c1*3+c2)
- {
- case -4:
- bn_sub_words(t, &(a[n]),a, n); /* - */
- bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */
- break;
- case -3:
- zero=1;
- /* break; */
- case -2:
- bn_sub_words(t, &(a[n]),a, n); /* - */
- bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */
- neg=1;
- break;
- case -1:
- case 0:
- case 1:
- zero=1;
- /* break; */
- case 2:
- bn_sub_words(t, a, &(a[n]),n); /* + */
- bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */
- neg=1;
- break;
- case 3:
- zero=1;
- /* break; */
- case 4:
- bn_sub_words(t, a, &(a[n]),n);
- bn_sub_words(&(t[n]),&(b[n]),b, n);
- break;
- }
- /* The zero case isn't yet implemented here. The speedup
- would probably be negligible. */
-# if 0
- if (n == 4)
- {
- bn_mul_comba4(&(t[n2]),t,&(t[n]));
- bn_mul_comba4(r,a,b);
- bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
- memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2));
- }
- else
-# endif
- if (n == 8)
- {
- bn_mul_comba8(&(t[n2]),t,&(t[n]));
- bn_mul_comba8(r,a,b);
- bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
- memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2));
- }
- else
- {
- p= &(t[n2*2]);
- bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p);
- bn_mul_recursive(r,a,b,n,p);
- i=n/2;
- /* If there is only a bottom half to the number,
- * just do it */
- j=tn-i;
- if (j == 0)
- {
- bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p);
- memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2));
- }
- else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */
- {
- bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]),
- j,i,p);
- memset(&(r[n2+tn*2]),0,
- sizeof(BN_ULONG)*(n2-tn*2));
- }
- else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */
- {
- memset(&(r[n2]),0,sizeof(BN_ULONG)*n2);
- if (tn < BN_MUL_RECURSIVE_SIZE_NORMAL)
- {
- bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn);
- }
- else
- {
- for (;;)
- {
- i/=2;
- if (i < tn)
- {
- bn_mul_part_recursive(&(r[n2]),
- &(a[n]),&(b[n]),
- tn-i,i,p);
- break;
- }
- else if (i == tn)
- {
- bn_mul_recursive(&(r[n2]),
- &(a[n]),&(b[n]),
- i,p);
- break;
- }
- }
- }
- }
- }
-
- /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
- * r[10] holds (a[0]*b[0])
- * r[32] holds (b[1]*b[1])
- */
-
- c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
-
- if (neg) /* if t[32] is negative */
- {
- c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
- }
- else
- {
- /* Might have a carry */
- c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
- }
-
- /* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
- * r[10] holds (a[0]*b[0])
- * r[32] holds (b[1]*b[1])
- * c1 holds the carry bits
- */
- c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
- if (c1)
- {
- p= &(r[n+n2]);
- lo= *p;
- ln=(lo+c1)&BN_MASK2;
- *p=ln;
-
- /* The overflow will stop before we over write
- * words we should not overwrite */
- if (ln < c1)
- {
- do {
- p++;
- lo= *p;
- ln=(lo+1)&BN_MASK2;
- *p=ln;
- } while (ln == 0);
- }
- }
- }
-
-/* a and b must be the same size, which is n2.
- * r needs to be n2 words and t needs to be n2*2
- */
-void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
- BN_ULONG *t)
- {
- int n=n2/2;
-
-# ifdef BN_COUNT
- printf(" bn_mul_low_recursive %d * %d\n",n2,n2);
-# endif
-
- bn_mul_recursive(r,a,b,n,&(t[0]));
- if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL)
- {
- bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2]));
- bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
- bn_mul_low_recursive(&(t[0]),&(a[n]),&(b[0]),n,&(t[n2]));
- bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
- }
- else
- {
- bn_mul_low_normal(&(t[0]),&(a[0]),&(b[n]),n);
- bn_mul_low_normal(&(t[n]),&(a[n]),&(b[0]),n);
- bn_add_words(&(r[n]),&(r[n]),&(t[0]),n);
- bn_add_words(&(r[n]),&(r[n]),&(t[n]),n);
- }
- }
-
-/* a and b must be the same size, which is n2.
- * r needs to be n2 words and t needs to be n2*2
- * l is the low words of the output.
- * t needs to be n2*3
- */
-void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
- BN_ULONG *t)
- {
- int i,n;
- int c1,c2;
- int neg,oneg,zero;
- BN_ULONG ll,lc,*lp,*mp;
-
-# ifdef BN_COUNT
- printf(" bn_mul_high %d * %d\n",n2,n2);
-# endif
- n=n2/2;
-
- /* Calculate (al-ah)*(bh-bl) */
- neg=zero=0;
- c1=bn_cmp_words(&(a[0]),&(a[n]),n);
- c2=bn_cmp_words(&(b[n]),&(b[0]),n);
- switch (c1*3+c2)
- {
- case -4:
- bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
- bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
- break;
- case -3:
- zero=1;
- break;
- case -2:
- bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n);
- bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
- neg=1;
- break;
- case -1:
- case 0:
- case 1:
- zero=1;
- break;
- case 2:
- bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
- bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n);
- neg=1;
- break;
- case 3:
- zero=1;
- break;
- case 4:
- bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n);
- bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n);
- break;
- }
-
- oneg=neg;
- /* t[10] = (a[0]-a[1])*(b[1]-b[0]) */
- /* r[10] = (a[1]*b[1]) */
-# ifdef BN_MUL_COMBA
- if (n == 8)
- {
- bn_mul_comba8(&(t[0]),&(r[0]),&(r[n]));
- bn_mul_comba8(r,&(a[n]),&(b[n]));
- }
- else
-# endif
- {
- bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2]));
- bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2]));
- }
-
- /* s0 == low(al*bl)
- * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
- * We know s0 and s1 so the only unknown is high(al*bl)
- * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
- * high(al*bl) == s1 - (r[0]+l[0]+t[0])
- */
- if (l != NULL)
- {
- lp= &(t[n2+n]);
- c1=(int)(bn_add_words(lp,&(r[0]),&(l[0]),n));
- }
- else
- {
- c1=0;
- lp= &(r[0]);
- }
-
- if (neg)
- neg=(int)(bn_sub_words(&(t[n2]),lp,&(t[0]),n));
- else
- {
- bn_add_words(&(t[n2]),lp,&(t[0]),n);
- neg=0;
- }
-
- if (l != NULL)
- {
- bn_sub_words(&(t[n2+n]),&(l[n]),&(t[n2]),n);
- }
- else
- {
- lp= &(t[n2+n]);
- mp= &(t[n2]);
- for (i=0; i<n; i++)
- lp[i]=((~mp[i])+1)&BN_MASK2;
- }
-
- /* s[0] = low(al*bl)
- * t[3] = high(al*bl)
- * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
- * r[10] = (a[1]*b[1])
- */
- /* R[10] = al*bl
- * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
- * R[32] = ah*bh
- */
- /* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
- * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
- * R[3]=r[1]+(carry/borrow)
- */
- if (l != NULL)
- {
- lp= &(t[n2]);
- c1= (int)(bn_add_words(lp,&(t[n2+n]),&(l[0]),n));
- }
- else
- {
- lp= &(t[n2+n]);
- c1=0;
- }
- c1+=(int)(bn_add_words(&(t[n2]),lp, &(r[0]),n));
- if (oneg)
- c1-=(int)(bn_sub_words(&(t[n2]),&(t[n2]),&(t[0]),n));
- else
- c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),&(t[0]),n));
-
- c2 =(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n2+n]),n));
- c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(r[n]),n));
- if (oneg)
- c2-=(int)(bn_sub_words(&(r[0]),&(r[0]),&(t[n]),n));
- else
- c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n]),n));
-
- if (c1 != 0) /* Add starting at r[0], could be +ve or -ve */
- {
- i=0;
- if (c1 > 0)
- {
- lc=c1;
- do {
- ll=(r[i]+lc)&BN_MASK2;
- r[i++]=ll;
- lc=(lc > ll);
- } while (lc);
- }
- else
- {
- lc= -c1;
- do {
- ll=r[i];
- r[i++]=(ll-lc)&BN_MASK2;
- lc=(lc > ll);
- } while (lc);
- }
- }
- if (c2 != 0) /* Add starting at r[1] */
- {
- i=n;
- if (c2 > 0)
- {
- lc=c2;
- do {
- ll=(r[i]+lc)&BN_MASK2;
- r[i++]=ll;
- lc=(lc > ll);
- } while (lc);
- }
- else
- {
- lc= -c2;
- do {
- ll=r[i];
- r[i++]=(ll-lc)&BN_MASK2;
- lc=(lc > ll);
- } while (lc);
- }
- }
- }
-#endif /* BN_RECURSION */
-
-int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
- {
- int top,al,bl;
- BIGNUM *rr;
- int ret = 0;
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
- int i;
-#endif
-#ifdef BN_RECURSION
- BIGNUM *t;
- int j,k;
-#endif
-
-#ifdef BN_COUNT
- printf("BN_mul %d * %d\n",a->top,b->top);
-#endif
-
- bn_check_top(a);
- bn_check_top(b);
- bn_check_top(r);
-
- al=a->top;
- bl=b->top;
-
- if ((al == 0) || (bl == 0))
- {
- BN_zero(r);
- return(1);
- }
- top=al+bl;
-
- BN_CTX_start(ctx);
- if ((r == a) || (r == b))
- {
- if ((rr = BN_CTX_get(ctx)) == NULL) goto err;
- }
- else
- rr = r;
- rr->neg=a->neg^b->neg;
-
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
- i = al-bl;
-#endif
-#ifdef BN_MUL_COMBA
- if (i == 0)
- {
-# if 0
- if (al == 4)
- {
- if (bn_wexpand(rr,8) == NULL) goto err;
- rr->top=8;
- bn_mul_comba4(rr->d,a->d,b->d);
- goto end;
- }
-# endif
- if (al == 8)
- {
- if (bn_wexpand(rr,16) == NULL) goto err;
- rr->top=16;
- bn_mul_comba8(rr->d,a->d,b->d);
- goto end;
- }
- }
-#endif /* BN_MUL_COMBA */
-#ifdef BN_RECURSION
- if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL))
- {
- if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA))
- {
- bn_wexpand(b,al);
- b->d[bl]=0;
- bl++;
- i--;
- }
- else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA))
- {
- bn_wexpand(a,bl);
- a->d[al]=0;
- al++;
- i++;
- }
- if (i == 0)
- {
- /* symmetric and > 4 */
- /* 16 or larger */
- j=BN_num_bits_word((BN_ULONG)al);
- j=1<<(j-1);
- k=j+j;
- t = BN_CTX_get(ctx);
- if (al == j) /* exact multiple */
- {
- bn_wexpand(t,k*2);
- bn_wexpand(rr,k*2);
- bn_mul_recursive(rr->d,a->d,b->d,al,t->d);
- }
- else
- {
- bn_wexpand(a,k);
- bn_wexpand(b,k);
- bn_wexpand(t,k*4);
- bn_wexpand(rr,k*4);
- for (i=a->top; i<k; i++)
- a->d[i]=0;
- for (i=b->top; i<k; i++)
- b->d[i]=0;
- bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d);
- }
- rr->top=top;
- goto end;
- }
- }
-#endif /* BN_RECURSION */
- if (bn_wexpand(rr,top) == NULL) goto err;
- rr->top=top;
- bn_mul_normal(rr->d,a->d,al,b->d,bl);
-
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
-end:
-#endif
- bn_fix_top(rr);
- if (r != rr) BN_copy(r,rr);
- ret=1;
-err:
- BN_CTX_end(ctx);
- return(ret);
- }
-
-void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
- {
- BN_ULONG *rr;
-
-#ifdef BN_COUNT
- printf(" bn_mul_normal %d * %d\n",na,nb);
-#endif
-
- if (na < nb)
- {
- int itmp;
- BN_ULONG *ltmp;
-
- itmp=na; na=nb; nb=itmp;
- ltmp=a; a=b; b=ltmp;
-
- }
- rr= &(r[na]);
- rr[0]=bn_mul_words(r,a,na,b[0]);
-
- for (;;)
- {
- if (--nb <= 0) return;
- rr[1]=bn_mul_add_words(&(r[1]),a,na,b[1]);
- if (--nb <= 0) return;
- rr[2]=bn_mul_add_words(&(r[2]),a,na,b[2]);
- if (--nb <= 0) return;
- rr[3]=bn_mul_add_words(&(r[3]),a,na,b[3]);
- if (--nb <= 0) return;
- rr[4]=bn_mul_add_words(&(r[4]),a,na,b[4]);
- rr+=4;
- r+=4;
- b+=4;
- }
- }
-
-void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
- {
-#ifdef BN_COUNT
- printf(" bn_mul_low_normal %d * %d\n",n,n);
-#endif
- bn_mul_words(r,a,n,b[0]);
-
- for (;;)
- {
- if (--n <= 0) return;
- bn_mul_add_words(&(r[1]),a,n,b[1]);
- if (--n <= 0) return;
- bn_mul_add_words(&(r[2]),a,n,b[2]);
- if (--n <= 0) return;
- bn_mul_add_words(&(r[3]),a,n,b[3]);
- if (--n <= 0) return;
- bn_mul_add_words(&(r[4]),a,n,b[4]);
- r+=4;
- b+=4;
- }
- }
diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c
deleted file mode 100644
index a5f01b92eb..0000000000
--- a/src/lib/libcrypto/bn/bn_prime.c
+++ /dev/null
@@ -1,465 +0,0 @@
-/* crypto/bn/bn_prime.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-#include <openssl/rand.h>
-
-/* The quick sieve algorithm approach to weeding out primes is
- * Philip Zimmermann's, as implemented in PGP. I have had a read of
- * his comments and implemented my own version.
- */
-#include "bn_prime.h"
-
-static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
- const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont);
-static int probable_prime(BIGNUM *rnd, int bits);
-static int probable_prime_dh(BIGNUM *rnd, int bits,
- BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
-static int probable_prime_dh_safe(BIGNUM *rnd, int bits,
- BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
-
-BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, BIGNUM *add,
- BIGNUM *rem, void (*callback)(int,int,void *), void *cb_arg)
- {
- BIGNUM *rnd=NULL;
- BIGNUM t;
- int found=0;
- int i,j,c1=0;
- BN_CTX *ctx;
- int checks = BN_prime_checks_for_size(bits);
-
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
- if (ret == NULL)
- {
- if ((rnd=BN_new()) == NULL) goto err;
- }
- else
- rnd=ret;
- BN_init(&t);
-loop:
- /* make a random number and set the top and bottom bits */
- if (add == NULL)
- {
- if (!probable_prime(rnd,bits)) goto err;
- }
- else
- {
- if (safe)
- {
- if (!probable_prime_dh_safe(rnd,bits,add,rem,ctx))
- goto err;
- }
- else
- {
- if (!probable_prime_dh(rnd,bits,add,rem,ctx))
- goto err;
- }
- }
- /* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */
- if (callback != NULL) callback(0,c1++,cb_arg);
-
- if (!safe)
- {
- i=BN_is_prime_fasttest(rnd,checks,callback,ctx,cb_arg,0);
- if (i == -1) goto err;
- if (i == 0) goto loop;
- }
- else
- {
- /* for "safe prime" generation,
- * check that (p-1)/2 is prime.
- * Since a prime is odd, We just
- * need to divide by 2 */
- if (!BN_rshift1(&t,rnd)) goto err;
-
- for (i=0; i<checks; i++)
- {
- j=BN_is_prime_fasttest(rnd,1,callback,ctx,cb_arg,0);
- if (j == -1) goto err;
- if (j == 0) goto loop;
-
- j=BN_is_prime_fasttest(&t,1,callback,ctx,cb_arg,0);
- if (j == -1) goto err;
- if (j == 0) goto loop;
-
- if (callback != NULL) callback(2,c1-1,cb_arg);
- /* We have a safe prime test pass */
- }
- }
- /* we have a prime :-) */
- found = 1;
-err:
- if (!found && (ret == NULL) && (rnd != NULL)) BN_free(rnd);
- BN_free(&t);
- if (ctx != NULL) BN_CTX_free(ctx);
- return(found ? rnd : NULL);
- }
-
-int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int,int,void *),
- BN_CTX *ctx_passed, void *cb_arg)
- {
- return BN_is_prime_fasttest(a, checks, callback, ctx_passed, cb_arg, 0);
- }
-
-int BN_is_prime_fasttest(const BIGNUM *a, int checks,
- void (*callback)(int,int,void *),
- BN_CTX *ctx_passed, void *cb_arg,
- int do_trial_division)
- {
- int i, j, ret = -1;
- int k;
- BN_CTX *ctx = NULL;
- BIGNUM *A1, *A1_odd, *check; /* taken from ctx */
- BN_MONT_CTX *mont = NULL;
- const BIGNUM *A = NULL;
-
- if (checks == BN_prime_checks)
- checks = BN_prime_checks_for_size(BN_num_bits(a));
-
- /* first look for small factors */
- if (!BN_is_odd(a))
- return(0);
- if (do_trial_division)
- {
- for (i = 1; i < NUMPRIMES; i++)
- if (BN_mod_word(a, primes[i]) == 0)
- return 0;
- if (callback != NULL) callback(1, -1, cb_arg);
- }
-
- if (ctx_passed != NULL)
- ctx = ctx_passed;
- else
- if ((ctx=BN_CTX_new()) == NULL)
- goto err;
- BN_CTX_start(ctx);
-
- /* A := abs(a) */
- if (a->neg)
- {
- BIGNUM *t;
- if ((t = BN_CTX_get(ctx)) == NULL) goto err;
- BN_copy(t, a);
- t->neg = 0;
- A = t;
- }
- else
- A = a;
- A1 = BN_CTX_get(ctx);
- A1_odd = BN_CTX_get(ctx);
- check = BN_CTX_get(ctx);
- if (check == NULL) goto err;
-
- /* compute A1 := A - 1 */
- if (!BN_copy(A1, A))
- goto err;
- if (!BN_sub_word(A1, 1))
- goto err;
- if (BN_is_zero(A1))
- {
- ret = 0;
- goto err;
- }
-
- /* write A1 as A1_odd * 2^k */
- k = 1;
- while (!BN_is_bit_set(A1, k))
- k++;
- if (!BN_rshift(A1_odd, A1, k))
- goto err;
-
- /* Montgomery setup for computations mod A */
- mont = BN_MONT_CTX_new();
- if (mont == NULL)
- goto err;
- if (!BN_MONT_CTX_set(mont, A, ctx))
- goto err;
-
- for (i = 0; i < checks; i++)
- {
- if (!BN_pseudo_rand(check, BN_num_bits(A1), 0, 0))
- goto err;
- if (BN_cmp(check, A1) >= 0)
- if (!BN_sub(check, check, A1))
- goto err;
- if (!BN_add_word(check, 1))
- goto err;
- /* now 1 <= check < A */
-
- j = witness(check, A, A1, A1_odd, k, ctx, mont);
- if (j == -1) goto err;
- if (j)
- {
- ret=0;
- goto err;
- }
- if (callback != NULL) callback(1,i,cb_arg);
- }
- ret=1;
-err:
- if (ctx != NULL)
- {
- BN_CTX_end(ctx);
- if (ctx_passed == NULL)
- BN_CTX_free(ctx);
- }
- if (mont != NULL)
- BN_MONT_CTX_free(mont);
-
- return(ret);
- }
-
-static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
- const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont)
- {
- if (!BN_mod_exp_mont(w, w, a1_odd, a, ctx, mont)) /* w := w^a1_odd mod a */
- return -1;
- if (BN_is_one(w))
- return 0; /* probably prime */
- if (BN_cmp(w, a1) == 0)
- return 0; /* w == -1 (mod a), 'a' is probably prime */
- while (--k)
- {
- if (!BN_mod_mul(w, w, w, a, ctx)) /* w := w^2 mod a */
- return -1;
- if (BN_is_one(w))
- return 1; /* 'a' is composite, otherwise a previous 'w' would
- * have been == -1 (mod 'a') */
- if (BN_cmp(w, a1) == 0)
- return 0; /* w == -1 (mod a), 'a' is probably prime */
- }
- /* If we get here, 'w' is the (a-1)/2-th power of the original 'w',
- * and it is neither -1 nor +1 -- so 'a' cannot be prime */
- return 1;
- }
-
-static int probable_prime(BIGNUM *rnd, int bits)
- {
- int i;
- BN_ULONG mods[NUMPRIMES];
- BN_ULONG delta,d;
-
-again:
- if (!BN_rand(rnd,bits,1,1)) return(0);
- /* we now have a random number 'rand' to test. */
- for (i=1; i<NUMPRIMES; i++)
- mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]);
- delta=0;
- loop: for (i=1; i<NUMPRIMES; i++)
- {
- /* check that rnd is not a prime and also
- * that gcd(rnd-1,primes) == 1 (except for 2) */
- if (((mods[i]+delta)%primes[i]) <= 1)
- {
- d=delta;
- delta+=2;
- /* perhaps need to check for overflow of
- * delta (but delta can be up to 2^32)
- * 21-May-98 eay - added overflow check */
- if (delta < d) goto again;
- goto loop;
- }
- }
- if (!BN_add_word(rnd,delta)) return(0);
- return(1);
- }
-
-static int probable_prime_dh(BIGNUM *rnd, int bits, BIGNUM *add, BIGNUM *rem,
- BN_CTX *ctx)
- {
- int i,ret=0;
- BIGNUM *t1;
-
- BN_CTX_start(ctx);
- if ((t1 = BN_CTX_get(ctx)) == NULL) goto err;
-
- if (!BN_rand(rnd,bits,0,1)) goto err;
-
- /* we need ((rnd-rem) % add) == 0 */
-
- if (!BN_mod(t1,rnd,add,ctx)) goto err;
- if (!BN_sub(rnd,rnd,t1)) goto err;
- if (rem == NULL)
- { if (!BN_add_word(rnd,1)) goto err; }
- else
- { if (!BN_add(rnd,rnd,rem)) goto err; }
-
- /* we now have a random number 'rand' to test. */
-
- loop: for (i=1; i<NUMPRIMES; i++)
- {
- /* check that rnd is a prime */
- if (BN_mod_word(rnd,(BN_ULONG)primes[i]) <= 1)
- {
- if (!BN_add(rnd,rnd,add)) goto err;
- goto loop;
- }
- }
- ret=1;
-err:
- BN_CTX_end(ctx);
- return(ret);
- }
-
-static int probable_prime_dh_safe(BIGNUM *p, int bits, BIGNUM *padd,
- BIGNUM *rem, BN_CTX *ctx)
- {
- int i,ret=0;
- BIGNUM *t1,*qadd,*q;
-
- bits--;
- BN_CTX_start(ctx);
- t1 = BN_CTX_get(ctx);
- q = BN_CTX_get(ctx);
- qadd = BN_CTX_get(ctx);
- if (qadd == NULL) goto err;
-
- if (!BN_rshift1(qadd,padd)) goto err;
-
- if (!BN_rand(q,bits,0,1)) goto err;
-
- /* we need ((rnd-rem) % add) == 0 */
- if (!BN_mod(t1,q,qadd,ctx)) goto err;
- if (!BN_sub(q,q,t1)) goto err;
- if (rem == NULL)
- { if (!BN_add_word(q,1)) goto err; }
- else
- {
- if (!BN_rshift1(t1,rem)) goto err;
- if (!BN_add(q,q,t1)) goto err;
- }
-
- /* we now have a random number 'rand' to test. */
- if (!BN_lshift1(p,q)) goto err;
- if (!BN_add_word(p,1)) goto err;
-
- loop: for (i=1; i<NUMPRIMES; i++)
- {
- /* check that p and q are prime */
- /* check that for p and q
- * gcd(p-1,primes) == 1 (except for 2) */
- if ( (BN_mod_word(p,(BN_ULONG)primes[i]) == 0) ||
- (BN_mod_word(q,(BN_ULONG)primes[i]) == 0))
- {
- if (!BN_add(p,p,padd)) goto err;
- if (!BN_add(q,q,qadd)) goto err;
- goto loop;
- }
- }
- ret=1;
-err:
- BN_CTX_end(ctx);
- return(ret);
- }
diff --git a/src/lib/libcrypto/bn/bn_prime.h b/src/lib/libcrypto/bn/bn_prime.h
deleted file mode 100644
index b7cf9a9bfe..0000000000
--- a/src/lib/libcrypto/bn/bn_prime.h
+++ /dev/null
@@ -1,325 +0,0 @@
-/* Auto generated by bn_prime.pl */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef EIGHT_BIT
-#define NUMPRIMES 2048
-#else
-#define NUMPRIMES 54
-#endif
-static const unsigned int primes[NUMPRIMES]=
- {
- 2, 3, 5, 7, 11, 13, 17, 19,
- 23, 29, 31, 37, 41, 43, 47, 53,
- 59, 61, 67, 71, 73, 79, 83, 89,
- 97, 101, 103, 107, 109, 113, 127, 131,
- 137, 139, 149, 151, 157, 163, 167, 173,
- 179, 181, 191, 193, 197, 199, 211, 223,
- 227, 229, 233, 239, 241, 251,
-#ifndef EIGHT_BIT
- 257, 263,
- 269, 271, 277, 281, 283, 293, 307, 311,
- 313, 317, 331, 337, 347, 349, 353, 359,
- 367, 373, 379, 383, 389, 397, 401, 409,
- 419, 421, 431, 433, 439, 443, 449, 457,
- 461, 463, 467, 479, 487, 491, 499, 503,
- 509, 521, 523, 541, 547, 557, 563, 569,
- 571, 577, 587, 593, 599, 601, 607, 613,
- 617, 619, 631, 641, 643, 647, 653, 659,
- 661, 673, 677, 683, 691, 701, 709, 719,
- 727, 733, 739, 743, 751, 757, 761, 769,
- 773, 787, 797, 809, 811, 821, 823, 827,
- 829, 839, 853, 857, 859, 863, 877, 881,
- 883, 887, 907, 911, 919, 929, 937, 941,
- 947, 953, 967, 971, 977, 983, 991, 997,
- 1009,1013,1019,1021,1031,1033,1039,1049,
- 1051,1061,1063,1069,1087,1091,1093,1097,
- 1103,1109,1117,1123,1129,1151,1153,1163,
- 1171,1181,1187,1193,1201,1213,1217,1223,
- 1229,1231,1237,1249,1259,1277,1279,1283,
- 1289,1291,1297,1301,1303,1307,1319,1321,
- 1327,1361,1367,1373,1381,1399,1409,1423,
- 1427,1429,1433,1439,1447,1451,1453,1459,
- 1471,1481,1483,1487,1489,1493,1499,1511,
- 1523,1531,1543,1549,1553,1559,1567,1571,
- 1579,1583,1597,1601,1607,1609,1613,1619,
- 1621,1627,1637,1657,1663,1667,1669,1693,
- 1697,1699,1709,1721,1723,1733,1741,1747,
- 1753,1759,1777,1783,1787,1789,1801,1811,
- 1823,1831,1847,1861,1867,1871,1873,1877,
- 1879,1889,1901,1907,1913,1931,1933,1949,
- 1951,1973,1979,1987,1993,1997,1999,2003,
- 2011,2017,2027,2029,2039,2053,2063,2069,
- 2081,2083,2087,2089,2099,2111,2113,2129,
- 2131,2137,2141,2143,2153,2161,2179,2203,
- 2207,2213,2221,2237,2239,2243,2251,2267,
- 2269,2273,2281,2287,2293,2297,2309,2311,
- 2333,2339,2341,2347,2351,2357,2371,2377,
- 2381,2383,2389,2393,2399,2411,2417,2423,
- 2437,2441,2447,2459,2467,2473,2477,2503,
- 2521,2531,2539,2543,2549,2551,2557,2579,
- 2591,2593,2609,2617,2621,2633,2647,2657,
- 2659,2663,2671,2677,2683,2687,2689,2693,
- 2699,2707,2711,2713,2719,2729,2731,2741,
- 2749,2753,2767,2777,2789,2791,2797,2801,
- 2803,2819,2833,2837,2843,2851,2857,2861,
- 2879,2887,2897,2903,2909,2917,2927,2939,
- 2953,2957,2963,2969,2971,2999,3001,3011,
- 3019,3023,3037,3041,3049,3061,3067,3079,
- 3083,3089,3109,3119,3121,3137,3163,3167,
- 3169,3181,3187,3191,3203,3209,3217,3221,
- 3229,3251,3253,3257,3259,3271,3299,3301,
- 3307,3313,3319,3323,3329,3331,3343,3347,
- 3359,3361,3371,3373,3389,3391,3407,3413,
- 3433,3449,3457,3461,3463,3467,3469,3491,
- 3499,3511,3517,3527,3529,3533,3539,3541,
- 3547,3557,3559,3571,3581,3583,3593,3607,
- 3613,3617,3623,3631,3637,3643,3659,3671,
- 3673,3677,3691,3697,3701,3709,3719,3727,
- 3733,3739,3761,3767,3769,3779,3793,3797,
- 3803,3821,3823,3833,3847,3851,3853,3863,
- 3877,3881,3889,3907,3911,3917,3919,3923,
- 3929,3931,3943,3947,3967,3989,4001,4003,
- 4007,4013,4019,4021,4027,4049,4051,4057,
- 4073,4079,4091,4093,4099,4111,4127,4129,
- 4133,4139,4153,4157,4159,4177,4201,4211,
- 4217,4219,4229,4231,4241,4243,4253,4259,
- 4261,4271,4273,4283,4289,4297,4327,4337,
- 4339,4349,4357,4363,4373,4391,4397,4409,
- 4421,4423,4441,4447,4451,4457,4463,4481,
- 4483,4493,4507,4513,4517,4519,4523,4547,
- 4549,4561,4567,4583,4591,4597,4603,4621,
- 4637,4639,4643,4649,4651,4657,4663,4673,
- 4679,4691,4703,4721,4723,4729,4733,4751,
- 4759,4783,4787,4789,4793,4799,4801,4813,
- 4817,4831,4861,4871,4877,4889,4903,4909,
- 4919,4931,4933,4937,4943,4951,4957,4967,
- 4969,4973,4987,4993,4999,5003,5009,5011,
- 5021,5023,5039,5051,5059,5077,5081,5087,
- 5099,5101,5107,5113,5119,5147,5153,5167,
- 5171,5179,5189,5197,5209,5227,5231,5233,
- 5237,5261,5273,5279,5281,5297,5303,5309,
- 5323,5333,5347,5351,5381,5387,5393,5399,
- 5407,5413,5417,5419,5431,5437,5441,5443,
- 5449,5471,5477,5479,5483,5501,5503,5507,
- 5519,5521,5527,5531,5557,5563,5569,5573,
- 5581,5591,5623,5639,5641,5647,5651,5653,
- 5657,5659,5669,5683,5689,5693,5701,5711,
- 5717,5737,5741,5743,5749,5779,5783,5791,
- 5801,5807,5813,5821,5827,5839,5843,5849,
- 5851,5857,5861,5867,5869,5879,5881,5897,
- 5903,5923,5927,5939,5953,5981,5987,6007,
- 6011,6029,6037,6043,6047,6053,6067,6073,
- 6079,6089,6091,6101,6113,6121,6131,6133,
- 6143,6151,6163,6173,6197,6199,6203,6211,
- 6217,6221,6229,6247,6257,6263,6269,6271,
- 6277,6287,6299,6301,6311,6317,6323,6329,
- 6337,6343,6353,6359,6361,6367,6373,6379,
- 6389,6397,6421,6427,6449,6451,6469,6473,
- 6481,6491,6521,6529,6547,6551,6553,6563,
- 6569,6571,6577,6581,6599,6607,6619,6637,
- 6653,6659,6661,6673,6679,6689,6691,6701,
- 6703,6709,6719,6733,6737,6761,6763,6779,
- 6781,6791,6793,6803,6823,6827,6829,6833,
- 6841,6857,6863,6869,6871,6883,6899,6907,
- 6911,6917,6947,6949,6959,6961,6967,6971,
- 6977,6983,6991,6997,7001,7013,7019,7027,
- 7039,7043,7057,7069,7079,7103,7109,7121,
- 7127,7129,7151,7159,7177,7187,7193,7207,
- 7211,7213,7219,7229,7237,7243,7247,7253,
- 7283,7297,7307,7309,7321,7331,7333,7349,
- 7351,7369,7393,7411,7417,7433,7451,7457,
- 7459,7477,7481,7487,7489,7499,7507,7517,
- 7523,7529,7537,7541,7547,7549,7559,7561,
- 7573,7577,7583,7589,7591,7603,7607,7621,
- 7639,7643,7649,7669,7673,7681,7687,7691,
- 7699,7703,7717,7723,7727,7741,7753,7757,
- 7759,7789,7793,7817,7823,7829,7841,7853,
- 7867,7873,7877,7879,7883,7901,7907,7919,
- 7927,7933,7937,7949,7951,7963,7993,8009,
- 8011,8017,8039,8053,8059,8069,8081,8087,
- 8089,8093,8101,8111,8117,8123,8147,8161,
- 8167,8171,8179,8191,8209,8219,8221,8231,
- 8233,8237,8243,8263,8269,8273,8287,8291,
- 8293,8297,8311,8317,8329,8353,8363,8369,
- 8377,8387,8389,8419,8423,8429,8431,8443,
- 8447,8461,8467,8501,8513,8521,8527,8537,
- 8539,8543,8563,8573,8581,8597,8599,8609,
- 8623,8627,8629,8641,8647,8663,8669,8677,
- 8681,8689,8693,8699,8707,8713,8719,8731,
- 8737,8741,8747,8753,8761,8779,8783,8803,
- 8807,8819,8821,8831,8837,8839,8849,8861,
- 8863,8867,8887,8893,8923,8929,8933,8941,
- 8951,8963,8969,8971,8999,9001,9007,9011,
- 9013,9029,9041,9043,9049,9059,9067,9091,
- 9103,9109,9127,9133,9137,9151,9157,9161,
- 9173,9181,9187,9199,9203,9209,9221,9227,
- 9239,9241,9257,9277,9281,9283,9293,9311,
- 9319,9323,9337,9341,9343,9349,9371,9377,
- 9391,9397,9403,9413,9419,9421,9431,9433,
- 9437,9439,9461,9463,9467,9473,9479,9491,
- 9497,9511,9521,9533,9539,9547,9551,9587,
- 9601,9613,9619,9623,9629,9631,9643,9649,
- 9661,9677,9679,9689,9697,9719,9721,9733,
- 9739,9743,9749,9767,9769,9781,9787,9791,
- 9803,9811,9817,9829,9833,9839,9851,9857,
- 9859,9871,9883,9887,9901,9907,9923,9929,
- 9931,9941,9949,9967,9973,10007,10009,10037,
- 10039,10061,10067,10069,10079,10091,10093,10099,
- 10103,10111,10133,10139,10141,10151,10159,10163,
- 10169,10177,10181,10193,10211,10223,10243,10247,
- 10253,10259,10267,10271,10273,10289,10301,10303,
- 10313,10321,10331,10333,10337,10343,10357,10369,
- 10391,10399,10427,10429,10433,10453,10457,10459,
- 10463,10477,10487,10499,10501,10513,10529,10531,
- 10559,10567,10589,10597,10601,10607,10613,10627,
- 10631,10639,10651,10657,10663,10667,10687,10691,
- 10709,10711,10723,10729,10733,10739,10753,10771,
- 10781,10789,10799,10831,10837,10847,10853,10859,
- 10861,10867,10883,10889,10891,10903,10909,10937,
- 10939,10949,10957,10973,10979,10987,10993,11003,
- 11027,11047,11057,11059,11069,11071,11083,11087,
- 11093,11113,11117,11119,11131,11149,11159,11161,
- 11171,11173,11177,11197,11213,11239,11243,11251,
- 11257,11261,11273,11279,11287,11299,11311,11317,
- 11321,11329,11351,11353,11369,11383,11393,11399,
- 11411,11423,11437,11443,11447,11467,11471,11483,
- 11489,11491,11497,11503,11519,11527,11549,11551,
- 11579,11587,11593,11597,11617,11621,11633,11657,
- 11677,11681,11689,11699,11701,11717,11719,11731,
- 11743,11777,11779,11783,11789,11801,11807,11813,
- 11821,11827,11831,11833,11839,11863,11867,11887,
- 11897,11903,11909,11923,11927,11933,11939,11941,
- 11953,11959,11969,11971,11981,11987,12007,12011,
- 12037,12041,12043,12049,12071,12073,12097,12101,
- 12107,12109,12113,12119,12143,12149,12157,12161,
- 12163,12197,12203,12211,12227,12239,12241,12251,
- 12253,12263,12269,12277,12281,12289,12301,12323,
- 12329,12343,12347,12373,12377,12379,12391,12401,
- 12409,12413,12421,12433,12437,12451,12457,12473,
- 12479,12487,12491,12497,12503,12511,12517,12527,
- 12539,12541,12547,12553,12569,12577,12583,12589,
- 12601,12611,12613,12619,12637,12641,12647,12653,
- 12659,12671,12689,12697,12703,12713,12721,12739,
- 12743,12757,12763,12781,12791,12799,12809,12821,
- 12823,12829,12841,12853,12889,12893,12899,12907,
- 12911,12917,12919,12923,12941,12953,12959,12967,
- 12973,12979,12983,13001,13003,13007,13009,13033,
- 13037,13043,13049,13063,13093,13099,13103,13109,
- 13121,13127,13147,13151,13159,13163,13171,13177,
- 13183,13187,13217,13219,13229,13241,13249,13259,
- 13267,13291,13297,13309,13313,13327,13331,13337,
- 13339,13367,13381,13397,13399,13411,13417,13421,
- 13441,13451,13457,13463,13469,13477,13487,13499,
- 13513,13523,13537,13553,13567,13577,13591,13597,
- 13613,13619,13627,13633,13649,13669,13679,13681,
- 13687,13691,13693,13697,13709,13711,13721,13723,
- 13729,13751,13757,13759,13763,13781,13789,13799,
- 13807,13829,13831,13841,13859,13873,13877,13879,
- 13883,13901,13903,13907,13913,13921,13931,13933,
- 13963,13967,13997,13999,14009,14011,14029,14033,
- 14051,14057,14071,14081,14083,14087,14107,14143,
- 14149,14153,14159,14173,14177,14197,14207,14221,
- 14243,14249,14251,14281,14293,14303,14321,14323,
- 14327,14341,14347,14369,14387,14389,14401,14407,
- 14411,14419,14423,14431,14437,14447,14449,14461,
- 14479,14489,14503,14519,14533,14537,14543,14549,
- 14551,14557,14561,14563,14591,14593,14621,14627,
- 14629,14633,14639,14653,14657,14669,14683,14699,
- 14713,14717,14723,14731,14737,14741,14747,14753,
- 14759,14767,14771,14779,14783,14797,14813,14821,
- 14827,14831,14843,14851,14867,14869,14879,14887,
- 14891,14897,14923,14929,14939,14947,14951,14957,
- 14969,14983,15013,15017,15031,15053,15061,15073,
- 15077,15083,15091,15101,15107,15121,15131,15137,
- 15139,15149,15161,15173,15187,15193,15199,15217,
- 15227,15233,15241,15259,15263,15269,15271,15277,
- 15287,15289,15299,15307,15313,15319,15329,15331,
- 15349,15359,15361,15373,15377,15383,15391,15401,
- 15413,15427,15439,15443,15451,15461,15467,15473,
- 15493,15497,15511,15527,15541,15551,15559,15569,
- 15581,15583,15601,15607,15619,15629,15641,15643,
- 15647,15649,15661,15667,15671,15679,15683,15727,
- 15731,15733,15737,15739,15749,15761,15767,15773,
- 15787,15791,15797,15803,15809,15817,15823,15859,
- 15877,15881,15887,15889,15901,15907,15913,15919,
- 15923,15937,15959,15971,15973,15991,16001,16007,
- 16033,16057,16061,16063,16067,16069,16073,16087,
- 16091,16097,16103,16111,16127,16139,16141,16183,
- 16187,16189,16193,16217,16223,16229,16231,16249,
- 16253,16267,16273,16301,16319,16333,16339,16349,
- 16361,16363,16369,16381,16411,16417,16421,16427,
- 16433,16447,16451,16453,16477,16481,16487,16493,
- 16519,16529,16547,16553,16561,16567,16573,16603,
- 16607,16619,16631,16633,16649,16651,16657,16661,
- 16673,16691,16693,16699,16703,16729,16741,16747,
- 16759,16763,16787,16811,16823,16829,16831,16843,
- 16871,16879,16883,16889,16901,16903,16921,16927,
- 16931,16937,16943,16963,16979,16981,16987,16993,
- 17011,17021,17027,17029,17033,17041,17047,17053,
- 17077,17093,17099,17107,17117,17123,17137,17159,
- 17167,17183,17189,17191,17203,17207,17209,17231,
- 17239,17257,17291,17293,17299,17317,17321,17327,
- 17333,17341,17351,17359,17377,17383,17387,17389,
- 17393,17401,17417,17419,17431,17443,17449,17467,
- 17471,17477,17483,17489,17491,17497,17509,17519,
- 17539,17551,17569,17573,17579,17581,17597,17599,
- 17609,17623,17627,17657,17659,17669,17681,17683,
- 17707,17713,17729,17737,17747,17749,17761,17783,
- 17789,17791,17807,17827,17837,17839,17851,17863,
-#endif
- };
diff --git a/src/lib/libcrypto/bn/bn_prime.pl b/src/lib/libcrypto/bn/bn_prime.pl
deleted file mode 100644
index 9fc3765486..0000000000
--- a/src/lib/libcrypto/bn/bn_prime.pl
+++ /dev/null
@@ -1,117 +0,0 @@
-#!/usr/local/bin/perl
-# bn_prime.pl
-
-$num=2048;
-$num=$ARGV[0] if ($#ARGV >= 0);
-
-push(@primes,2);
-$p=1;
-loop: while ($#primes < $num-1)
- {
- $p+=2;
- $s=int(sqrt($p));
-
- for ($i=0; $primes[$i]<=$s; $i++)
- {
- next loop if (($p%$primes[$i]) == 0);
- }
- push(@primes,$p);
- }
-
-# print <<"EOF";
-# /* Auto generated by bn_prime.pl */
-# /* Copyright (C) 1995-1997 Eric Young (eay\@mincom.oz.au).
-# * All rights reserved.
-# * Copyright remains Eric Young's, and as such any Copyright notices in
-# * the code are not to be removed.
-# * See the COPYRIGHT file in the SSLeay distribution for more details.
-# */
-#
-# EOF
-
-print <<\EOF;
-/* Auto generated by bn_prime.pl */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-EOF
-
-for ($i=0; $i <= $#primes; $i++)
- {
- if ($primes[$i] > 256)
- {
- $eight=$i;
- last;
- }
- }
-
-printf "#ifndef EIGHT_BIT\n";
-printf "#define NUMPRIMES %d\n",$num;
-printf "#else\n";
-printf "#define NUMPRIMES %d\n",$eight;
-printf "#endif\n";
-print "static const unsigned int primes[NUMPRIMES]=\n\t{\n\t";
-$init=0;
-for ($i=0; $i <= $#primes; $i++)
- {
- printf "\n#ifndef EIGHT_BIT\n\t" if ($primes[$i] > 256) && !($init++);
- printf("\n\t") if (($i%8) == 0) && ($i != 0);
- printf("%4d,",$primes[$i]);
- }
-print "\n#endif\n\t};\n";
-
-
diff --git a/src/lib/libcrypto/bn/bn_print.c b/src/lib/libcrypto/bn/bn_print.c
deleted file mode 100644
index 532e66bcc3..0000000000
--- a/src/lib/libcrypto/bn/bn_print.c
+++ /dev/null
@@ -1,332 +0,0 @@
-/* crypto/bn/bn_print.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include "bn_lcl.h"
-
-static const char *Hex="0123456789ABCDEF";
-
-/* Must 'OPENSSL_free' the returned data */
-char *BN_bn2hex(const BIGNUM *a)
- {
- int i,j,v,z=0;
- char *buf;
- char *p;
-
- buf=(char *)OPENSSL_malloc(a->top*BN_BYTES*2+2);
- if (buf == NULL)
- {
- BNerr(BN_F_BN_BN2HEX,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- p=buf;
- if (a->neg) *(p++)='-';
- if (a->top == 0) *(p++)='0';
- for (i=a->top-1; i >=0; i--)
- {
- for (j=BN_BITS2-8; j >= 0; j-=8)
- {
- /* strip leading zeros */
- v=((int)(a->d[i]>>(long)j))&0xff;
- if (z || (v != 0))
- {
- *(p++)=Hex[v>>4];
- *(p++)=Hex[v&0x0f];
- z=1;
- }
- }
- }
- *p='\0';
-err:
- return(buf);
- }
-
-/* Must 'OPENSSL_free' the returned data */
-char *BN_bn2dec(const BIGNUM *a)
- {
- int i=0,num;
- char *buf=NULL;
- char *p;
- BIGNUM *t=NULL;
- BN_ULONG *bn_data=NULL,*lp;
-
- i=BN_num_bits(a)*3;
- num=(i/10+i/1000+3)+1;
- bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG));
- buf=(char *)OPENSSL_malloc(num+3);
- if ((buf == NULL) || (bn_data == NULL))
- {
- BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if ((t=BN_dup(a)) == NULL) goto err;
-
- p=buf;
- lp=bn_data;
- if (t->neg) *(p++)='-';
- if (t->top == 0)
- {
- *(p++)='0';
- *(p++)='\0';
- }
- else
- {
- i=0;
- while (!BN_is_zero(t))
- {
- *lp=BN_div_word(t,BN_DEC_CONV);
- lp++;
- }
- lp--;
- /* We now have a series of blocks, BN_DEC_NUM chars
- * in length, where the last one needs truncation.
- * The blocks need to be reversed in order. */
- sprintf(p,BN_DEC_FMT1,*lp);
- while (*p) p++;
- while (lp != bn_data)
- {
- lp--;
- sprintf(p,BN_DEC_FMT2,*lp);
- while (*p) p++;
- }
- }
-err:
- if (bn_data != NULL) OPENSSL_free(bn_data);
- if (t != NULL) BN_free(t);
- return(buf);
- }
-
-int BN_hex2bn(BIGNUM **bn, const char *a)
- {
- BIGNUM *ret=NULL;
- BN_ULONG l=0;
- int neg=0,h,m,i,j,k,c;
- int num;
-
- if ((a == NULL) || (*a == '\0')) return(0);
-
- if (*a == '-') { neg=1; a++; }
-
- for (i=0; isxdigit((unsigned char) a[i]); i++)
- ;
-
- num=i+neg;
- if (bn == NULL) return(num);
-
- /* a is the start of the hex digits, and it is 'i' long */
- if (*bn == NULL)
- {
- if ((ret=BN_new()) == NULL) return(0);
- }
- else
- {
- ret= *bn;
- BN_zero(ret);
- }
-
- /* i is the number of hex digests; */
- if (bn_expand(ret,i*4) == NULL) goto err;
-
- j=i; /* least significant 'hex' */
- m=0;
- h=0;
- while (j > 0)
- {
- m=((BN_BYTES*2) <= j)?(BN_BYTES*2):j;
- l=0;
- for (;;)
- {
- c=a[j-m];
- if ((c >= '0') && (c <= '9')) k=c-'0';
- else if ((c >= 'a') && (c <= 'f')) k=c-'a'+10;
- else if ((c >= 'A') && (c <= 'F')) k=c-'A'+10;
- else k=0; /* paranoia */
- l=(l<<4)|k;
-
- if (--m <= 0)
- {
- ret->d[h++]=l;
- break;
- }
- }
- j-=(BN_BYTES*2);
- }
- ret->top=h;
- bn_fix_top(ret);
- ret->neg=neg;
-
- *bn=ret;
- return(num);
-err:
- if (*bn == NULL) BN_free(ret);
- return(0);
- }
-
-int BN_dec2bn(BIGNUM **bn, const char *a)
- {
- BIGNUM *ret=NULL;
- BN_ULONG l=0;
- int neg=0,i,j;
- int num;
-
- if ((a == NULL) || (*a == '\0')) return(0);
- if (*a == '-') { neg=1; a++; }
-
- for (i=0; isdigit((unsigned char) a[i]); i++)
- ;
-
- num=i+neg;
- if (bn == NULL) return(num);
-
- /* a is the start of the digits, and it is 'i' long.
- * We chop it into BN_DEC_NUM digits at a time */
- if (*bn == NULL)
- {
- if ((ret=BN_new()) == NULL) return(0);
- }
- else
- {
- ret= *bn;
- BN_zero(ret);
- }
-
- /* i is the number of digests, a bit of an over expand; */
- if (bn_expand(ret,i*4) == NULL) goto err;
-
- j=BN_DEC_NUM-(i%BN_DEC_NUM);
- if (j == BN_DEC_NUM) j=0;
- l=0;
- while (*a)
- {
- l*=10;
- l+= *a-'0';
- a++;
- if (++j == BN_DEC_NUM)
- {
- BN_mul_word(ret,BN_DEC_CONV);
- BN_add_word(ret,l);
- l=0;
- j=0;
- }
- }
- ret->neg=neg;
-
- bn_fix_top(ret);
- *bn=ret;
- return(num);
-err:
- if (*bn == NULL) BN_free(ret);
- return(0);
- }
-
-#ifndef NO_BIO
-#ifndef NO_FP_API
-int BN_print_fp(FILE *fp, const BIGNUM *a)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- return(0);
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=BN_print(b,a);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int BN_print(BIO *bp, const BIGNUM *a)
- {
- int i,j,v,z=0;
- int ret=0;
-
- if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end;
- if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end;
- for (i=a->top-1; i >=0; i--)
- {
- for (j=BN_BITS2-4; j >= 0; j-=4)
- {
- /* strip leading zeros */
- v=((int)(a->d[i]>>(long)j))&0x0f;
- if (z || (v != 0))
- {
- if (BIO_write(bp,&(Hex[v]),1) != 1)
- goto end;
- z=1;
- }
- }
- }
- ret=1;
-end:
- return(ret);
- }
-#endif
-
-#ifdef BN_DEBUG
-void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n)
- {
- int i;
- fprintf(o, "%s=", a);
- for (i=n-1;i>=0;i--)
- fprintf(o, "%08lX", b[i]); /* assumes 32-bit BN_ULONG */
- fprintf(o, "\n");
- }
-#endif
diff --git a/src/lib/libcrypto/bn/bn_rand.c b/src/lib/libcrypto/bn/bn_rand.c
deleted file mode 100644
index acd0619921..0000000000
--- a/src/lib/libcrypto/bn/bn_rand.c
+++ /dev/null
@@ -1,223 +0,0 @@
-/* crypto/bn/bn_rand.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-#include <openssl/rand.h>
-
-static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
- {
- unsigned char *buf=NULL;
- int ret=0,bit,bytes,mask;
- time_t tim;
-
- if (bits == 0)
- {
- BN_zero(rnd);
- return 1;
- }
-
- bytes=(bits+7)/8;
- bit=(bits-1)%8;
- mask=0xff<<(bit+1);
-
- buf=(unsigned char *)OPENSSL_malloc(bytes);
- if (buf == NULL)
- {
- BNerr(BN_F_BN_RAND,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* make a random number and set the top and bottom bits */
- time(&tim);
- RAND_add(&tim,sizeof(tim),0);
-
- if (pseudorand)
- {
- if (RAND_pseudo_bytes(buf, bytes) == -1)
- goto err;
- }
- else
- {
- if (RAND_bytes(buf, bytes) <= 0)
- goto err;
- }
-
-#if 1
- if (pseudorand == 2)
- {
- /* generate patterns that are more likely to trigger BN
- library bugs */
- int i;
- unsigned char c;
-
- for (i = 0; i < bytes; i++)
- {
- RAND_pseudo_bytes(&c, 1);
- if (c >= 128 && i > 0)
- buf[i] = buf[i-1];
- else if (c < 42)
- buf[i] = 0;
- else if (c < 84)
- buf[i] = 255;
- }
- }
-#endif
-
- if (top != -1)
- {
- if (top)
- {
- if (bit == 0)
- {
- buf[0]=1;
- buf[1]|=0x80;
- }
- else
- {
- buf[0]|=(3<<(bit-1));
- }
- }
- else
- {
- buf[0]|=(1<<bit);
- }
- }
- buf[0] &= ~mask;
- if (bottom) /* set bottom bit if requested */
- buf[bytes-1]|=1;
- if (!BN_bin2bn(buf,bytes,rnd)) goto err;
- ret=1;
-err:
- if (buf != NULL)
- {
- memset(buf,0,bytes);
- OPENSSL_free(buf);
- }
- return(ret);
- }
-
-int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
- {
- return bnrand(0, rnd, bits, top, bottom);
- }
-
-int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom)
- {
- return bnrand(1, rnd, bits, top, bottom);
- }
-
-#if 1
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom)
- {
- return bnrand(2, rnd, bits, top, bottom);
- }
-#endif
-
-/* random number r: 0 <= r < range */
-int BN_rand_range(BIGNUM *r, BIGNUM *range)
- {
- int n;
-
- if (range->neg || BN_is_zero(range))
- {
- BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE);
- return 0;
- }
-
- n = BN_num_bits(range); /* n > 0 */
-
- if (n == 1)
- {
- if (!BN_zero(r)) return 0;
- }
- else if (BN_is_bit_set(range, n - 2))
- {
- do
- {
- /* range = 11..._2, so each iteration succeeds with probability >= .75 */
- if (!BN_rand(r, n, -1, 0)) return 0;
- }
- while (BN_cmp(r, range) >= 0);
- }
- else
- {
- /* range = 10..._2,
- * so 3*range (= 11..._2) is exactly one bit longer than range */
- do
- {
- if (!BN_rand(r, n + 1, -1, 0)) return 0;
- /* If r < 3*range, use r := r MOD range
- * (which is either r, r - range, or r - 2*range).
- * Otherwise, iterate once more.
- * Since 3*range = 11..._2, each iteration succeeds with
- * probability >= .75. */
- if (BN_cmp(r ,range) >= 0)
- {
- if (!BN_sub(r, r, range)) return 0;
- if (BN_cmp(r, range) >= 0)
- if (!BN_sub(r, r, range)) return 0;
- }
- }
- while (BN_cmp(r, range) >= 0);
- }
-
- return 1;
- }
diff --git a/src/lib/libcrypto/bn/bn_recp.c b/src/lib/libcrypto/bn/bn_recp.c
deleted file mode 100644
index d019941d6b..0000000000
--- a/src/lib/libcrypto/bn/bn_recp.c
+++ /dev/null
@@ -1,220 +0,0 @@
-/* crypto/bn/bn_recp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-void BN_RECP_CTX_init(BN_RECP_CTX *recp)
- {
- BN_init(&(recp->N));
- BN_init(&(recp->Nr));
- recp->num_bits=0;
- recp->flags=0;
- }
-
-BN_RECP_CTX *BN_RECP_CTX_new(void)
- {
- BN_RECP_CTX *ret;
-
- if ((ret=(BN_RECP_CTX *)OPENSSL_malloc(sizeof(BN_RECP_CTX))) == NULL)
- return(NULL);
-
- BN_RECP_CTX_init(ret);
- ret->flags=BN_FLG_MALLOCED;
- return(ret);
- }
-
-void BN_RECP_CTX_free(BN_RECP_CTX *recp)
- {
- if(recp == NULL)
- return;
-
- BN_free(&(recp->N));
- BN_free(&(recp->Nr));
- if (recp->flags & BN_FLG_MALLOCED)
- OPENSSL_free(recp);
- }
-
-int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx)
- {
- BN_copy(&(recp->N),d);
- BN_zero(&(recp->Nr));
- recp->num_bits=BN_num_bits(d);
- recp->shift=0;
- return(1);
- }
-
-int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BN_RECP_CTX *recp,
- BN_CTX *ctx)
- {
- int ret=0;
- BIGNUM *a;
-
- BN_CTX_start(ctx);
- if ((a = BN_CTX_get(ctx)) == NULL) goto err;
- if (y != NULL)
- {
- if (x == y)
- { if (!BN_sqr(a,x,ctx)) goto err; }
- else
- { if (!BN_mul(a,x,y,ctx)) goto err; }
- }
- else
- a=x; /* Just do the mod */
-
- BN_div_recp(NULL,r,a,recp,ctx);
- ret=1;
-err:
- BN_CTX_end(ctx);
- return(ret);
- }
-
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BN_RECP_CTX *recp,
- BN_CTX *ctx)
- {
- int i,j,ret=0;
- BIGNUM *a,*b,*d,*r;
-
- BN_CTX_start(ctx);
- a=BN_CTX_get(ctx);
- b=BN_CTX_get(ctx);
- if (dv != NULL)
- d=dv;
- else
- d=BN_CTX_get(ctx);
- if (rem != NULL)
- r=rem;
- else
- r=BN_CTX_get(ctx);
- if (a == NULL || b == NULL || d == NULL || r == NULL) goto err;
-
- if (BN_ucmp(m,&(recp->N)) < 0)
- {
- BN_zero(d);
- BN_copy(r,m);
- BN_CTX_end(ctx);
- return(1);
- }
-
- /* We want the remainder
- * Given input of ABCDEF / ab
- * we need multiply ABCDEF by 3 digests of the reciprocal of ab
- *
- */
- i=BN_num_bits(m);
-
- j=recp->num_bits<<1;
- if (j>i) i=j;
- j>>=1;
-
- if (i != recp->shift)
- recp->shift=BN_reciprocal(&(recp->Nr),&(recp->N),
- i,ctx);
-
- if (!BN_rshift(a,m,j)) goto err;
- if (!BN_mul(b,a,&(recp->Nr),ctx)) goto err;
- if (!BN_rshift(d,b,i-j)) goto err;
- d->neg=0;
- if (!BN_mul(b,&(recp->N),d,ctx)) goto err;
- if (!BN_usub(r,m,b)) goto err;
- r->neg=0;
-
-#if 1
- j=0;
- while (BN_ucmp(r,&(recp->N)) >= 0)
- {
- if (j++ > 2)
- {
- BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL);
- goto err;
- }
- if (!BN_usub(r,r,&(recp->N))) goto err;
- if (!BN_add_word(d,1)) goto err;
- }
-#endif
-
- r->neg=BN_is_zero(r)?0:m->neg;
- d->neg=m->neg^recp->N.neg;
- ret=1;
-err:
- BN_CTX_end(ctx);
- return(ret);
- }
-
-/* len is the expected size of the result
- * We actually calculate with an extra word of precision, so
- * we can do faster division if the remainder is not required.
- */
-int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx)
- {
- int ret= -1;
- BIGNUM t;
-
- BN_init(&t);
-
- BN_zero(&t);
- if (!BN_set_bit(&t,len)) goto err;
-
- if (!BN_div(r,NULL,&t,m,ctx)) goto err;
- ret=len;
-err:
- BN_free(&t);
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/bn/bn_shift.c b/src/lib/libcrypto/bn/bn_shift.c
deleted file mode 100644
index c2608f9f4a..0000000000
--- a/src/lib/libcrypto/bn/bn_shift.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/* crypto/bn/bn_shift.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-int BN_lshift1(BIGNUM *r, BIGNUM *a)
- {
- register BN_ULONG *ap,*rp,t,c;
- int i;
-
- if (r != a)
- {
- r->neg=a->neg;
- if (bn_wexpand(r,a->top+1) == NULL) return(0);
- r->top=a->top;
- }
- else
- {
- if (bn_wexpand(r,a->top+1) == NULL) return(0);
- }
- ap=a->d;
- rp=r->d;
- c=0;
- for (i=0; i<a->top; i++)
- {
- t= *(ap++);
- *(rp++)=((t<<1)|c)&BN_MASK2;
- c=(t & BN_TBIT)?1:0;
- }
- if (c)
- {
- *rp=1;
- r->top++;
- }
- return(1);
- }
-
-int BN_rshift1(BIGNUM *r, BIGNUM *a)
- {
- BN_ULONG *ap,*rp,t,c;
- int i;
-
- if (BN_is_zero(a))
- {
- BN_zero(r);
- return(1);
- }
- if (a != r)
- {
- if (bn_wexpand(r,a->top) == NULL) return(0);
- r->top=a->top;
- r->neg=a->neg;
- }
- ap=a->d;
- rp=r->d;
- c=0;
- for (i=a->top-1; i>=0; i--)
- {
- t=ap[i];
- rp[i]=((t>>1)&BN_MASK2)|c;
- c=(t&1)?BN_TBIT:0;
- }
- bn_fix_top(r);
- return(1);
- }
-
-int BN_lshift(BIGNUM *r, const BIGNUM *a, int n)
- {
- int i,nw,lb,rb;
- BN_ULONG *t,*f;
- BN_ULONG l;
-
- r->neg=a->neg;
- if (bn_wexpand(r,a->top+(n/BN_BITS2)+1) == NULL) return(0);
- nw=n/BN_BITS2;
- lb=n%BN_BITS2;
- rb=BN_BITS2-lb;
- f=a->d;
- t=r->d;
- t[a->top+nw]=0;
- if (lb == 0)
- for (i=a->top-1; i>=0; i--)
- t[nw+i]=f[i];
- else
- for (i=a->top-1; i>=0; i--)
- {
- l=f[i];
- t[nw+i+1]|=(l>>rb)&BN_MASK2;
- t[nw+i]=(l<<lb)&BN_MASK2;
- }
- memset(t,0,nw*sizeof(t[0]));
-/* for (i=0; i<nw; i++)
- t[i]=0;*/
- r->top=a->top+nw+1;
- bn_fix_top(r);
- return(1);
- }
-
-int BN_rshift(BIGNUM *r, BIGNUM *a, int n)
- {
- int i,j,nw,lb,rb;
- BN_ULONG *t,*f;
- BN_ULONG l,tmp;
-
- nw=n/BN_BITS2;
- rb=n%BN_BITS2;
- lb=BN_BITS2-rb;
- if (nw > a->top || a->top == 0)
- {
- BN_zero(r);
- return(1);
- }
- if (r != a)
- {
- r->neg=a->neg;
- if (bn_wexpand(r,a->top-nw+1) == NULL) return(0);
- }
- else
- {
- if (n == 0)
- return 1; /* or the copying loop will go berserk */
- }
-
- f= &(a->d[nw]);
- t=r->d;
- j=a->top-nw;
- r->top=j;
-
- if (rb == 0)
- {
- for (i=j+1; i > 0; i--)
- *(t++)= *(f++);
- }
- else
- {
- l= *(f++);
- for (i=1; i<j; i++)
- {
- tmp =(l>>rb)&BN_MASK2;
- l= *(f++);
- *(t++) =(tmp|(l<<lb))&BN_MASK2;
- }
- *(t++) =(l>>rb)&BN_MASK2;
- }
- *t=0;
- bn_fix_top(r);
- return(1);
- }
diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c
deleted file mode 100644
index 75f4f38392..0000000000
--- a/src/lib/libcrypto/bn/bn_sqr.c
+++ /dev/null
@@ -1,288 +0,0 @@
-/* crypto/bn/bn_sqr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-/* r must not be a */
-/* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */
-int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx)
- {
- int max,al;
- int ret = 0;
- BIGNUM *tmp,*rr;
-
-#ifdef BN_COUNT
-printf("BN_sqr %d * %d\n",a->top,a->top);
-#endif
- bn_check_top(a);
-
- al=a->top;
- if (al <= 0)
- {
- r->top=0;
- return(1);
- }
-
- BN_CTX_start(ctx);
- rr=(a != r) ? r : BN_CTX_get(ctx);
- tmp=BN_CTX_get(ctx);
- if (tmp == NULL) goto err;
-
- max=(al+al);
- if (bn_wexpand(rr,max+1) == NULL) goto err;
-
- r->neg=0;
- if (al == 4)
- {
-#ifndef BN_SQR_COMBA
- BN_ULONG t[8];
- bn_sqr_normal(rr->d,a->d,4,t);
-#else
- bn_sqr_comba4(rr->d,a->d);
-#endif
- }
- else if (al == 8)
- {
-#ifndef BN_SQR_COMBA
- BN_ULONG t[16];
- bn_sqr_normal(rr->d,a->d,8,t);
-#else
- bn_sqr_comba8(rr->d,a->d);
-#endif
- }
- else
- {
-#if defined(BN_RECURSION)
- if (al < BN_SQR_RECURSIVE_SIZE_NORMAL)
- {
- BN_ULONG t[BN_SQR_RECURSIVE_SIZE_NORMAL*2];
- bn_sqr_normal(rr->d,a->d,al,t);
- }
- else
- {
- int j,k;
-
- j=BN_num_bits_word((BN_ULONG)al);
- j=1<<(j-1);
- k=j+j;
- if (al == j)
- {
- if (bn_wexpand(a,k*2) == NULL) goto err;
- if (bn_wexpand(tmp,k*2) == NULL) goto err;
- bn_sqr_recursive(rr->d,a->d,al,tmp->d);
- }
- else
- {
- if (bn_wexpand(tmp,max) == NULL) goto err;
- bn_sqr_normal(rr->d,a->d,al,tmp->d);
- }
- }
-#else
- if (bn_wexpand(tmp,max) == NULL) goto err;
- bn_sqr_normal(rr->d,a->d,al,tmp->d);
-#endif
- }
-
- rr->top=max;
- if ((max > 0) && (rr->d[max-1] == 0)) rr->top--;
- if (rr != r) BN_copy(r,rr);
- ret = 1;
- err:
- BN_CTX_end(ctx);
- return(ret);
- }
-
-/* tmp must have 2*n words */
-void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp)
- {
- int i,j,max;
- BN_ULONG *ap,*rp;
-
- max=n*2;
- ap=a;
- rp=r;
- rp[0]=rp[max-1]=0;
- rp++;
- j=n;
-
- if (--j > 0)
- {
- ap++;
- rp[j]=bn_mul_words(rp,ap,j,ap[-1]);
- rp+=2;
- }
-
- for (i=n-2; i>0; i--)
- {
- j--;
- ap++;
- rp[j]=bn_mul_add_words(rp,ap,j,ap[-1]);
- rp+=2;
- }
-
- bn_add_words(r,r,r,max);
-
- /* There will not be a carry */
-
- bn_sqr_words(tmp,a,n);
-
- bn_add_words(r,r,tmp,max);
- }
-
-#ifdef BN_RECURSION
-/* r is 2*n words in size,
- * a and b are both n words in size. (There's not actually a 'b' here ...)
- * n must be a power of 2.
- * We multiply and return the result.
- * t must be 2*n words in size
- * We calculate
- * a[0]*b[0]
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-void bn_sqr_recursive(BN_ULONG *r, BN_ULONG *a, int n2, BN_ULONG *t)
- {
- int n=n2/2;
- int zero,c1;
- BN_ULONG ln,lo,*p;
-
-#ifdef BN_COUNT
-printf(" bn_sqr_recursive %d * %d\n",n2,n2);
-#endif
- if (n2 == 4)
- {
-#ifndef BN_SQR_COMBA
- bn_sqr_normal(r,a,4,t);
-#else
- bn_sqr_comba4(r,a);
-#endif
- return;
- }
- else if (n2 == 8)
- {
-#ifndef BN_SQR_COMBA
- bn_sqr_normal(r,a,8,t);
-#else
- bn_sqr_comba8(r,a);
-#endif
- return;
- }
- if (n2 < BN_SQR_RECURSIVE_SIZE_NORMAL)
- {
- bn_sqr_normal(r,a,n2,t);
- return;
- }
- /* r=(a[0]-a[1])*(a[1]-a[0]) */
- c1=bn_cmp_words(a,&(a[n]),n);
- zero=0;
- if (c1 > 0)
- bn_sub_words(t,a,&(a[n]),n);
- else if (c1 < 0)
- bn_sub_words(t,&(a[n]),a,n);
- else
- zero=1;
-
- /* The result will always be negative unless it is zero */
- p= &(t[n2*2]);
-
- if (!zero)
- bn_sqr_recursive(&(t[n2]),t,n,p);
- else
- memset(&(t[n2]),0,n*sizeof(BN_ULONG));
- bn_sqr_recursive(r,a,n,p);
- bn_sqr_recursive(&(r[n2]),&(a[n]),n,p);
-
- /* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
- * r[10] holds (a[0]*b[0])
- * r[32] holds (b[1]*b[1])
- */
-
- c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
-
- /* t[32] is negative */
- c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
-
- /* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
- * r[10] holds (a[0]*a[0])
- * r[32] holds (a[1]*a[1])
- * c1 holds the carry bits
- */
- c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
- if (c1)
- {
- p= &(r[n+n2]);
- lo= *p;
- ln=(lo+c1)&BN_MASK2;
- *p=ln;
-
- /* The overflow will stop before we over write
- * words we should not overwrite */
- if (ln < (BN_ULONG)c1)
- {
- do {
- p++;
- lo= *p;
- ln=(lo+1)&BN_MASK2;
- *p=ln;
- } while (ln == 0);
- }
- }
- }
-#endif
diff --git a/src/lib/libcrypto/bn/bn_word.c b/src/lib/libcrypto/bn/bn_word.c
deleted file mode 100644
index cd59baa2c4..0000000000
--- a/src/lib/libcrypto/bn/bn_word.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/* crypto/bn/bn_word.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
- {
-#ifndef BN_LLONG
- BN_ULONG ret=0;
-#else
- BN_ULLONG ret=0;
-#endif
- int i;
-
- w&=BN_MASK2;
- for (i=a->top-1; i>=0; i--)
- {
-#ifndef BN_LLONG
- ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%w;
- ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%w;
-#else
- ret=(BN_ULLONG)(((ret<<(BN_ULLONG)BN_BITS2)|a->d[i])%
- (BN_ULLONG)w);
-#endif
- }
- return((BN_ULONG)ret);
- }
-
-BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w)
- {
- BN_ULONG ret;
- int i;
-
- if (a->top == 0) return(0);
- ret=0;
- w&=BN_MASK2;
- for (i=a->top-1; i>=0; i--)
- {
- BN_ULONG l,d;
-
- l=a->d[i];
- d=bn_div_words(ret,l,w);
- ret=(l-((d*w)&BN_MASK2))&BN_MASK2;
- a->d[i]=d;
- }
- if ((a->top > 0) && (a->d[a->top-1] == 0))
- a->top--;
- return(ret);
- }
-
-int BN_add_word(BIGNUM *a, BN_ULONG w)
- {
- BN_ULONG l;
- int i;
-
- if (a->neg)
- {
- a->neg=0;
- i=BN_sub_word(a,w);
- if (!BN_is_zero(a))
- a->neg=!(a->neg);
- return(i);
- }
- w&=BN_MASK2;
- if (bn_wexpand(a,a->top+1) == NULL) return(0);
- i=0;
- for (;;)
- {
- l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
- a->d[i]=l;
- if (w > l)
- w=1;
- else
- break;
- i++;
- }
- if (i >= a->top)
- a->top++;
- return(1);
- }
-
-int BN_sub_word(BIGNUM *a, BN_ULONG w)
- {
- int i;
-
- if (BN_is_zero(a) || a->neg)
- {
- a->neg=0;
- i=BN_add_word(a,w);
- a->neg=1;
- return(i);
- }
-
- w&=BN_MASK2;
- if ((a->top == 1) && (a->d[0] < w))
- {
- a->d[0]=w-a->d[0];
- a->neg=1;
- return(1);
- }
- i=0;
- for (;;)
- {
- if (a->d[i] >= w)
- {
- a->d[i]-=w;
- break;
- }
- else
- {
- a->d[i]=(a->d[i]-w)&BN_MASK2;
- i++;
- w=1;
- }
- }
- if ((a->d[i] == 0) && (i == (a->top-1)))
- a->top--;
- return(1);
- }
-
-int BN_mul_word(BIGNUM *a, BN_ULONG w)
- {
- BN_ULONG ll;
-
- w&=BN_MASK2;
- if (a->top)
- {
- if (w == 0)
- BN_zero(a);
- else
- {
- ll=bn_mul_words(a->d,a->d,a->top,w);
- if (ll)
- {
- if (bn_wexpand(a,a->top+1) == NULL) return(0);
- a->d[a->top++]=ll;
- }
- }
- }
- return(1);
- }
-
diff --git a/src/lib/libcrypto/buffer/buf_err.c b/src/lib/libcrypto/buffer/buf_err.c
deleted file mode 100644
index 2f971a5f38..0000000000
--- a/src/lib/libcrypto/buffer/buf_err.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/buffer/buf_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/buffer.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA BUF_str_functs[]=
- {
-{ERR_PACK(0,BUF_F_BUF_MEM_GROW,0), "BUF_MEM_grow"},
-{ERR_PACK(0,BUF_F_BUF_MEM_NEW,0), "BUF_MEM_new"},
-{ERR_PACK(0,BUF_F_BUF_STRDUP,0), "BUF_strdup"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA BUF_str_reasons[]=
- {
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_BUF_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_BUF,BUF_str_functs);
- ERR_load_strings(ERR_LIB_BUF,BUF_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/buffer/buffer.c b/src/lib/libcrypto/buffer/buffer.c
deleted file mode 100644
index b76ff3ad7a..0000000000
--- a/src/lib/libcrypto/buffer/buffer.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/* crypto/buffer/buffer.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-
-BUF_MEM *BUF_MEM_new(void)
- {
- BUF_MEM *ret;
-
- ret=OPENSSL_malloc(sizeof(BUF_MEM));
- if (ret == NULL)
- {
- BUFerr(BUF_F_BUF_MEM_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- ret->length=0;
- ret->max=0;
- ret->data=NULL;
- return(ret);
- }
-
-void BUF_MEM_free(BUF_MEM *a)
- {
- if(a == NULL)
- return;
-
- if (a->data != NULL)
- {
- memset(a->data,0,(unsigned int)a->max);
- OPENSSL_free(a->data);
- }
- OPENSSL_free(a);
- }
-
-int BUF_MEM_grow(BUF_MEM *str, int len)
- {
- char *ret;
- unsigned int n;
-
- if (str->length >= len)
- {
- str->length=len;
- return(len);
- }
- if (str->max >= len)
- {
- memset(&str->data[str->length],0,len-str->length);
- str->length=len;
- return(len);
- }
- n=(len+3)/3*4;
- if (str->data == NULL)
- ret=OPENSSL_malloc(n);
- else
- ret=OPENSSL_realloc(str->data,n);
- if (ret == NULL)
- {
- BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE);
- len=0;
- }
- else
- {
- str->data=ret;
- str->length=len;
- str->max=n;
- }
- return(len);
- }
-
-char *BUF_strdup(const char *str)
- {
- char *ret;
- int n;
-
- if (str == NULL) return(NULL);
-
- n=strlen(str);
- ret=OPENSSL_malloc(n+1);
- if (ret == NULL)
- {
- BUFerr(BUF_F_BUF_STRDUP,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- memcpy(ret,str,n+1);
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/buffer/buffer.h b/src/lib/libcrypto/buffer/buffer.h
deleted file mode 100644
index bff26bf391..0000000000
--- a/src/lib/libcrypto/buffer/buffer.h
+++ /dev/null
@@ -1,98 +0,0 @@
-/* crypto/buffer/buffer.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BUFFER_H
-#define HEADER_BUFFER_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct buf_mem_st
- {
- int length; /* current number of bytes */
- char *data;
- int max; /* size of buffer */
- } BUF_MEM;
-
-BUF_MEM *BUF_MEM_new(void);
-void BUF_MEM_free(BUF_MEM *a);
-int BUF_MEM_grow(BUF_MEM *str, int len);
-char * BUF_strdup(const char *str);
-
-void ERR_load_BUF_strings(void );
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the BUF functions. */
-
-/* Function codes. */
-#define BUF_F_BUF_MEM_GROW 100
-#define BUF_F_BUF_MEM_NEW 101
-#define BUF_F_BUF_STRDUP 102
-
-/* Reason codes. */
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/cast/asm/cast-586.pl b/src/lib/libcrypto/cast/asm/cast-586.pl
deleted file mode 100644
index 6be0bfe572..0000000000
--- a/src/lib/libcrypto/cast/asm/cast-586.pl
+++ /dev/null
@@ -1,176 +0,0 @@
-#!/usr/local/bin/perl
-
-# define for pentium pro friendly version
-$ppro=1;
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-require "cbc.pl";
-
-&asm_init($ARGV[0],"cast-586.pl",$ARGV[$#ARGV] eq "386");
-
-$CAST_ROUNDS=16;
-$L="edi";
-$R="esi";
-$K="ebp";
-$tmp1="ecx";
-$tmp2="ebx";
-$tmp3="eax";
-$tmp4="edx";
-$S1="CAST_S_table0";
-$S2="CAST_S_table1";
-$S3="CAST_S_table2";
-$S4="CAST_S_table3";
-
-@F1=("add","xor","sub");
-@F2=("xor","sub","add");
-@F3=("sub","add","xor");
-
-&CAST_encrypt("CAST_encrypt",1);
-&CAST_encrypt("CAST_decrypt",0);
-&cbc("CAST_cbc_encrypt","CAST_encrypt","CAST_decrypt",1,4,5,3,-1,-1);
-
-&asm_finish();
-
-sub CAST_encrypt {
- local($name,$enc)=@_;
-
- local($win_ex)=<<"EOF";
-EXTERN _CAST_S_table0:DWORD
-EXTERN _CAST_S_table1:DWORD
-EXTERN _CAST_S_table2:DWORD
-EXTERN _CAST_S_table3:DWORD
-EOF
- &main::external_label(
- "CAST_S_table0",
- "CAST_S_table1",
- "CAST_S_table2",
- "CAST_S_table3",
- );
-
- &function_begin_B($name,$win_ex);
-
- &comment("");
-
- &push("ebp");
- &push("ebx");
- &mov($tmp2,&wparam(0));
- &mov($K,&wparam(1));
- &push("esi");
- &push("edi");
-
- &comment("Load the 2 words");
- &mov($L,&DWP(0,$tmp2,"",0));
- &mov($R,&DWP(4,$tmp2,"",0));
-
- &comment('Get short key flag');
- &mov($tmp3,&DWP(128,$K,"",0));
- if($enc) {
- &push($tmp3);
- } else {
- &or($tmp3,$tmp3);
- &jnz(&label('cast_dec_skip'));
- }
-
- &xor($tmp3, $tmp3);
-
- # encrypting part
-
- if ($enc) {
- &E_CAST( 0,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 1,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 2,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 3,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 4,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 5,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 6,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 7,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 8,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 9,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST(10,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST(11,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
- &comment('test short key flag');
- &pop($tmp4);
- &or($tmp4,$tmp4);
- &jnz(&label('cast_enc_done'));
- &E_CAST(12,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST(13,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST(14,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST(15,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
- } else {
- &E_CAST(15,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST(14,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST(13,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST(12,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
- &set_label('cast_dec_skip');
- &E_CAST(11,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST(10,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 9,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 8,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 7,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 6,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 5,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 4,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 3,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 2,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 1,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
- &E_CAST( 0,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
- }
-
- &set_label('cast_enc_done') if $enc;
-# Why the nop? - Ben 17/1/99
- &nop();
- &mov($tmp3,&wparam(0));
- &mov(&DWP(4,$tmp3,"",0),$L);
- &mov(&DWP(0,$tmp3,"",0),$R);
- &function_end($name);
-}
-
-sub E_CAST {
- local($i,$S,$L,$R,$K,$OP1,$OP2,$OP3,$tmp1,$tmp2,$tmp3,$tmp4)=@_;
- # Ri needs to have 16 pre added.
-
- &comment("round $i");
- &mov( $tmp4, &DWP($i*8,$K,"",1));
-
- &mov( $tmp1, &DWP($i*8+4,$K,"",1));
- &$OP1( $tmp4, $R);
-
- &rotl( $tmp4, &LB($tmp1));
-
- if ($ppro) {
- &mov( $tmp2, $tmp4); # B
- &xor( $tmp1, $tmp1);
-
- &movb( &LB($tmp1), &HB($tmp4)); # A
- &and( $tmp2, 0xff);
-
- &shr( $tmp4, 16); #
- &xor( $tmp3, $tmp3);
- } else {
- &mov( $tmp2, $tmp4); # B
- &movb( &LB($tmp1), &HB($tmp4)); # A # BAD BAD BAD
-
- &shr( $tmp4, 16); #
- &and( $tmp2, 0xff);
- }
-
- &movb( &LB($tmp3), &HB($tmp4)); # C # BAD BAD BAD
- &and( $tmp4, 0xff); # D
-
- &mov( $tmp1, &DWP($S1,"",$tmp1,4));
- &mov( $tmp2, &DWP($S2,"",$tmp2,4));
-
- &$OP2( $tmp1, $tmp2);
- &mov( $tmp2, &DWP($S3,"",$tmp3,4));
-
- &$OP3( $tmp1, $tmp2);
- &mov( $tmp2, &DWP($S4,"",$tmp4,4));
-
- &$OP1( $tmp1, $tmp2);
- # XXX
-
- &xor( $L, $tmp1);
- # XXX
-}
-
diff --git a/src/lib/libcrypto/cast/c_cfb64.c b/src/lib/libcrypto/cast/c_cfb64.c
deleted file mode 100644
index 514c005c32..0000000000
--- a/src/lib/libcrypto/cast/c_cfb64.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/cast/c_cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, CAST_KEY *schedule, unsigned char *ivec,
- int *num, int enc)
- {
- register CAST_LONG v0,v1,t;
- register int n= *num;
- register long l=length;
- CAST_LONG ti[2];
- unsigned char *iv,c,cc;
-
- iv=ivec;
- if (enc)
- {
- while (l--)
- {
- if (n == 0)
- {
- n2l(iv,v0); ti[0]=v0;
- n2l(iv,v1); ti[1]=v1;
- CAST_encrypt((CAST_LONG *)ti,schedule);
- iv=ivec;
- t=ti[0]; l2n(t,iv);
- t=ti[1]; l2n(t,iv);
- iv=ivec;
- }
- c= *(in++)^iv[n];
- *(out++)=c;
- iv[n]=c;
- n=(n+1)&0x07;
- }
- }
- else
- {
- while (l--)
- {
- if (n == 0)
- {
- n2l(iv,v0); ti[0]=v0;
- n2l(iv,v1); ti[1]=v1;
- CAST_encrypt((CAST_LONG *)ti,schedule);
- iv=ivec;
- t=ti[0]; l2n(t,iv);
- t=ti[1]; l2n(t,iv);
- iv=ivec;
- }
- cc= *(in++);
- c=iv[n];
- iv[n]=cc;
- *(out++)=c^cc;
- n=(n+1)&0x07;
- }
- }
- v0=v1=ti[0]=ti[1]=t=c=cc=0;
- *num=n;
- }
-
diff --git a/src/lib/libcrypto/cast/c_ecb.c b/src/lib/libcrypto/cast/c_ecb.c
deleted file mode 100644
index 0b3da9ad87..0000000000
--- a/src/lib/libcrypto/cast/c_ecb.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* crypto/cast/c_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-#include <openssl/opensslv.h>
-
-const char *CAST_version="CAST" OPENSSL_VERSION_PTEXT;
-
-void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
- CAST_KEY *ks, int enc)
- {
- CAST_LONG l,d[2];
-
- n2l(in,l); d[0]=l;
- n2l(in,l); d[1]=l;
- if (enc)
- CAST_encrypt(d,ks);
- else
- CAST_decrypt(d,ks);
- l=d[0]; l2n(l,out);
- l=d[1]; l2n(l,out);
- l=d[0]=d[1]=0;
- }
-
diff --git a/src/lib/libcrypto/cast/c_enc.c b/src/lib/libcrypto/cast/c_enc.c
deleted file mode 100644
index 0fe2cffecc..0000000000
--- a/src/lib/libcrypto/cast/c_enc.c
+++ /dev/null
@@ -1,207 +0,0 @@
-/* crypto/cast/c_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-
-void CAST_encrypt(CAST_LONG *data, CAST_KEY *key)
- {
- register CAST_LONG l,r,*k,t;
-
- k= &(key->data[0]);
- l=data[0];
- r=data[1];
-
- E_CAST( 0,k,l,r,+,^,-);
- E_CAST( 1,k,r,l,^,-,+);
- E_CAST( 2,k,l,r,-,+,^);
- E_CAST( 3,k,r,l,+,^,-);
- E_CAST( 4,k,l,r,^,-,+);
- E_CAST( 5,k,r,l,-,+,^);
- E_CAST( 6,k,l,r,+,^,-);
- E_CAST( 7,k,r,l,^,-,+);
- E_CAST( 8,k,l,r,-,+,^);
- E_CAST( 9,k,r,l,+,^,-);
- E_CAST(10,k,l,r,^,-,+);
- E_CAST(11,k,r,l,-,+,^);
- if(!key->short_key)
- {
- E_CAST(12,k,l,r,+,^,-);
- E_CAST(13,k,r,l,^,-,+);
- E_CAST(14,k,l,r,-,+,^);
- E_CAST(15,k,r,l,+,^,-);
- }
-
- data[1]=l&0xffffffffL;
- data[0]=r&0xffffffffL;
- }
-
-void CAST_decrypt(CAST_LONG *data, CAST_KEY *key)
- {
- register CAST_LONG l,r,*k,t;
-
- k= &(key->data[0]);
- l=data[0];
- r=data[1];
-
- if(!key->short_key)
- {
- E_CAST(15,k,l,r,+,^,-);
- E_CAST(14,k,r,l,-,+,^);
- E_CAST(13,k,l,r,^,-,+);
- E_CAST(12,k,r,l,+,^,-);
- }
- E_CAST(11,k,l,r,-,+,^);
- E_CAST(10,k,r,l,^,-,+);
- E_CAST( 9,k,l,r,+,^,-);
- E_CAST( 8,k,r,l,-,+,^);
- E_CAST( 7,k,l,r,^,-,+);
- E_CAST( 6,k,r,l,+,^,-);
- E_CAST( 5,k,l,r,-,+,^);
- E_CAST( 4,k,r,l,^,-,+);
- E_CAST( 3,k,l,r,+,^,-);
- E_CAST( 2,k,r,l,-,+,^);
- E_CAST( 1,k,l,r,^,-,+);
- E_CAST( 0,k,r,l,+,^,-);
-
- data[1]=l&0xffffffffL;
- data[0]=r&0xffffffffL;
- }
-
-void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- CAST_KEY *ks, unsigned char *iv, int enc)
- {
- register CAST_LONG tin0,tin1;
- register CAST_LONG tout0,tout1,xor0,xor1;
- register long l=length;
- CAST_LONG tin[2];
-
- if (enc)
- {
- n2l(iv,tout0);
- n2l(iv,tout1);
- iv-=8;
- for (l-=8; l>=0; l-=8)
- {
- n2l(in,tin0);
- n2l(in,tin1);
- tin0^=tout0;
- tin1^=tout1;
- tin[0]=tin0;
- tin[1]=tin1;
- CAST_encrypt(tin,ks);
- tout0=tin[0];
- tout1=tin[1];
- l2n(tout0,out);
- l2n(tout1,out);
- }
- if (l != -8)
- {
- n2ln(in,tin0,tin1,l+8);
- tin0^=tout0;
- tin1^=tout1;
- tin[0]=tin0;
- tin[1]=tin1;
- CAST_encrypt(tin,ks);
- tout0=tin[0];
- tout1=tin[1];
- l2n(tout0,out);
- l2n(tout1,out);
- }
- l2n(tout0,iv);
- l2n(tout1,iv);
- }
- else
- {
- n2l(iv,xor0);
- n2l(iv,xor1);
- iv-=8;
- for (l-=8; l>=0; l-=8)
- {
- n2l(in,tin0);
- n2l(in,tin1);
- tin[0]=tin0;
- tin[1]=tin1;
- CAST_decrypt(tin,ks);
- tout0=tin[0]^xor0;
- tout1=tin[1]^xor1;
- l2n(tout0,out);
- l2n(tout1,out);
- xor0=tin0;
- xor1=tin1;
- }
- if (l != -8)
- {
- n2l(in,tin0);
- n2l(in,tin1);
- tin[0]=tin0;
- tin[1]=tin1;
- CAST_decrypt(tin,ks);
- tout0=tin[0]^xor0;
- tout1=tin[1]^xor1;
- l2nn(tout0,tout1,out,l+8);
- xor0=tin0;
- xor1=tin1;
- }
- l2n(xor0,iv);
- l2n(xor1,iv);
- }
- tin0=tin1=tout0=tout1=xor0=xor1=0;
- tin[0]=tin[1]=0;
- }
-
diff --git a/src/lib/libcrypto/cast/c_ofb64.c b/src/lib/libcrypto/cast/c_ofb64.c
deleted file mode 100644
index fd0469a62f..0000000000
--- a/src/lib/libcrypto/cast/c_ofb64.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/cast/c_ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, CAST_KEY *schedule, unsigned char *ivec,
- int *num)
- {
- register CAST_LONG v0,v1,t;
- register int n= *num;
- register long l=length;
- unsigned char d[8];
- register char *dp;
- CAST_LONG ti[2];
- unsigned char *iv;
- int save=0;
-
- iv=ivec;
- n2l(iv,v0);
- n2l(iv,v1);
- ti[0]=v0;
- ti[1]=v1;
- dp=(char *)d;
- l2n(v0,dp);
- l2n(v1,dp);
- while (l--)
- {
- if (n == 0)
- {
- CAST_encrypt((CAST_LONG *)ti,schedule);
- dp=(char *)d;
- t=ti[0]; l2n(t,dp);
- t=ti[1]; l2n(t,dp);
- save++;
- }
- *(out++)= *(in++)^d[n];
- n=(n+1)&0x07;
- }
- if (save)
- {
- v0=ti[0];
- v1=ti[1];
- iv=ivec;
- l2n(v0,iv);
- l2n(v1,iv);
- }
- t=v0=v1=ti[0]=ti[1]=0;
- *num=n;
- }
-
diff --git a/src/lib/libcrypto/cast/c_skey.c b/src/lib/libcrypto/cast/c_skey.c
deleted file mode 100644
index 76e40005c9..0000000000
--- a/src/lib/libcrypto/cast/c_skey.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* crypto/cast/c_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-#include "cast_s.h"
-
-#define CAST_exp(l,A,a,n) \
- A[n/4]=l; \
- a[n+3]=(l )&0xff; \
- a[n+2]=(l>> 8)&0xff; \
- a[n+1]=(l>>16)&0xff; \
- a[n+0]=(l>>24)&0xff;
-
-#define S4 CAST_S_table4
-#define S5 CAST_S_table5
-#define S6 CAST_S_table6
-#define S7 CAST_S_table7
-
-void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
- {
- CAST_LONG x[16];
- CAST_LONG z[16];
- CAST_LONG k[32];
- CAST_LONG X[4],Z[4];
- CAST_LONG l,*K;
- int i;
-
- for (i=0; i<16; i++) x[i]=0;
- if (len > 16) len=16;
- for (i=0; i<len; i++)
- x[i]=data[i];
- if(len <= 10)
- key->short_key=1;
- else
- key->short_key=0;
-
- K= &k[0];
- X[0]=((x[ 0]<<24)|(x[ 1]<<16)|(x[ 2]<<8)|x[ 3])&0xffffffffL;
- X[1]=((x[ 4]<<24)|(x[ 5]<<16)|(x[ 6]<<8)|x[ 7])&0xffffffffL;
- X[2]=((x[ 8]<<24)|(x[ 9]<<16)|(x[10]<<8)|x[11])&0xffffffffL;
- X[3]=((x[12]<<24)|(x[13]<<16)|(x[14]<<8)|x[15])&0xffffffffL;
-
- for (;;)
- {
- l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
- CAST_exp(l,Z,z, 0);
- l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
- CAST_exp(l,Z,z, 4);
- l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
- CAST_exp(l,Z,z, 8);
- l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
- CAST_exp(l,Z,z,12);
-
- K[ 0]= S4[z[ 8]]^S5[z[ 9]]^S6[z[ 7]]^S7[z[ 6]]^S4[z[ 2]];
- K[ 1]= S4[z[10]]^S5[z[11]]^S6[z[ 5]]^S7[z[ 4]]^S5[z[ 6]];
- K[ 2]= S4[z[12]]^S5[z[13]]^S6[z[ 3]]^S7[z[ 2]]^S6[z[ 9]];
- K[ 3]= S4[z[14]]^S5[z[15]]^S6[z[ 1]]^S7[z[ 0]]^S7[z[12]];
-
- l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
- CAST_exp(l,X,x, 0);
- l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
- CAST_exp(l,X,x, 4);
- l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
- CAST_exp(l,X,x, 8);
- l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
- CAST_exp(l,X,x,12);
-
- K[ 4]= S4[x[ 3]]^S5[x[ 2]]^S6[x[12]]^S7[x[13]]^S4[x[ 8]];
- K[ 5]= S4[x[ 1]]^S5[x[ 0]]^S6[x[14]]^S7[x[15]]^S5[x[13]];
- K[ 6]= S4[x[ 7]]^S5[x[ 6]]^S6[x[ 8]]^S7[x[ 9]]^S6[x[ 3]];
- K[ 7]= S4[x[ 5]]^S5[x[ 4]]^S6[x[10]]^S7[x[11]]^S7[x[ 7]];
-
- l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
- CAST_exp(l,Z,z, 0);
- l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
- CAST_exp(l,Z,z, 4);
- l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
- CAST_exp(l,Z,z, 8);
- l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
- CAST_exp(l,Z,z,12);
-
- K[ 8]= S4[z[ 3]]^S5[z[ 2]]^S6[z[12]]^S7[z[13]]^S4[z[ 9]];
- K[ 9]= S4[z[ 1]]^S5[z[ 0]]^S6[z[14]]^S7[z[15]]^S5[z[12]];
- K[10]= S4[z[ 7]]^S5[z[ 6]]^S6[z[ 8]]^S7[z[ 9]]^S6[z[ 2]];
- K[11]= S4[z[ 5]]^S5[z[ 4]]^S6[z[10]]^S7[z[11]]^S7[z[ 6]];
-
- l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
- CAST_exp(l,X,x, 0);
- l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
- CAST_exp(l,X,x, 4);
- l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
- CAST_exp(l,X,x, 8);
- l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
- CAST_exp(l,X,x,12);
-
- K[12]= S4[x[ 8]]^S5[x[ 9]]^S6[x[ 7]]^S7[x[ 6]]^S4[x[ 3]];
- K[13]= S4[x[10]]^S5[x[11]]^S6[x[ 5]]^S7[x[ 4]]^S5[x[ 7]];
- K[14]= S4[x[12]]^S5[x[13]]^S6[x[ 3]]^S7[x[ 2]]^S6[x[ 8]];
- K[15]= S4[x[14]]^S5[x[15]]^S6[x[ 1]]^S7[x[ 0]]^S7[x[13]];
- if (K != k) break;
- K+=16;
- }
-
- for (i=0; i<16; i++)
- {
- key->data[i*2]=k[i];
- key->data[i*2+1]=((k[i+16])+16)&0x1f;
- }
- }
-
diff --git a/src/lib/libcrypto/cast/cast.h b/src/lib/libcrypto/cast/cast.h
deleted file mode 100644
index e24e133099..0000000000
--- a/src/lib/libcrypto/cast/cast.h
+++ /dev/null
@@ -1,103 +0,0 @@
-/* crypto/cast/cast.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CAST_H
-#define HEADER_CAST_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef NO_CAST
-#error CAST is disabled.
-#endif
-
-#define CAST_ENCRYPT 1
-#define CAST_DECRYPT 0
-
-#define CAST_LONG unsigned long
-
-#define CAST_BLOCK 8
-#define CAST_KEY_LENGTH 16
-
-typedef struct cast_key_st
- {
- CAST_LONG data[32];
- int short_key; /* Use reduced rounds for short key */
- } CAST_KEY;
-
-
-void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
-void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key,
- int enc);
-void CAST_encrypt(CAST_LONG *data,CAST_KEY *key);
-void CAST_decrypt(CAST_LONG *data,CAST_KEY *key);
-void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- CAST_KEY *ks, unsigned char *iv, int enc);
-void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, CAST_KEY *schedule, unsigned char *ivec,
- int *num, int enc);
-void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, CAST_KEY *schedule, unsigned char *ivec,
- int *num);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/cast/cast_lcl.h b/src/lib/libcrypto/cast/cast_lcl.h
deleted file mode 100644
index 5fab8a43f6..0000000000
--- a/src/lib/libcrypto/cast/cast_lcl.h
+++ /dev/null
@@ -1,226 +0,0 @@
-/* crypto/cast/cast_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifdef WIN32
-#include <stdlib.h>
-#endif
-
-
-#include "openssl/e_os.h" /* OPENSSL_EXTERN */
-
-#undef c2l
-#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
- case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
- case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
- case 5: l2|=((unsigned long)(*(--(c)))); \
- case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
- case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
- case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
- case 1: l1|=((unsigned long)(*(--(c)))); \
- } \
- }
-
-#undef l2c
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
- } \
- }
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c)))) ; \
- case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
- case 6: l2|=((unsigned long)(*(--(c))))<<16; \
- case 5: l2|=((unsigned long)(*(--(c))))<<24; \
- case 4: l1 =((unsigned long)(*(--(c)))) ; \
- case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
- case 2: l1|=((unsigned long)(*(--(c))))<<16; \
- case 1: l1|=((unsigned long)(*(--(c))))<<24; \
- } \
- }
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
- } \
- }
-
-#undef n2l
-#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-#if defined(WIN32) && defined(_MSC_VER)
-#define ROTL(a,n) (_lrotl(a,n))
-#else
-#define ROTL(a,n) ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n))))
-#endif
-
-#define C_M 0x3fc
-#define C_0 22L
-#define C_1 14L
-#define C_2 6L
-#define C_3 2L /* left shift */
-
-/* The rotate has an extra 16 added to it to help the x86 asm */
-#if defined(CAST_PTR)
-#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
- { \
- int i; \
- t=(key[n*2] OP1 R)&0xffffffffL; \
- i=key[n*2+1]; \
- t=ROTL(t,i); \
- L^= (((((*(CAST_LONG *)((unsigned char *) \
- CAST_S_table0+((t>>C_2)&C_M)) OP2 \
- *(CAST_LONG *)((unsigned char *) \
- CAST_S_table1+((t<<C_3)&C_M)))&0xffffffffL) OP3 \
- *(CAST_LONG *)((unsigned char *) \
- CAST_S_table2+((t>>C_0)&C_M)))&0xffffffffL) OP1 \
- *(CAST_LONG *)((unsigned char *) \
- CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \
- }
-#elif defined(CAST_PTR2)
-#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
- { \
- int i; \
- CAST_LONG u,v,w; \
- w=(key[n*2] OP1 R)&0xffffffffL; \
- i=key[n*2+1]; \
- w=ROTL(w,i); \
- u=w>>C_2; \
- v=w<<C_3; \
- u&=C_M; \
- v&=C_M; \
- t= *(CAST_LONG *)((unsigned char *)CAST_S_table0+u); \
- u=w>>C_0; \
- t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\
- v=w>>C_1; \
- u&=C_M; \
- v&=C_M; \
- t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\
- t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\
- L^=(t&0xffffffff); \
- }
-#else
-#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
- { \
- CAST_LONG a,b,c,d; \
- t=(key[n*2] OP1 R)&0xffffffff; \
- t=ROTL(t,(key[n*2+1])); \
- a=CAST_S_table0[(t>> 8)&0xff]; \
- b=CAST_S_table1[(t )&0xff]; \
- c=CAST_S_table2[(t>>24)&0xff]; \
- d=CAST_S_table3[(t>>16)&0xff]; \
- L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \
- }
-#endif
-
-OPENSSL_EXTERN const CAST_LONG CAST_S_table0[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table1[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table2[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table3[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table4[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table5[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table6[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table7[256];
diff --git a/src/lib/libcrypto/cast/cast_s.h b/src/lib/libcrypto/cast/cast_s.h
deleted file mode 100644
index c483fd5e43..0000000000
--- a/src/lib/libcrypto/cast/cast_s.h
+++ /dev/null
@@ -1,585 +0,0 @@
-/* crypto/cast/cast_s.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table0[256]={
- 0x30fb40d4,0x9fa0ff0b,0x6beccd2f,0x3f258c7a,
- 0x1e213f2f,0x9c004dd3,0x6003e540,0xcf9fc949,
- 0xbfd4af27,0x88bbbdb5,0xe2034090,0x98d09675,
- 0x6e63a0e0,0x15c361d2,0xc2e7661d,0x22d4ff8e,
- 0x28683b6f,0xc07fd059,0xff2379c8,0x775f50e2,
- 0x43c340d3,0xdf2f8656,0x887ca41a,0xa2d2bd2d,
- 0xa1c9e0d6,0x346c4819,0x61b76d87,0x22540f2f,
- 0x2abe32e1,0xaa54166b,0x22568e3a,0xa2d341d0,
- 0x66db40c8,0xa784392f,0x004dff2f,0x2db9d2de,
- 0x97943fac,0x4a97c1d8,0x527644b7,0xb5f437a7,
- 0xb82cbaef,0xd751d159,0x6ff7f0ed,0x5a097a1f,
- 0x827b68d0,0x90ecf52e,0x22b0c054,0xbc8e5935,
- 0x4b6d2f7f,0x50bb64a2,0xd2664910,0xbee5812d,
- 0xb7332290,0xe93b159f,0xb48ee411,0x4bff345d,
- 0xfd45c240,0xad31973f,0xc4f6d02e,0x55fc8165,
- 0xd5b1caad,0xa1ac2dae,0xa2d4b76d,0xc19b0c50,
- 0x882240f2,0x0c6e4f38,0xa4e4bfd7,0x4f5ba272,
- 0x564c1d2f,0xc59c5319,0xb949e354,0xb04669fe,
- 0xb1b6ab8a,0xc71358dd,0x6385c545,0x110f935d,
- 0x57538ad5,0x6a390493,0xe63d37e0,0x2a54f6b3,
- 0x3a787d5f,0x6276a0b5,0x19a6fcdf,0x7a42206a,
- 0x29f9d4d5,0xf61b1891,0xbb72275e,0xaa508167,
- 0x38901091,0xc6b505eb,0x84c7cb8c,0x2ad75a0f,
- 0x874a1427,0xa2d1936b,0x2ad286af,0xaa56d291,
- 0xd7894360,0x425c750d,0x93b39e26,0x187184c9,
- 0x6c00b32d,0x73e2bb14,0xa0bebc3c,0x54623779,
- 0x64459eab,0x3f328b82,0x7718cf82,0x59a2cea6,
- 0x04ee002e,0x89fe78e6,0x3fab0950,0x325ff6c2,
- 0x81383f05,0x6963c5c8,0x76cb5ad6,0xd49974c9,
- 0xca180dcf,0x380782d5,0xc7fa5cf6,0x8ac31511,
- 0x35e79e13,0x47da91d0,0xf40f9086,0xa7e2419e,
- 0x31366241,0x051ef495,0xaa573b04,0x4a805d8d,
- 0x548300d0,0x00322a3c,0xbf64cddf,0xba57a68e,
- 0x75c6372b,0x50afd341,0xa7c13275,0x915a0bf5,
- 0x6b54bfab,0x2b0b1426,0xab4cc9d7,0x449ccd82,
- 0xf7fbf265,0xab85c5f3,0x1b55db94,0xaad4e324,
- 0xcfa4bd3f,0x2deaa3e2,0x9e204d02,0xc8bd25ac,
- 0xeadf55b3,0xd5bd9e98,0xe31231b2,0x2ad5ad6c,
- 0x954329de,0xadbe4528,0xd8710f69,0xaa51c90f,
- 0xaa786bf6,0x22513f1e,0xaa51a79b,0x2ad344cc,
- 0x7b5a41f0,0xd37cfbad,0x1b069505,0x41ece491,
- 0xb4c332e6,0x032268d4,0xc9600acc,0xce387e6d,
- 0xbf6bb16c,0x6a70fb78,0x0d03d9c9,0xd4df39de,
- 0xe01063da,0x4736f464,0x5ad328d8,0xb347cc96,
- 0x75bb0fc3,0x98511bfb,0x4ffbcc35,0xb58bcf6a,
- 0xe11f0abc,0xbfc5fe4a,0xa70aec10,0xac39570a,
- 0x3f04442f,0x6188b153,0xe0397a2e,0x5727cb79,
- 0x9ceb418f,0x1cacd68d,0x2ad37c96,0x0175cb9d,
- 0xc69dff09,0xc75b65f0,0xd9db40d8,0xec0e7779,
- 0x4744ead4,0xb11c3274,0xdd24cb9e,0x7e1c54bd,
- 0xf01144f9,0xd2240eb1,0x9675b3fd,0xa3ac3755,
- 0xd47c27af,0x51c85f4d,0x56907596,0xa5bb15e6,
- 0x580304f0,0xca042cf1,0x011a37ea,0x8dbfaadb,
- 0x35ba3e4a,0x3526ffa0,0xc37b4d09,0xbc306ed9,
- 0x98a52666,0x5648f725,0xff5e569d,0x0ced63d0,
- 0x7c63b2cf,0x700b45e1,0xd5ea50f1,0x85a92872,
- 0xaf1fbda7,0xd4234870,0xa7870bf3,0x2d3b4d79,
- 0x42e04198,0x0cd0ede7,0x26470db8,0xf881814c,
- 0x474d6ad7,0x7c0c5e5c,0xd1231959,0x381b7298,
- 0xf5d2f4db,0xab838653,0x6e2f1e23,0x83719c9e,
- 0xbd91e046,0x9a56456e,0xdc39200c,0x20c8c571,
- 0x962bda1c,0xe1e696ff,0xb141ab08,0x7cca89b9,
- 0x1a69e783,0x02cc4843,0xa2f7c579,0x429ef47d,
- 0x427b169c,0x5ac9f049,0xdd8f0f00,0x5c8165bf,
- };
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table1[256]={
- 0x1f201094,0xef0ba75b,0x69e3cf7e,0x393f4380,
- 0xfe61cf7a,0xeec5207a,0x55889c94,0x72fc0651,
- 0xada7ef79,0x4e1d7235,0xd55a63ce,0xde0436ba,
- 0x99c430ef,0x5f0c0794,0x18dcdb7d,0xa1d6eff3,
- 0xa0b52f7b,0x59e83605,0xee15b094,0xe9ffd909,
- 0xdc440086,0xef944459,0xba83ccb3,0xe0c3cdfb,
- 0xd1da4181,0x3b092ab1,0xf997f1c1,0xa5e6cf7b,
- 0x01420ddb,0xe4e7ef5b,0x25a1ff41,0xe180f806,
- 0x1fc41080,0x179bee7a,0xd37ac6a9,0xfe5830a4,
- 0x98de8b7f,0x77e83f4e,0x79929269,0x24fa9f7b,
- 0xe113c85b,0xacc40083,0xd7503525,0xf7ea615f,
- 0x62143154,0x0d554b63,0x5d681121,0xc866c359,
- 0x3d63cf73,0xcee234c0,0xd4d87e87,0x5c672b21,
- 0x071f6181,0x39f7627f,0x361e3084,0xe4eb573b,
- 0x602f64a4,0xd63acd9c,0x1bbc4635,0x9e81032d,
- 0x2701f50c,0x99847ab4,0xa0e3df79,0xba6cf38c,
- 0x10843094,0x2537a95e,0xf46f6ffe,0xa1ff3b1f,
- 0x208cfb6a,0x8f458c74,0xd9e0a227,0x4ec73a34,
- 0xfc884f69,0x3e4de8df,0xef0e0088,0x3559648d,
- 0x8a45388c,0x1d804366,0x721d9bfd,0xa58684bb,
- 0xe8256333,0x844e8212,0x128d8098,0xfed33fb4,
- 0xce280ae1,0x27e19ba5,0xd5a6c252,0xe49754bd,
- 0xc5d655dd,0xeb667064,0x77840b4d,0xa1b6a801,
- 0x84db26a9,0xe0b56714,0x21f043b7,0xe5d05860,
- 0x54f03084,0x066ff472,0xa31aa153,0xdadc4755,
- 0xb5625dbf,0x68561be6,0x83ca6b94,0x2d6ed23b,
- 0xeccf01db,0xa6d3d0ba,0xb6803d5c,0xaf77a709,
- 0x33b4a34c,0x397bc8d6,0x5ee22b95,0x5f0e5304,
- 0x81ed6f61,0x20e74364,0xb45e1378,0xde18639b,
- 0x881ca122,0xb96726d1,0x8049a7e8,0x22b7da7b,
- 0x5e552d25,0x5272d237,0x79d2951c,0xc60d894c,
- 0x488cb402,0x1ba4fe5b,0xa4b09f6b,0x1ca815cf,
- 0xa20c3005,0x8871df63,0xb9de2fcb,0x0cc6c9e9,
- 0x0beeff53,0xe3214517,0xb4542835,0x9f63293c,
- 0xee41e729,0x6e1d2d7c,0x50045286,0x1e6685f3,
- 0xf33401c6,0x30a22c95,0x31a70850,0x60930f13,
- 0x73f98417,0xa1269859,0xec645c44,0x52c877a9,
- 0xcdff33a6,0xa02b1741,0x7cbad9a2,0x2180036f,
- 0x50d99c08,0xcb3f4861,0xc26bd765,0x64a3f6ab,
- 0x80342676,0x25a75e7b,0xe4e6d1fc,0x20c710e6,
- 0xcdf0b680,0x17844d3b,0x31eef84d,0x7e0824e4,
- 0x2ccb49eb,0x846a3bae,0x8ff77888,0xee5d60f6,
- 0x7af75673,0x2fdd5cdb,0xa11631c1,0x30f66f43,
- 0xb3faec54,0x157fd7fa,0xef8579cc,0xd152de58,
- 0xdb2ffd5e,0x8f32ce19,0x306af97a,0x02f03ef8,
- 0x99319ad5,0xc242fa0f,0xa7e3ebb0,0xc68e4906,
- 0xb8da230c,0x80823028,0xdcdef3c8,0xd35fb171,
- 0x088a1bc8,0xbec0c560,0x61a3c9e8,0xbca8f54d,
- 0xc72feffa,0x22822e99,0x82c570b4,0xd8d94e89,
- 0x8b1c34bc,0x301e16e6,0x273be979,0xb0ffeaa6,
- 0x61d9b8c6,0x00b24869,0xb7ffce3f,0x08dc283b,
- 0x43daf65a,0xf7e19798,0x7619b72f,0x8f1c9ba4,
- 0xdc8637a0,0x16a7d3b1,0x9fc393b7,0xa7136eeb,
- 0xc6bcc63e,0x1a513742,0xef6828bc,0x520365d6,
- 0x2d6a77ab,0x3527ed4b,0x821fd216,0x095c6e2e,
- 0xdb92f2fb,0x5eea29cb,0x145892f5,0x91584f7f,
- 0x5483697b,0x2667a8cc,0x85196048,0x8c4bacea,
- 0x833860d4,0x0d23e0f9,0x6c387e8a,0x0ae6d249,
- 0xb284600c,0xd835731d,0xdcb1c647,0xac4c56ea,
- 0x3ebd81b3,0x230eabb0,0x6438bc87,0xf0b5b1fa,
- 0x8f5ea2b3,0xfc184642,0x0a036b7a,0x4fb089bd,
- 0x649da589,0xa345415e,0x5c038323,0x3e5d3bb9,
- 0x43d79572,0x7e6dd07c,0x06dfdf1e,0x6c6cc4ef,
- 0x7160a539,0x73bfbe70,0x83877605,0x4523ecf1,
- };
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table2[256]={
- 0x8defc240,0x25fa5d9f,0xeb903dbf,0xe810c907,
- 0x47607fff,0x369fe44b,0x8c1fc644,0xaececa90,
- 0xbeb1f9bf,0xeefbcaea,0xe8cf1950,0x51df07ae,
- 0x920e8806,0xf0ad0548,0xe13c8d83,0x927010d5,
- 0x11107d9f,0x07647db9,0xb2e3e4d4,0x3d4f285e,
- 0xb9afa820,0xfade82e0,0xa067268b,0x8272792e,
- 0x553fb2c0,0x489ae22b,0xd4ef9794,0x125e3fbc,
- 0x21fffcee,0x825b1bfd,0x9255c5ed,0x1257a240,
- 0x4e1a8302,0xbae07fff,0x528246e7,0x8e57140e,
- 0x3373f7bf,0x8c9f8188,0xa6fc4ee8,0xc982b5a5,
- 0xa8c01db7,0x579fc264,0x67094f31,0xf2bd3f5f,
- 0x40fff7c1,0x1fb78dfc,0x8e6bd2c1,0x437be59b,
- 0x99b03dbf,0xb5dbc64b,0x638dc0e6,0x55819d99,
- 0xa197c81c,0x4a012d6e,0xc5884a28,0xccc36f71,
- 0xb843c213,0x6c0743f1,0x8309893c,0x0feddd5f,
- 0x2f7fe850,0xd7c07f7e,0x02507fbf,0x5afb9a04,
- 0xa747d2d0,0x1651192e,0xaf70bf3e,0x58c31380,
- 0x5f98302e,0x727cc3c4,0x0a0fb402,0x0f7fef82,
- 0x8c96fdad,0x5d2c2aae,0x8ee99a49,0x50da88b8,
- 0x8427f4a0,0x1eac5790,0x796fb449,0x8252dc15,
- 0xefbd7d9b,0xa672597d,0xada840d8,0x45f54504,
- 0xfa5d7403,0xe83ec305,0x4f91751a,0x925669c2,
- 0x23efe941,0xa903f12e,0x60270df2,0x0276e4b6,
- 0x94fd6574,0x927985b2,0x8276dbcb,0x02778176,
- 0xf8af918d,0x4e48f79e,0x8f616ddf,0xe29d840e,
- 0x842f7d83,0x340ce5c8,0x96bbb682,0x93b4b148,
- 0xef303cab,0x984faf28,0x779faf9b,0x92dc560d,
- 0x224d1e20,0x8437aa88,0x7d29dc96,0x2756d3dc,
- 0x8b907cee,0xb51fd240,0xe7c07ce3,0xe566b4a1,
- 0xc3e9615e,0x3cf8209d,0x6094d1e3,0xcd9ca341,
- 0x5c76460e,0x00ea983b,0xd4d67881,0xfd47572c,
- 0xf76cedd9,0xbda8229c,0x127dadaa,0x438a074e,
- 0x1f97c090,0x081bdb8a,0x93a07ebe,0xb938ca15,
- 0x97b03cff,0x3dc2c0f8,0x8d1ab2ec,0x64380e51,
- 0x68cc7bfb,0xd90f2788,0x12490181,0x5de5ffd4,
- 0xdd7ef86a,0x76a2e214,0xb9a40368,0x925d958f,
- 0x4b39fffa,0xba39aee9,0xa4ffd30b,0xfaf7933b,
- 0x6d498623,0x193cbcfa,0x27627545,0x825cf47a,
- 0x61bd8ba0,0xd11e42d1,0xcead04f4,0x127ea392,
- 0x10428db7,0x8272a972,0x9270c4a8,0x127de50b,
- 0x285ba1c8,0x3c62f44f,0x35c0eaa5,0xe805d231,
- 0x428929fb,0xb4fcdf82,0x4fb66a53,0x0e7dc15b,
- 0x1f081fab,0x108618ae,0xfcfd086d,0xf9ff2889,
- 0x694bcc11,0x236a5cae,0x12deca4d,0x2c3f8cc5,
- 0xd2d02dfe,0xf8ef5896,0xe4cf52da,0x95155b67,
- 0x494a488c,0xb9b6a80c,0x5c8f82bc,0x89d36b45,
- 0x3a609437,0xec00c9a9,0x44715253,0x0a874b49,
- 0xd773bc40,0x7c34671c,0x02717ef6,0x4feb5536,
- 0xa2d02fff,0xd2bf60c4,0xd43f03c0,0x50b4ef6d,
- 0x07478cd1,0x006e1888,0xa2e53f55,0xb9e6d4bc,
- 0xa2048016,0x97573833,0xd7207d67,0xde0f8f3d,
- 0x72f87b33,0xabcc4f33,0x7688c55d,0x7b00a6b0,
- 0x947b0001,0x570075d2,0xf9bb88f8,0x8942019e,
- 0x4264a5ff,0x856302e0,0x72dbd92b,0xee971b69,
- 0x6ea22fde,0x5f08ae2b,0xaf7a616d,0xe5c98767,
- 0xcf1febd2,0x61efc8c2,0xf1ac2571,0xcc8239c2,
- 0x67214cb8,0xb1e583d1,0xb7dc3e62,0x7f10bdce,
- 0xf90a5c38,0x0ff0443d,0x606e6dc6,0x60543a49,
- 0x5727c148,0x2be98a1d,0x8ab41738,0x20e1be24,
- 0xaf96da0f,0x68458425,0x99833be5,0x600d457d,
- 0x282f9350,0x8334b362,0xd91d1120,0x2b6d8da0,
- 0x642b1e31,0x9c305a00,0x52bce688,0x1b03588a,
- 0xf7baefd5,0x4142ed9c,0xa4315c11,0x83323ec5,
- 0xdfef4636,0xa133c501,0xe9d3531c,0xee353783,
- };
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table3[256]={
- 0x9db30420,0x1fb6e9de,0xa7be7bef,0xd273a298,
- 0x4a4f7bdb,0x64ad8c57,0x85510443,0xfa020ed1,
- 0x7e287aff,0xe60fb663,0x095f35a1,0x79ebf120,
- 0xfd059d43,0x6497b7b1,0xf3641f63,0x241e4adf,
- 0x28147f5f,0x4fa2b8cd,0xc9430040,0x0cc32220,
- 0xfdd30b30,0xc0a5374f,0x1d2d00d9,0x24147b15,
- 0xee4d111a,0x0fca5167,0x71ff904c,0x2d195ffe,
- 0x1a05645f,0x0c13fefe,0x081b08ca,0x05170121,
- 0x80530100,0xe83e5efe,0xac9af4f8,0x7fe72701,
- 0xd2b8ee5f,0x06df4261,0xbb9e9b8a,0x7293ea25,
- 0xce84ffdf,0xf5718801,0x3dd64b04,0xa26f263b,
- 0x7ed48400,0x547eebe6,0x446d4ca0,0x6cf3d6f5,
- 0x2649abdf,0xaea0c7f5,0x36338cc1,0x503f7e93,
- 0xd3772061,0x11b638e1,0x72500e03,0xf80eb2bb,
- 0xabe0502e,0xec8d77de,0x57971e81,0xe14f6746,
- 0xc9335400,0x6920318f,0x081dbb99,0xffc304a5,
- 0x4d351805,0x7f3d5ce3,0xa6c866c6,0x5d5bcca9,
- 0xdaec6fea,0x9f926f91,0x9f46222f,0x3991467d,
- 0xa5bf6d8e,0x1143c44f,0x43958302,0xd0214eeb,
- 0x022083b8,0x3fb6180c,0x18f8931e,0x281658e6,
- 0x26486e3e,0x8bd78a70,0x7477e4c1,0xb506e07c,
- 0xf32d0a25,0x79098b02,0xe4eabb81,0x28123b23,
- 0x69dead38,0x1574ca16,0xdf871b62,0x211c40b7,
- 0xa51a9ef9,0x0014377b,0x041e8ac8,0x09114003,
- 0xbd59e4d2,0xe3d156d5,0x4fe876d5,0x2f91a340,
- 0x557be8de,0x00eae4a7,0x0ce5c2ec,0x4db4bba6,
- 0xe756bdff,0xdd3369ac,0xec17b035,0x06572327,
- 0x99afc8b0,0x56c8c391,0x6b65811c,0x5e146119,
- 0x6e85cb75,0xbe07c002,0xc2325577,0x893ff4ec,
- 0x5bbfc92d,0xd0ec3b25,0xb7801ab7,0x8d6d3b24,
- 0x20c763ef,0xc366a5fc,0x9c382880,0x0ace3205,
- 0xaac9548a,0xeca1d7c7,0x041afa32,0x1d16625a,
- 0x6701902c,0x9b757a54,0x31d477f7,0x9126b031,
- 0x36cc6fdb,0xc70b8b46,0xd9e66a48,0x56e55a79,
- 0x026a4ceb,0x52437eff,0x2f8f76b4,0x0df980a5,
- 0x8674cde3,0xedda04eb,0x17a9be04,0x2c18f4df,
- 0xb7747f9d,0xab2af7b4,0xefc34d20,0x2e096b7c,
- 0x1741a254,0xe5b6a035,0x213d42f6,0x2c1c7c26,
- 0x61c2f50f,0x6552daf9,0xd2c231f8,0x25130f69,
- 0xd8167fa2,0x0418f2c8,0x001a96a6,0x0d1526ab,
- 0x63315c21,0x5e0a72ec,0x49bafefd,0x187908d9,
- 0x8d0dbd86,0x311170a7,0x3e9b640c,0xcc3e10d7,
- 0xd5cad3b6,0x0caec388,0xf73001e1,0x6c728aff,
- 0x71eae2a1,0x1f9af36e,0xcfcbd12f,0xc1de8417,
- 0xac07be6b,0xcb44a1d8,0x8b9b0f56,0x013988c3,
- 0xb1c52fca,0xb4be31cd,0xd8782806,0x12a3a4e2,
- 0x6f7de532,0x58fd7eb6,0xd01ee900,0x24adffc2,
- 0xf4990fc5,0x9711aac5,0x001d7b95,0x82e5e7d2,
- 0x109873f6,0x00613096,0xc32d9521,0xada121ff,
- 0x29908415,0x7fbb977f,0xaf9eb3db,0x29c9ed2a,
- 0x5ce2a465,0xa730f32c,0xd0aa3fe8,0x8a5cc091,
- 0xd49e2ce7,0x0ce454a9,0xd60acd86,0x015f1919,
- 0x77079103,0xdea03af6,0x78a8565e,0xdee356df,
- 0x21f05cbe,0x8b75e387,0xb3c50651,0xb8a5c3ef,
- 0xd8eeb6d2,0xe523be77,0xc2154529,0x2f69efdf,
- 0xafe67afb,0xf470c4b2,0xf3e0eb5b,0xd6cc9876,
- 0x39e4460c,0x1fda8538,0x1987832f,0xca007367,
- 0xa99144f8,0x296b299e,0x492fc295,0x9266beab,
- 0xb5676e69,0x9bd3ddda,0xdf7e052f,0xdb25701c,
- 0x1b5e51ee,0xf65324e6,0x6afce36c,0x0316cc04,
- 0x8644213e,0xb7dc59d0,0x7965291f,0xccd6fd43,
- 0x41823979,0x932bcdf6,0xb657c34d,0x4edfd282,
- 0x7ae5290c,0x3cb9536b,0x851e20fe,0x9833557e,
- 0x13ecf0b0,0xd3ffb372,0x3f85c5c1,0x0aef7ed2,
- };
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table4[256]={
- 0x7ec90c04,0x2c6e74b9,0x9b0e66df,0xa6337911,
- 0xb86a7fff,0x1dd358f5,0x44dd9d44,0x1731167f,
- 0x08fbf1fa,0xe7f511cc,0xd2051b00,0x735aba00,
- 0x2ab722d8,0x386381cb,0xacf6243a,0x69befd7a,
- 0xe6a2e77f,0xf0c720cd,0xc4494816,0xccf5c180,
- 0x38851640,0x15b0a848,0xe68b18cb,0x4caadeff,
- 0x5f480a01,0x0412b2aa,0x259814fc,0x41d0efe2,
- 0x4e40b48d,0x248eb6fb,0x8dba1cfe,0x41a99b02,
- 0x1a550a04,0xba8f65cb,0x7251f4e7,0x95a51725,
- 0xc106ecd7,0x97a5980a,0xc539b9aa,0x4d79fe6a,
- 0xf2f3f763,0x68af8040,0xed0c9e56,0x11b4958b,
- 0xe1eb5a88,0x8709e6b0,0xd7e07156,0x4e29fea7,
- 0x6366e52d,0x02d1c000,0xc4ac8e05,0x9377f571,
- 0x0c05372a,0x578535f2,0x2261be02,0xd642a0c9,
- 0xdf13a280,0x74b55bd2,0x682199c0,0xd421e5ec,
- 0x53fb3ce8,0xc8adedb3,0x28a87fc9,0x3d959981,
- 0x5c1ff900,0xfe38d399,0x0c4eff0b,0x062407ea,
- 0xaa2f4fb1,0x4fb96976,0x90c79505,0xb0a8a774,
- 0xef55a1ff,0xe59ca2c2,0xa6b62d27,0xe66a4263,
- 0xdf65001f,0x0ec50966,0xdfdd55bc,0x29de0655,
- 0x911e739a,0x17af8975,0x32c7911c,0x89f89468,
- 0x0d01e980,0x524755f4,0x03b63cc9,0x0cc844b2,
- 0xbcf3f0aa,0x87ac36e9,0xe53a7426,0x01b3d82b,
- 0x1a9e7449,0x64ee2d7e,0xcddbb1da,0x01c94910,
- 0xb868bf80,0x0d26f3fd,0x9342ede7,0x04a5c284,
- 0x636737b6,0x50f5b616,0xf24766e3,0x8eca36c1,
- 0x136e05db,0xfef18391,0xfb887a37,0xd6e7f7d4,
- 0xc7fb7dc9,0x3063fcdf,0xb6f589de,0xec2941da,
- 0x26e46695,0xb7566419,0xf654efc5,0xd08d58b7,
- 0x48925401,0xc1bacb7f,0xe5ff550f,0xb6083049,
- 0x5bb5d0e8,0x87d72e5a,0xab6a6ee1,0x223a66ce,
- 0xc62bf3cd,0x9e0885f9,0x68cb3e47,0x086c010f,
- 0xa21de820,0xd18b69de,0xf3f65777,0xfa02c3f6,
- 0x407edac3,0xcbb3d550,0x1793084d,0xb0d70eba,
- 0x0ab378d5,0xd951fb0c,0xded7da56,0x4124bbe4,
- 0x94ca0b56,0x0f5755d1,0xe0e1e56e,0x6184b5be,
- 0x580a249f,0x94f74bc0,0xe327888e,0x9f7b5561,
- 0xc3dc0280,0x05687715,0x646c6bd7,0x44904db3,
- 0x66b4f0a3,0xc0f1648a,0x697ed5af,0x49e92ff6,
- 0x309e374f,0x2cb6356a,0x85808573,0x4991f840,
- 0x76f0ae02,0x083be84d,0x28421c9a,0x44489406,
- 0x736e4cb8,0xc1092910,0x8bc95fc6,0x7d869cf4,
- 0x134f616f,0x2e77118d,0xb31b2be1,0xaa90b472,
- 0x3ca5d717,0x7d161bba,0x9cad9010,0xaf462ba2,
- 0x9fe459d2,0x45d34559,0xd9f2da13,0xdbc65487,
- 0xf3e4f94e,0x176d486f,0x097c13ea,0x631da5c7,
- 0x445f7382,0x175683f4,0xcdc66a97,0x70be0288,
- 0xb3cdcf72,0x6e5dd2f3,0x20936079,0x459b80a5,
- 0xbe60e2db,0xa9c23101,0xeba5315c,0x224e42f2,
- 0x1c5c1572,0xf6721b2c,0x1ad2fff3,0x8c25404e,
- 0x324ed72f,0x4067b7fd,0x0523138e,0x5ca3bc78,
- 0xdc0fd66e,0x75922283,0x784d6b17,0x58ebb16e,
- 0x44094f85,0x3f481d87,0xfcfeae7b,0x77b5ff76,
- 0x8c2302bf,0xaaf47556,0x5f46b02a,0x2b092801,
- 0x3d38f5f7,0x0ca81f36,0x52af4a8a,0x66d5e7c0,
- 0xdf3b0874,0x95055110,0x1b5ad7a8,0xf61ed5ad,
- 0x6cf6e479,0x20758184,0xd0cefa65,0x88f7be58,
- 0x4a046826,0x0ff6f8f3,0xa09c7f70,0x5346aba0,
- 0x5ce96c28,0xe176eda3,0x6bac307f,0x376829d2,
- 0x85360fa9,0x17e3fe2a,0x24b79767,0xf5a96b20,
- 0xd6cd2595,0x68ff1ebf,0x7555442c,0xf19f06be,
- 0xf9e0659a,0xeeb9491d,0x34010718,0xbb30cab8,
- 0xe822fe15,0x88570983,0x750e6249,0xda627e55,
- 0x5e76ffa8,0xb1534546,0x6d47de08,0xefe9e7d4,
- };
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table5[256]={
- 0xf6fa8f9d,0x2cac6ce1,0x4ca34867,0xe2337f7c,
- 0x95db08e7,0x016843b4,0xeced5cbc,0x325553ac,
- 0xbf9f0960,0xdfa1e2ed,0x83f0579d,0x63ed86b9,
- 0x1ab6a6b8,0xde5ebe39,0xf38ff732,0x8989b138,
- 0x33f14961,0xc01937bd,0xf506c6da,0xe4625e7e,
- 0xa308ea99,0x4e23e33c,0x79cbd7cc,0x48a14367,
- 0xa3149619,0xfec94bd5,0xa114174a,0xeaa01866,
- 0xa084db2d,0x09a8486f,0xa888614a,0x2900af98,
- 0x01665991,0xe1992863,0xc8f30c60,0x2e78ef3c,
- 0xd0d51932,0xcf0fec14,0xf7ca07d2,0xd0a82072,
- 0xfd41197e,0x9305a6b0,0xe86be3da,0x74bed3cd,
- 0x372da53c,0x4c7f4448,0xdab5d440,0x6dba0ec3,
- 0x083919a7,0x9fbaeed9,0x49dbcfb0,0x4e670c53,
- 0x5c3d9c01,0x64bdb941,0x2c0e636a,0xba7dd9cd,
- 0xea6f7388,0xe70bc762,0x35f29adb,0x5c4cdd8d,
- 0xf0d48d8c,0xb88153e2,0x08a19866,0x1ae2eac8,
- 0x284caf89,0xaa928223,0x9334be53,0x3b3a21bf,
- 0x16434be3,0x9aea3906,0xefe8c36e,0xf890cdd9,
- 0x80226dae,0xc340a4a3,0xdf7e9c09,0xa694a807,
- 0x5b7c5ecc,0x221db3a6,0x9a69a02f,0x68818a54,
- 0xceb2296f,0x53c0843a,0xfe893655,0x25bfe68a,
- 0xb4628abc,0xcf222ebf,0x25ac6f48,0xa9a99387,
- 0x53bddb65,0xe76ffbe7,0xe967fd78,0x0ba93563,
- 0x8e342bc1,0xe8a11be9,0x4980740d,0xc8087dfc,
- 0x8de4bf99,0xa11101a0,0x7fd37975,0xda5a26c0,
- 0xe81f994f,0x9528cd89,0xfd339fed,0xb87834bf,
- 0x5f04456d,0x22258698,0xc9c4c83b,0x2dc156be,
- 0x4f628daa,0x57f55ec5,0xe2220abe,0xd2916ebf,
- 0x4ec75b95,0x24f2c3c0,0x42d15d99,0xcd0d7fa0,
- 0x7b6e27ff,0xa8dc8af0,0x7345c106,0xf41e232f,
- 0x35162386,0xe6ea8926,0x3333b094,0x157ec6f2,
- 0x372b74af,0x692573e4,0xe9a9d848,0xf3160289,
- 0x3a62ef1d,0xa787e238,0xf3a5f676,0x74364853,
- 0x20951063,0x4576698d,0xb6fad407,0x592af950,
- 0x36f73523,0x4cfb6e87,0x7da4cec0,0x6c152daa,
- 0xcb0396a8,0xc50dfe5d,0xfcd707ab,0x0921c42f,
- 0x89dff0bb,0x5fe2be78,0x448f4f33,0x754613c9,
- 0x2b05d08d,0x48b9d585,0xdc049441,0xc8098f9b,
- 0x7dede786,0xc39a3373,0x42410005,0x6a091751,
- 0x0ef3c8a6,0x890072d6,0x28207682,0xa9a9f7be,
- 0xbf32679d,0xd45b5b75,0xb353fd00,0xcbb0e358,
- 0x830f220a,0x1f8fb214,0xd372cf08,0xcc3c4a13,
- 0x8cf63166,0x061c87be,0x88c98f88,0x6062e397,
- 0x47cf8e7a,0xb6c85283,0x3cc2acfb,0x3fc06976,
- 0x4e8f0252,0x64d8314d,0xda3870e3,0x1e665459,
- 0xc10908f0,0x513021a5,0x6c5b68b7,0x822f8aa0,
- 0x3007cd3e,0x74719eef,0xdc872681,0x073340d4,
- 0x7e432fd9,0x0c5ec241,0x8809286c,0xf592d891,
- 0x08a930f6,0x957ef305,0xb7fbffbd,0xc266e96f,
- 0x6fe4ac98,0xb173ecc0,0xbc60b42a,0x953498da,
- 0xfba1ae12,0x2d4bd736,0x0f25faab,0xa4f3fceb,
- 0xe2969123,0x257f0c3d,0x9348af49,0x361400bc,
- 0xe8816f4a,0x3814f200,0xa3f94043,0x9c7a54c2,
- 0xbc704f57,0xda41e7f9,0xc25ad33a,0x54f4a084,
- 0xb17f5505,0x59357cbe,0xedbd15c8,0x7f97c5ab,
- 0xba5ac7b5,0xb6f6deaf,0x3a479c3a,0x5302da25,
- 0x653d7e6a,0x54268d49,0x51a477ea,0x5017d55b,
- 0xd7d25d88,0x44136c76,0x0404a8c8,0xb8e5a121,
- 0xb81a928a,0x60ed5869,0x97c55b96,0xeaec991b,
- 0x29935913,0x01fdb7f1,0x088e8dfa,0x9ab6f6f5,
- 0x3b4cbf9f,0x4a5de3ab,0xe6051d35,0xa0e1d855,
- 0xd36b4cf1,0xf544edeb,0xb0e93524,0xbebb8fbd,
- 0xa2d762cf,0x49c92f54,0x38b5f331,0x7128a454,
- 0x48392905,0xa65b1db8,0x851c97bd,0xd675cf2f,
- };
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table6[256]={
- 0x85e04019,0x332bf567,0x662dbfff,0xcfc65693,
- 0x2a8d7f6f,0xab9bc912,0xde6008a1,0x2028da1f,
- 0x0227bce7,0x4d642916,0x18fac300,0x50f18b82,
- 0x2cb2cb11,0xb232e75c,0x4b3695f2,0xb28707de,
- 0xa05fbcf6,0xcd4181e9,0xe150210c,0xe24ef1bd,
- 0xb168c381,0xfde4e789,0x5c79b0d8,0x1e8bfd43,
- 0x4d495001,0x38be4341,0x913cee1d,0x92a79c3f,
- 0x089766be,0xbaeeadf4,0x1286becf,0xb6eacb19,
- 0x2660c200,0x7565bde4,0x64241f7a,0x8248dca9,
- 0xc3b3ad66,0x28136086,0x0bd8dfa8,0x356d1cf2,
- 0x107789be,0xb3b2e9ce,0x0502aa8f,0x0bc0351e,
- 0x166bf52a,0xeb12ff82,0xe3486911,0xd34d7516,
- 0x4e7b3aff,0x5f43671b,0x9cf6e037,0x4981ac83,
- 0x334266ce,0x8c9341b7,0xd0d854c0,0xcb3a6c88,
- 0x47bc2829,0x4725ba37,0xa66ad22b,0x7ad61f1e,
- 0x0c5cbafa,0x4437f107,0xb6e79962,0x42d2d816,
- 0x0a961288,0xe1a5c06e,0x13749e67,0x72fc081a,
- 0xb1d139f7,0xf9583745,0xcf19df58,0xbec3f756,
- 0xc06eba30,0x07211b24,0x45c28829,0xc95e317f,
- 0xbc8ec511,0x38bc46e9,0xc6e6fa14,0xbae8584a,
- 0xad4ebc46,0x468f508b,0x7829435f,0xf124183b,
- 0x821dba9f,0xaff60ff4,0xea2c4e6d,0x16e39264,
- 0x92544a8b,0x009b4fc3,0xaba68ced,0x9ac96f78,
- 0x06a5b79a,0xb2856e6e,0x1aec3ca9,0xbe838688,
- 0x0e0804e9,0x55f1be56,0xe7e5363b,0xb3a1f25d,
- 0xf7debb85,0x61fe033c,0x16746233,0x3c034c28,
- 0xda6d0c74,0x79aac56c,0x3ce4e1ad,0x51f0c802,
- 0x98f8f35a,0x1626a49f,0xeed82b29,0x1d382fe3,
- 0x0c4fb99a,0xbb325778,0x3ec6d97b,0x6e77a6a9,
- 0xcb658b5c,0xd45230c7,0x2bd1408b,0x60c03eb7,
- 0xb9068d78,0xa33754f4,0xf430c87d,0xc8a71302,
- 0xb96d8c32,0xebd4e7be,0xbe8b9d2d,0x7979fb06,
- 0xe7225308,0x8b75cf77,0x11ef8da4,0xe083c858,
- 0x8d6b786f,0x5a6317a6,0xfa5cf7a0,0x5dda0033,
- 0xf28ebfb0,0xf5b9c310,0xa0eac280,0x08b9767a,
- 0xa3d9d2b0,0x79d34217,0x021a718d,0x9ac6336a,
- 0x2711fd60,0x438050e3,0x069908a8,0x3d7fedc4,
- 0x826d2bef,0x4eeb8476,0x488dcf25,0x36c9d566,
- 0x28e74e41,0xc2610aca,0x3d49a9cf,0xbae3b9df,
- 0xb65f8de6,0x92aeaf64,0x3ac7d5e6,0x9ea80509,
- 0xf22b017d,0xa4173f70,0xdd1e16c3,0x15e0d7f9,
- 0x50b1b887,0x2b9f4fd5,0x625aba82,0x6a017962,
- 0x2ec01b9c,0x15488aa9,0xd716e740,0x40055a2c,
- 0x93d29a22,0xe32dbf9a,0x058745b9,0x3453dc1e,
- 0xd699296e,0x496cff6f,0x1c9f4986,0xdfe2ed07,
- 0xb87242d1,0x19de7eae,0x053e561a,0x15ad6f8c,
- 0x66626c1c,0x7154c24c,0xea082b2a,0x93eb2939,
- 0x17dcb0f0,0x58d4f2ae,0x9ea294fb,0x52cf564c,
- 0x9883fe66,0x2ec40581,0x763953c3,0x01d6692e,
- 0xd3a0c108,0xa1e7160e,0xe4f2dfa6,0x693ed285,
- 0x74904698,0x4c2b0edd,0x4f757656,0x5d393378,
- 0xa132234f,0x3d321c5d,0xc3f5e194,0x4b269301,
- 0xc79f022f,0x3c997e7e,0x5e4f9504,0x3ffafbbd,
- 0x76f7ad0e,0x296693f4,0x3d1fce6f,0xc61e45be,
- 0xd3b5ab34,0xf72bf9b7,0x1b0434c0,0x4e72b567,
- 0x5592a33d,0xb5229301,0xcfd2a87f,0x60aeb767,
- 0x1814386b,0x30bcc33d,0x38a0c07d,0xfd1606f2,
- 0xc363519b,0x589dd390,0x5479f8e6,0x1cb8d647,
- 0x97fd61a9,0xea7759f4,0x2d57539d,0x569a58cf,
- 0xe84e63ad,0x462e1b78,0x6580f87e,0xf3817914,
- 0x91da55f4,0x40a230f3,0xd1988f35,0xb6e318d2,
- 0x3ffa50bc,0x3d40f021,0xc3c0bdae,0x4958c24c,
- 0x518f36b2,0x84b1d370,0x0fedce83,0x878ddada,
- 0xf2a279c7,0x94e01be8,0x90716f4b,0x954b8aa3,
- };
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table7[256]={
- 0xe216300d,0xbbddfffc,0xa7ebdabd,0x35648095,
- 0x7789f8b7,0xe6c1121b,0x0e241600,0x052ce8b5,
- 0x11a9cfb0,0xe5952f11,0xece7990a,0x9386d174,
- 0x2a42931c,0x76e38111,0xb12def3a,0x37ddddfc,
- 0xde9adeb1,0x0a0cc32c,0xbe197029,0x84a00940,
- 0xbb243a0f,0xb4d137cf,0xb44e79f0,0x049eedfd,
- 0x0b15a15d,0x480d3168,0x8bbbde5a,0x669ded42,
- 0xc7ece831,0x3f8f95e7,0x72df191b,0x7580330d,
- 0x94074251,0x5c7dcdfa,0xabbe6d63,0xaa402164,
- 0xb301d40a,0x02e7d1ca,0x53571dae,0x7a3182a2,
- 0x12a8ddec,0xfdaa335d,0x176f43e8,0x71fb46d4,
- 0x38129022,0xce949ad4,0xb84769ad,0x965bd862,
- 0x82f3d055,0x66fb9767,0x15b80b4e,0x1d5b47a0,
- 0x4cfde06f,0xc28ec4b8,0x57e8726e,0x647a78fc,
- 0x99865d44,0x608bd593,0x6c200e03,0x39dc5ff6,
- 0x5d0b00a3,0xae63aff2,0x7e8bd632,0x70108c0c,
- 0xbbd35049,0x2998df04,0x980cf42a,0x9b6df491,
- 0x9e7edd53,0x06918548,0x58cb7e07,0x3b74ef2e,
- 0x522fffb1,0xd24708cc,0x1c7e27cd,0xa4eb215b,
- 0x3cf1d2e2,0x19b47a38,0x424f7618,0x35856039,
- 0x9d17dee7,0x27eb35e6,0xc9aff67b,0x36baf5b8,
- 0x09c467cd,0xc18910b1,0xe11dbf7b,0x06cd1af8,
- 0x7170c608,0x2d5e3354,0xd4de495a,0x64c6d006,
- 0xbcc0c62c,0x3dd00db3,0x708f8f34,0x77d51b42,
- 0x264f620f,0x24b8d2bf,0x15c1b79e,0x46a52564,
- 0xf8d7e54e,0x3e378160,0x7895cda5,0x859c15a5,
- 0xe6459788,0xc37bc75f,0xdb07ba0c,0x0676a3ab,
- 0x7f229b1e,0x31842e7b,0x24259fd7,0xf8bef472,
- 0x835ffcb8,0x6df4c1f2,0x96f5b195,0xfd0af0fc,
- 0xb0fe134c,0xe2506d3d,0x4f9b12ea,0xf215f225,
- 0xa223736f,0x9fb4c428,0x25d04979,0x34c713f8,
- 0xc4618187,0xea7a6e98,0x7cd16efc,0x1436876c,
- 0xf1544107,0xbedeee14,0x56e9af27,0xa04aa441,
- 0x3cf7c899,0x92ecbae6,0xdd67016d,0x151682eb,
- 0xa842eedf,0xfdba60b4,0xf1907b75,0x20e3030f,
- 0x24d8c29e,0xe139673b,0xefa63fb8,0x71873054,
- 0xb6f2cf3b,0x9f326442,0xcb15a4cc,0xb01a4504,
- 0xf1e47d8d,0x844a1be5,0xbae7dfdc,0x42cbda70,
- 0xcd7dae0a,0x57e85b7a,0xd53f5af6,0x20cf4d8c,
- 0xcea4d428,0x79d130a4,0x3486ebfb,0x33d3cddc,
- 0x77853b53,0x37effcb5,0xc5068778,0xe580b3e6,
- 0x4e68b8f4,0xc5c8b37e,0x0d809ea2,0x398feb7c,
- 0x132a4f94,0x43b7950e,0x2fee7d1c,0x223613bd,
- 0xdd06caa2,0x37df932b,0xc4248289,0xacf3ebc3,
- 0x5715f6b7,0xef3478dd,0xf267616f,0xc148cbe4,
- 0x9052815e,0x5e410fab,0xb48a2465,0x2eda7fa4,
- 0xe87b40e4,0xe98ea084,0x5889e9e1,0xefd390fc,
- 0xdd07d35b,0xdb485694,0x38d7e5b2,0x57720101,
- 0x730edebc,0x5b643113,0x94917e4f,0x503c2fba,
- 0x646f1282,0x7523d24a,0xe0779695,0xf9c17a8f,
- 0x7a5b2121,0xd187b896,0x29263a4d,0xba510cdf,
- 0x81f47c9f,0xad1163ed,0xea7b5965,0x1a00726e,
- 0x11403092,0x00da6d77,0x4a0cdd61,0xad1f4603,
- 0x605bdfb0,0x9eedc364,0x22ebe6a8,0xcee7d28a,
- 0xa0e736a0,0x5564a6b9,0x10853209,0xc7eb8f37,
- 0x2de705ca,0x8951570f,0xdf09822b,0xbd691a6c,
- 0xaa12e4f2,0x87451c0f,0xe0f6a27a,0x3ada4819,
- 0x4cf1764f,0x0d771c2b,0x67cdb156,0x350d8384,
- 0x5938fa0f,0x42399ef3,0x36997b07,0x0e84093d,
- 0x4aa93e61,0x8360d87b,0x1fa98b0c,0x1149382c,
- 0xe97625a5,0x0614d1b7,0x0e25244b,0x0c768347,
- 0x589e8d82,0x0d2059d1,0xa466bb1e,0xf8da0a82,
- 0x04f19130,0xba6e4ec0,0x99265164,0x1ee7230d,
- 0x50b2ad80,0xeaee6801,0x8db2a283,0xea8bf59e,
- };
diff --git a/src/lib/libcrypto/comp/c_rle.c b/src/lib/libcrypto/comp/c_rle.c
deleted file mode 100644
index 1a819e3737..0000000000
--- a/src/lib/libcrypto/comp/c_rle.c
+++ /dev/null
@@ -1,61 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-
-static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
- unsigned int olen, unsigned char *in, unsigned int ilen);
-static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
- unsigned int olen, unsigned char *in, unsigned int ilen);
-
-static COMP_METHOD rle_method={
- NID_rle_compression,
- LN_rle_compression,
- NULL,
- NULL,
- rle_compress_block,
- rle_expand_block,
- NULL,
- };
-
-COMP_METHOD *COMP_rle(void)
- {
- return(&rle_method);
- }
-
-static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
- unsigned int olen, unsigned char *in, unsigned int ilen)
- {
- /* int i; */
-
- if (olen < (ilen+1))
- {
- /* ZZZZZZZZZZZZZZZZZZZZZZ */
- return(-1);
- }
-
- *(out++)=0;
- memcpy(out,in,ilen);
- return(ilen+1);
- }
-
-static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
- unsigned int olen, unsigned char *in, unsigned int ilen)
- {
- int i;
-
- if (olen < (ilen-1))
- {
- /* ZZZZZZZZZZZZZZZZZZZZZZ */
- return(-1);
- }
-
- i= *(in++);
- if (i == 0)
- {
- memcpy(out,in,ilen-1);
- }
- return(ilen-1);
- }
-
diff --git a/src/lib/libcrypto/comp/c_zlib.c b/src/lib/libcrypto/comp/c_zlib.c
deleted file mode 100644
index 6684ab4841..0000000000
--- a/src/lib/libcrypto/comp/c_zlib.c
+++ /dev/null
@@ -1,133 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-
-COMP_METHOD *COMP_zlib(void );
-
-#ifndef ZLIB
-
-static COMP_METHOD zlib_method={
- NID_undef,
- "(null)",
- NULL,
- NULL,
- NULL,
- NULL,
- NULL,
- };
-
-#else
-
-#include <zlib.h>
-
-static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
- unsigned int olen, unsigned char *in, unsigned int ilen);
-static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out,
- unsigned int olen, unsigned char *in, unsigned int ilen);
-
-static int zz_uncompress(Bytef *dest, uLongf *destLen, const Bytef *source,
- uLong sourceLen);
-
-static COMP_METHOD zlib_method={
- NID_zlib_compression,
- LN_zlib_compression,
- NULL,
- NULL,
- zlib_compress_block,
- zlib_expand_block,
- NULL,
- };
-
-static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
- unsigned int olen, unsigned char *in, unsigned int ilen)
- {
- unsigned long l;
- int i;
- int clear=1;
-
- if (ilen > 128)
- {
- out[0]=1;
- l=olen-1;
- i=compress(&(out[1]),&l,in,(unsigned long)ilen);
- if (i != Z_OK)
- return(-1);
- if (ilen > l)
- {
- clear=0;
- l++;
- }
- }
- if (clear)
- {
- out[0]=0;
- memcpy(&(out[1]),in,ilen);
- l=ilen+1;
- }
-fprintf(stderr,"compress(%4d)->%4d %s\n",ilen,(int)l,(clear)?"clear":"zlib");
- return((int)l);
- }
-
-static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out,
- unsigned int olen, unsigned char *in, unsigned int ilen)
- {
- unsigned long l;
- int i;
-
- if (in[0])
- {
- l=olen;
- i=zz_uncompress(out,&l,&(in[1]),(unsigned long)ilen-1);
- if (i != Z_OK)
- return(-1);
- }
- else
- {
- memcpy(out,&(in[1]),ilen-1);
- l=ilen-1;
- }
- fprintf(stderr,"expand (%4d)->%4d %s\n",ilen,(int)l,in[0]?"zlib":"clear");
- return((int)l);
- }
-
-static int zz_uncompress (Bytef *dest, uLongf *destLen, const Bytef *source,
- uLong sourceLen)
-{
- z_stream stream;
- int err;
-
- stream.next_in = (Bytef*)source;
- stream.avail_in = (uInt)sourceLen;
- /* Check for source > 64K on 16-bit machine: */
- if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
-
- stream.next_out = dest;
- stream.avail_out = (uInt)*destLen;
- if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
-
- stream.zalloc = (alloc_func)0;
- stream.zfree = (free_func)0;
-
- err = inflateInit(&stream);
- if (err != Z_OK) return err;
-
- err = inflate(&stream, Z_FINISH);
- if (err != Z_STREAM_END) {
- inflateEnd(&stream);
- return err;
- }
- *destLen = stream.total_out;
-
- err = inflateEnd(&stream);
- return err;
-}
-
-#endif
-
-COMP_METHOD *COMP_zlib(void)
- {
- return(&zlib_method);
- }
-
diff --git a/src/lib/libcrypto/comp/comp.h b/src/lib/libcrypto/comp/comp.h
deleted file mode 100644
index 0922609542..0000000000
--- a/src/lib/libcrypto/comp/comp.h
+++ /dev/null
@@ -1,61 +0,0 @@
-
-#ifndef HEADER_COMP_H
-#define HEADER_COMP_H
-
-#include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct comp_method_st
- {
- int type; /* NID for compression library */
- const char *name; /* A text string to identify the library */
- int (*init)();
- void (*finish)();
- int (*compress)();
- int (*expand)();
- long (*ctrl)();
- long (*callback_ctrl)();
- } COMP_METHOD;
-
-typedef struct comp_ctx_st
- {
- COMP_METHOD *meth;
- unsigned long compress_in;
- unsigned long compress_out;
- unsigned long expand_in;
- unsigned long expand_out;
-
- CRYPTO_EX_DATA ex_data;
- } COMP_CTX;
-
-
-COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
-void COMP_CTX_free(COMP_CTX *ctx);
-int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
- unsigned char *in, int ilen);
-int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
- unsigned char *in, int ilen);
-COMP_METHOD *COMP_rle(void );
-#ifdef ZLIB
-COMP_METHOD *COMP_zlib(void );
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the COMP functions. */
-
-/* Function codes. */
-
-/* Reason codes. */
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/comp/comp_err.c b/src/lib/libcrypto/comp/comp_err.c
deleted file mode 100644
index c10282a73c..0000000000
--- a/src/lib/libcrypto/comp/comp_err.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* crypto/comp/comp_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/comp.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA COMP_str_functs[]=
- {
-{0,NULL}
- };
-
-static ERR_STRING_DATA COMP_str_reasons[]=
- {
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_COMP_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_COMP,COMP_str_functs);
- ERR_load_strings(ERR_LIB_COMP,COMP_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/comp/comp_lib.c b/src/lib/libcrypto/comp/comp_lib.c
deleted file mode 100644
index beb98ce8cc..0000000000
--- a/src/lib/libcrypto/comp/comp_lib.c
+++ /dev/null
@@ -1,78 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-
-COMP_CTX *COMP_CTX_new(COMP_METHOD *meth)
- {
- COMP_CTX *ret;
-
- if ((ret=(COMP_CTX *)OPENSSL_malloc(sizeof(COMP_CTX))) == NULL)
- {
- /* ZZZZZZZZZZZZZZZZ */
- return(NULL);
- }
- memset(ret,0,sizeof(COMP_CTX));
- ret->meth=meth;
- if ((ret->meth->init != NULL) && !ret->meth->init(ret))
- {
- OPENSSL_free(ret);
- ret=NULL;
- }
-#if 0
- else
- CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data);
-#endif
- return(ret);
- }
-
-void COMP_CTX_free(COMP_CTX *ctx)
- {
- /* CRYPTO_free_ex_data(rsa_meth,(char *)ctx,&ctx->ex_data); */
-
- if(ctx == NULL)
- return;
-
- if (ctx->meth->finish != NULL)
- ctx->meth->finish(ctx);
-
- OPENSSL_free(ctx);
- }
-
-int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
- unsigned char *in, int ilen)
- {
- int ret;
- if (ctx->meth->compress == NULL)
- {
- /* ZZZZZZZZZZZZZZZZZ */
- return(-1);
- }
- ret=ctx->meth->compress(ctx,out,olen,in,ilen);
- if (ret > 0)
- {
- ctx->compress_in+=ilen;
- ctx->compress_out+=ret;
- }
- return(ret);
- }
-
-int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
- unsigned char *in, int ilen)
- {
- int ret;
-
- if (ctx->meth->expand == NULL)
- {
- /* ZZZZZZZZZZZZZZZZZ */
- return(-1);
- }
- ret=ctx->meth->expand(ctx,out,olen,in,ilen);
- if (ret > 0)
- {
- ctx->expand_in+=ilen;
- ctx->expand_out+=ret;
- }
- return(ret);
- }
diff --git a/src/lib/libcrypto/conf/conf.h b/src/lib/libcrypto/conf/conf.h
deleted file mode 100644
index cd40a0db21..0000000000
--- a/src/lib/libcrypto/conf/conf.h
+++ /dev/null
@@ -1,179 +0,0 @@
-/* crypto/conf/conf.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CONF_H
-#define HEADER_CONF_H
-
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
-#include <openssl/stack.h>
-#include <openssl/safestack.h>
-#include <openssl/e_os.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct
- {
- char *section;
- char *name;
- char *value;
- } CONF_VALUE;
-
-DECLARE_STACK_OF(CONF_VALUE)
-
-struct conf_st;
-typedef struct conf_st CONF;
-struct conf_method_st;
-typedef struct conf_method_st CONF_METHOD;
-
-struct conf_method_st
- {
- const char *name;
- CONF *(MS_FAR *create)(CONF_METHOD *meth);
- int (MS_FAR *init)(CONF *conf);
- int (MS_FAR *destroy)(CONF *conf);
- int (MS_FAR *destroy_data)(CONF *conf);
- int (MS_FAR *load)(CONF *conf, BIO *bp, long *eline);
- int (MS_FAR *dump)(CONF *conf, BIO *bp);
- int (MS_FAR *is_number)(CONF *conf, char c);
- int (MS_FAR *to_int)(CONF *conf, char c);
- };
-
-int CONF_set_default_method(CONF_METHOD *meth);
-LHASH *CONF_load(LHASH *conf,const char *file,long *eline);
-#ifndef NO_FP_API
-LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline);
-#endif
-LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline);
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,char *section);
-char *CONF_get_string(LHASH *conf,char *group,char *name);
-long CONF_get_number(LHASH *conf,char *group,char *name);
-void CONF_free(LHASH *conf);
-int CONF_dump_fp(LHASH *conf, FILE *out);
-int CONF_dump_bio(LHASH *conf, BIO *out);
-void ERR_load_CONF_strings(void );
-
-/* New conf code. The semantics are different from the functions above.
- If that wasn't the case, the above functions would have been replaced */
-
-struct conf_st
- {
- CONF_METHOD *meth;
- void *meth_data;
- LHASH *data;
- };
-
-CONF *NCONF_new(CONF_METHOD *meth);
-CONF_METHOD *NCONF_default();
-CONF_METHOD *NCONF_WIN32();
-#if 0 /* Just to give you an idea of what I have in mind */
-CONF_METHOD *NCONF_XML();
-#endif
-void NCONF_free(CONF *conf);
-void NCONF_free_data(CONF *conf);
-
-int NCONF_load(CONF *conf,const char *file,long *eline);
-#ifndef NO_FP_API
-int NCONF_load_fp(CONF *conf, FILE *fp,long *eline);
-#endif
-int NCONF_load_bio(CONF *conf, BIO *bp,long *eline);
-STACK_OF(CONF_VALUE) *NCONF_get_section(CONF *conf,char *section);
-char *NCONF_get_string(CONF *conf,char *group,char *name);
-long NCONF_get_number(CONF *conf,char *group,char *name);
-int NCONF_dump_fp(CONF *conf, FILE *out);
-int NCONF_dump_bio(CONF *conf, BIO *out);
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the CONF functions. */
-
-/* Function codes. */
-#define CONF_F_CONF_DUMP_FP 104
-#define CONF_F_CONF_LOAD 100
-#define CONF_F_CONF_LOAD_BIO 102
-#define CONF_F_CONF_LOAD_FP 103
-#define CONF_F_NCONF_DUMP_BIO 105
-#define CONF_F_NCONF_DUMP_FP 106
-#define CONF_F_NCONF_GET_NUMBER 107
-#define CONF_F_NCONF_GET_SECTION 108
-#define CONF_F_NCONF_GET_STRING 109
-#define CONF_F_NCONF_LOAD_BIO 110
-#define CONF_F_NCONF_NEW 111
-#define CONF_F_STR_COPY 101
-
-/* Reason codes. */
-#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
-#define CONF_R_MISSING_EQUAL_SIGN 101
-#define CONF_R_NO_CLOSE_BRACE 102
-#define CONF_R_NO_CONF 105
-#define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106
-#define CONF_R_NO_SECTION 107
-#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
-#define CONF_R_VARIABLE_HAS_NO_VALUE 104
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/conf/conf_api.c b/src/lib/libcrypto/conf/conf_api.c
deleted file mode 100644
index d05a778ff6..0000000000
--- a/src/lib/libcrypto/conf/conf_api.c
+++ /dev/null
@@ -1,289 +0,0 @@
-/* conf_api.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Part of the code in here was originally in conf.c, which is now removed */
-
-#ifndef CONF_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <assert.h>
-#include <string.h>
-#include <openssl/conf.h>
-#include <openssl/conf_api.h>
-
-static void value_free_hash(CONF_VALUE *a, LHASH *conf);
-static void value_free_stack(CONF_VALUE *a,LHASH *conf);
-static unsigned long hash(CONF_VALUE *v);
-static int cmp_conf(CONF_VALUE *a,CONF_VALUE *b);
-
-/* Up until OpenSSL 0.9.5a, this was get_section */
-CONF_VALUE *_CONF_get_section(CONF *conf, char *section)
- {
- CONF_VALUE *v,vv;
-
- if ((conf == NULL) || (section == NULL)) return(NULL);
- vv.name=NULL;
- vv.section=section;
- v=(CONF_VALUE *)lh_retrieve(conf->data,&vv);
- return(v);
- }
-
-/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
-STACK_OF(CONF_VALUE) *_CONF_get_section_values(CONF *conf, char *section)
- {
- CONF_VALUE *v;
-
- v=_CONF_get_section(conf,section);
- if (v != NULL)
- return((STACK_OF(CONF_VALUE) *)v->value);
- else
- return(NULL);
- }
-
-int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value)
- {
- CONF_VALUE *v = NULL;
- STACK_OF(CONF_VALUE) *ts;
-
- ts = (STACK_OF(CONF_VALUE) *)section->value;
-
- value->section=section->section;
- if (!sk_CONF_VALUE_push(ts,value))
- {
- return 0;
- }
-
- v = (CONF_VALUE *)lh_insert(conf->data, value);
- if (v != NULL)
- {
- sk_CONF_VALUE_delete_ptr(ts,v);
- OPENSSL_free(v->name);
- OPENSSL_free(v->value);
- OPENSSL_free(v);
- }
- return 1;
- }
-
-char *_CONF_get_string(CONF *conf, char *section, char *name)
- {
- CONF_VALUE *v,vv;
- char *p;
-
- if (name == NULL) return(NULL);
- if (conf != NULL)
- {
- if (section != NULL)
- {
- vv.name=name;
- vv.section=section;
- v=(CONF_VALUE *)lh_retrieve(conf->data,&vv);
- if (v != NULL) return(v->value);
- if (strcmp(section,"ENV") == 0)
- {
- p=Getenv(name);
- if (p != NULL) return(p);
- }
- }
- vv.section="default";
- vv.name=name;
- v=(CONF_VALUE *)lh_retrieve(conf->data,&vv);
- if (v != NULL)
- return(v->value);
- else
- return(NULL);
- }
- else
- return(Getenv(name));
- }
-
-long _CONF_get_number(CONF *conf, char *section, char *name)
- {
- char *str;
- long ret=0;
-
- str=_CONF_get_string(conf,section,name);
- if (str == NULL) return(0);
- for (;;)
- {
- if (conf->meth->is_number(conf, *str))
- ret=ret*10+conf->meth->to_int(conf, *str);
- else
- return(ret);
- str++;
- }
- }
-
-int _CONF_new_data(CONF *conf)
- {
- if (conf == NULL)
- {
- return 0;
- }
- if (conf->data == NULL)
- if ((conf->data = lh_new(hash,cmp_conf)) == NULL)
- {
- return 0;
- }
- return 1;
- }
-
-void _CONF_free_data(CONF *conf)
- {
- if (conf == NULL || conf->data == NULL) return;
-
- conf->data->down_load=0; /* evil thing to make sure the 'OPENSSL_free()'
- * works as expected */
- lh_doall_arg(conf->data,(void (*)())value_free_hash,conf->data);
-
- /* We now have only 'section' entries in the hash table.
- * Due to problems with */
-
- lh_doall_arg(conf->data,(void (*)())value_free_stack,conf->data);
- lh_free(conf->data);
- }
-
-static void value_free_hash(CONF_VALUE *a, LHASH *conf)
- {
- if (a->name != NULL)
- {
- a=(CONF_VALUE *)lh_delete(conf,a);
- }
- }
-
-static void value_free_stack(CONF_VALUE *a, LHASH *conf)
- {
- CONF_VALUE *vv;
- STACK *sk;
- int i;
-
- if (a->name != NULL) return;
-
- sk=(STACK *)a->value;
- for (i=sk_num(sk)-1; i>=0; i--)
- {
- vv=(CONF_VALUE *)sk_value(sk,i);
- OPENSSL_free(vv->value);
- OPENSSL_free(vv->name);
- OPENSSL_free(vv);
- }
- if (sk != NULL) sk_free(sk);
- OPENSSL_free(a->section);
- OPENSSL_free(a);
- }
-
-static unsigned long hash(CONF_VALUE *v)
- {
- return((lh_strhash(v->section)<<2)^lh_strhash(v->name));
- }
-
-static int cmp_conf(CONF_VALUE *a, CONF_VALUE *b)
- {
- int i;
-
- if (a->section != b->section)
- {
- i=strcmp(a->section,b->section);
- if (i) return(i);
- }
-
- if ((a->name != NULL) && (b->name != NULL))
- {
- i=strcmp(a->name,b->name);
- return(i);
- }
- else if (a->name == b->name)
- return(0);
- else
- return((a->name == NULL)?-1:1);
- }
-
-/* Up until OpenSSL 0.9.5a, this was new_section */
-CONF_VALUE *_CONF_new_section(CONF *conf, char *section)
- {
- STACK *sk=NULL;
- int ok=0,i;
- CONF_VALUE *v=NULL,*vv;
-
- if ((sk=sk_new_null()) == NULL)
- goto err;
- if ((v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL)
- goto err;
- i=strlen(section)+1;
- if ((v->section=(char *)OPENSSL_malloc(i)) == NULL)
- goto err;
-
- memcpy(v->section,section,i);
- v->name=NULL;
- v->value=(char *)sk;
-
- vv=(CONF_VALUE *)lh_insert(conf->data,v);
- assert(vv == NULL);
- ok=1;
-err:
- if (!ok)
- {
- if (sk != NULL) sk_free(sk);
- if (v != NULL) OPENSSL_free(v);
- v=NULL;
- }
- return(v);
- }
-
-IMPLEMENT_STACK_OF(CONF_VALUE)
diff --git a/src/lib/libcrypto/conf/conf_api.h b/src/lib/libcrypto/conf/conf_api.h
deleted file mode 100644
index a5cc17b233..0000000000
--- a/src/lib/libcrypto/conf/conf_api.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/* conf_api.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CONF_API_H
-#define HEADER_CONF_API_H
-
-#include <openssl/lhash.h>
-#include <openssl/conf.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Up until OpenSSL 0.9.5a, this was new_section */
-CONF_VALUE *_CONF_new_section(CONF *conf, char *section);
-/* Up until OpenSSL 0.9.5a, this was get_section */
-CONF_VALUE *_CONF_get_section(CONF *conf, char *section);
-/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
-STACK_OF(CONF_VALUE) *_CONF_get_section_values(CONF *conf, char *section);
-
-int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
-char *_CONF_get_string(CONF *conf, char *section, char *name);
-long _CONF_get_number(CONF *conf, char *section, char *name);
-
-int _CONF_new_data(CONF *conf);
-void _CONF_free_data(CONF *conf);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/conf/conf_def.c b/src/lib/libcrypto/conf/conf_def.c
deleted file mode 100644
index 773df32c68..0000000000
--- a/src/lib/libcrypto/conf/conf_def.c
+++ /dev/null
@@ -1,703 +0,0 @@
-/* crypto/conf/conf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Part of the code in here was originally in conf.c, which is now removed */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/stack.h>
-#include <openssl/lhash.h>
-#include <openssl/conf.h>
-#include <openssl/conf_api.h>
-#include "conf_def.h"
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-static char *eat_ws(CONF *conf, char *p);
-static char *eat_alpha_numeric(CONF *conf, char *p);
-static void clear_comments(CONF *conf, char *p);
-static int str_copy(CONF *conf,char *section,char **to, char *from);
-static char *scan_quote(CONF *conf, char *p);
-static char *scan_dquote(CONF *conf, char *p);
-#define scan_esc(conf,p) (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2)))
-
-static CONF *def_create(CONF_METHOD *meth);
-static int def_init_default(CONF *conf);
-static int def_init_WIN32(CONF *conf);
-static int def_destroy(CONF *conf);
-static int def_destroy_data(CONF *conf);
-static int def_load(CONF *conf, BIO *bp, long *eline);
-static int def_dump(CONF *conf, BIO *bp);
-static int def_is_number(CONF *conf, char c);
-static int def_to_int(CONF *conf, char c);
-
-const char *CONF_def_version="CONF_def" OPENSSL_VERSION_PTEXT;
-
-static CONF_METHOD default_method = {
- "OpenSSL default",
- def_create,
- def_init_default,
- def_destroy,
- def_destroy_data,
- def_load,
- def_dump,
- def_is_number,
- def_to_int
- };
-
-static CONF_METHOD WIN32_method = {
- "WIN32",
- def_create,
- def_init_WIN32,
- def_destroy,
- def_destroy_data,
- def_load,
- def_dump,
- def_is_number,
- def_to_int
- };
-
-CONF_METHOD *NCONF_default()
- {
- return &default_method;
- }
-CONF_METHOD *NCONF_WIN32()
- {
- return &WIN32_method;
- }
-
-static CONF *def_create(CONF_METHOD *meth)
- {
- CONF *ret;
-
- ret = (CONF *)OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *));
- if (ret)
- if (meth->init(ret) == 0)
- {
- OPENSSL_free(ret);
- ret = NULL;
- }
- return ret;
- }
-
-static int def_init_default(CONF *conf)
- {
- if (conf == NULL)
- return 0;
-
- conf->meth = &default_method;
- conf->meth_data = (void *)CONF_type_default;
- conf->data = NULL;
-
- return 1;
- }
-
-static int def_init_WIN32(CONF *conf)
- {
- if (conf == NULL)
- return 0;
-
- conf->meth = &WIN32_method;
- conf->meth_data = (void *)CONF_type_win32;
- conf->data = NULL;
-
- return 1;
- }
-
-static int def_destroy(CONF *conf)
- {
- if (def_destroy_data(conf))
- {
- OPENSSL_free(conf);
- return 1;
- }
- return 0;
- }
-
-static int def_destroy_data(CONF *conf)
- {
- if (conf == NULL)
- return 0;
- _CONF_free_data(conf);
- return 1;
- }
-
-static int def_load(CONF *conf, BIO *in, long *line)
- {
-#define BUFSIZE 512
- char btmp[16];
- int bufnum=0,i,ii;
- BUF_MEM *buff=NULL;
- char *s,*p,*end;
- int again,n;
- long eline=0;
- CONF_VALUE *v=NULL,*tv;
- CONF_VALUE *sv=NULL;
- char *section=NULL,*buf;
- STACK_OF(CONF_VALUE) *section_sk=NULL,*ts;
- char *start,*psection,*pname;
- void *h = (void *)(conf->data);
-
- if ((buff=BUF_MEM_new()) == NULL)
- {
- CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB);
- goto err;
- }
-
- section=(char *)OPENSSL_malloc(10);
- if (section == NULL)
- {
- CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- strcpy(section,"default");
-
- if (_CONF_new_data(conf) == 0)
- {
- CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- sv=_CONF_new_section(conf,section);
- if (sv == NULL)
- {
- CONFerr(CONF_F_CONF_LOAD_BIO,
- CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
- goto err;
- }
- section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
-
- bufnum=0;
- for (;;)
- {
- again=0;
- if (!BUF_MEM_grow(buff,bufnum+BUFSIZE))
- {
- CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB);
- goto err;
- }
- p= &(buff->data[bufnum]);
- *p='\0';
- BIO_gets(in, p, BUFSIZE-1);
- p[BUFSIZE-1]='\0';
- ii=i=strlen(p);
- if (i == 0) break;
- while (i > 0)
- {
- if ((p[i-1] != '\r') && (p[i-1] != '\n'))
- break;
- else
- i--;
- }
- /* we removed some trailing stuff so there is a new
- * line on the end. */
- if (i == ii)
- again=1; /* long line */
- else
- {
- p[i]='\0';
- eline++; /* another input line */
- }
-
- /* we now have a line with trailing \r\n removed */
-
- /* i is the number of bytes */
- bufnum+=i;
-
- v=NULL;
- /* check for line continuation */
- if (bufnum >= 1)
- {
- /* If we have bytes and the last char '\\' and
- * second last char is not '\\' */
- p= &(buff->data[bufnum-1]);
- if (IS_ESC(conf,p[0]) &&
- ((bufnum <= 1) || !IS_ESC(conf,p[-1])))
- {
- bufnum--;
- again=1;
- }
- }
- if (again) continue;
- bufnum=0;
- buf=buff->data;
-
- clear_comments(conf, buf);
- n=strlen(buf);
- s=eat_ws(conf, buf);
- if (IS_EOF(conf,*s)) continue; /* blank line */
- if (*s == '[')
- {
- char *ss;
-
- s++;
- start=eat_ws(conf, s);
- ss=start;
-again:
- end=eat_alpha_numeric(conf, ss);
- p=eat_ws(conf, end);
- if (*p != ']')
- {
- if (*p != '\0')
- {
- ss=p;
- goto again;
- }
- CONFerr(CONF_F_CONF_LOAD_BIO,
- CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
- goto err;
- }
- *end='\0';
- if (!str_copy(conf,NULL,§ion,start)) goto err;
- if ((sv=_CONF_get_section(conf,section)) == NULL)
- sv=_CONF_new_section(conf,section);
- if (sv == NULL)
- {
- CONFerr(CONF_F_CONF_LOAD_BIO,
- CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
- goto err;
- }
- section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
- continue;
- }
- else
- {
- pname=s;
- psection=NULL;
- end=eat_alpha_numeric(conf, s);
- if ((end[0] == ':') && (end[1] == ':'))
- {
- *end='\0';
- end+=2;
- psection=pname;
- pname=end;
- end=eat_alpha_numeric(conf, end);
- }
- p=eat_ws(conf, end);
- if (*p != '=')
- {
- CONFerr(CONF_F_CONF_LOAD_BIO,
- CONF_R_MISSING_EQUAL_SIGN);
- goto err;
- }
- *end='\0';
- p++;
- start=eat_ws(conf, p);
- while (!IS_EOF(conf,*p))
- p++;
- p--;
- while ((p != start) && (IS_WS(conf,*p)))
- p--;
- p++;
- *p='\0';
-
- if (!(v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))))
- {
- CONFerr(CONF_F_CONF_LOAD_BIO,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (psection == NULL) psection=section;
- v->name=(char *)OPENSSL_malloc(strlen(pname)+1);
- v->value=NULL;
- if (v->name == NULL)
- {
- CONFerr(CONF_F_CONF_LOAD_BIO,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- strcpy(v->name,pname);
- if (!str_copy(conf,psection,&(v->value),start)) goto err;
-
- if (strcmp(psection,section) != 0)
- {
- if ((tv=_CONF_get_section(conf,psection))
- == NULL)
- tv=_CONF_new_section(conf,psection);
- if (tv == NULL)
- {
- CONFerr(CONF_F_CONF_LOAD_BIO,
- CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
- goto err;
- }
- ts=(STACK_OF(CONF_VALUE) *)tv->value;
- }
- else
- {
- tv=sv;
- ts=section_sk;
- }
-#if 1
- if (_CONF_add_string(conf, tv, v) == 0)
- {
- CONFerr(CONF_F_CONF_LOAD_BIO,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-#else
- v->section=tv->section;
- if (!sk_CONF_VALUE_push(ts,v))
- {
- CONFerr(CONF_F_CONF_LOAD_BIO,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- vv=(CONF_VALUE *)lh_insert(conf->data,v);
- if (vv != NULL)
- {
- sk_CONF_VALUE_delete_ptr(ts,vv);
- OPENSSL_free(vv->name);
- OPENSSL_free(vv->value);
- OPENSSL_free(vv);
- }
-#endif
- v=NULL;
- }
- }
- if (buff != NULL) BUF_MEM_free(buff);
- if (section != NULL) OPENSSL_free(section);
- return(1);
-err:
- if (buff != NULL) BUF_MEM_free(buff);
- if (section != NULL) OPENSSL_free(section);
- if (line != NULL) *line=eline;
- sprintf(btmp,"%ld",eline);
- ERR_add_error_data(2,"line ",btmp);
- if ((h != conf->data) && (conf->data != NULL)) CONF_free(conf->data);
- if (v != NULL)
- {
- if (v->name != NULL) OPENSSL_free(v->name);
- if (v->value != NULL) OPENSSL_free(v->value);
- if (v != NULL) OPENSSL_free(v);
- }
- return(0);
- }
-
-static void clear_comments(CONF *conf, char *p)
- {
- char *to;
-
- to=p;
- for (;;)
- {
- if (IS_FCOMMENT(conf,*p))
- {
- *p='\0';
- return;
- }
- if (!IS_WS(conf,*p))
- {
- break;
- }
- p++;
- }
-
- for (;;)
- {
- if (IS_COMMENT(conf,*p))
- {
- *p='\0';
- return;
- }
- if (IS_DQUOTE(conf,*p))
- {
- p=scan_dquote(conf, p);
- continue;
- }
- if (IS_QUOTE(conf,*p))
- {
- p=scan_quote(conf, p);
- continue;
- }
- if (IS_ESC(conf,*p))
- {
- p=scan_esc(conf,p);
- continue;
- }
- if (IS_EOF(conf,*p))
- return;
- else
- p++;
- }
- }
-
-static int str_copy(CONF *conf, char *section, char **pto, char *from)
- {
- int q,r,rr=0,to=0,len=0;
- char *s,*e,*rp,*p,*rrp,*np,*cp,v;
- BUF_MEM *buf;
-
- if ((buf=BUF_MEM_new()) == NULL) return(0);
-
- len=strlen(from)+1;
- if (!BUF_MEM_grow(buf,len)) goto err;
-
- for (;;)
- {
- if (IS_QUOTE(conf,*from))
- {
- q= *from;
- from++;
- while (!IS_EOF(conf,*from) && (*from != q))
- {
- if (IS_ESC(conf,*from))
- {
- from++;
- if (IS_EOF(conf,*from)) break;
- }
- buf->data[to++]= *(from++);
- }
- if (*from == q) from++;
- }
- else if (IS_DQUOTE(conf,*from))
- {
- q= *from;
- from++;
- while (!IS_EOF(conf,*from))
- {
- if (*from == q)
- {
- if (*(from+1) == q)
- {
- from++;
- }
- else
- {
- break;
- }
- }
- buf->data[to++]= *(from++);
- }
- if (*from == q) from++;
- }
- else if (IS_ESC(conf,*from))
- {
- from++;
- v= *(from++);
- if (IS_EOF(conf,v)) break;
- else if (v == 'r') v='\r';
- else if (v == 'n') v='\n';
- else if (v == 'b') v='\b';
- else if (v == 't') v='\t';
- buf->data[to++]= v;
- }
- else if (IS_EOF(conf,*from))
- break;
- else if (*from == '$')
- {
- /* try to expand it */
- rrp=NULL;
- s= &(from[1]);
- if (*s == '{')
- q='}';
- else if (*s == '(')
- q=')';
- else q=0;
-
- if (q) s++;
- cp=section;
- e=np=s;
- while (IS_ALPHA_NUMERIC(conf,*e))
- e++;
- if ((e[0] == ':') && (e[1] == ':'))
- {
- cp=np;
- rrp=e;
- rr= *e;
- *rrp='\0';
- e+=2;
- np=e;
- while (IS_ALPHA_NUMERIC(conf,*e))
- e++;
- }
- r= *e;
- *e='\0';
- rp=e;
- if (q)
- {
- if (r != q)
- {
- CONFerr(CONF_F_STR_COPY,CONF_R_NO_CLOSE_BRACE);
- goto err;
- }
- e++;
- }
- /* So at this point we have
- * ns which is the start of the name string which is
- * '\0' terminated.
- * cs which is the start of the section string which is
- * '\0' terminated.
- * e is the 'next point after'.
- * r and s are the chars replaced by the '\0'
- * rp and sp is where 'r' and 's' came from.
- */
- p=_CONF_get_string(conf,cp,np);
- if (rrp != NULL) *rrp=rr;
- *rp=r;
- if (p == NULL)
- {
- CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE);
- goto err;
- }
- BUF_MEM_grow(buf,(strlen(p)+len-(e-from)));
- while (*p)
- buf->data[to++]= *(p++);
- from=e;
- }
- else
- buf->data[to++]= *(from++);
- }
- buf->data[to]='\0';
- if (*pto != NULL) OPENSSL_free(*pto);
- *pto=buf->data;
- OPENSSL_free(buf);
- return(1);
-err:
- if (buf != NULL) BUF_MEM_free(buf);
- return(0);
- }
-
-static char *eat_ws(CONF *conf, char *p)
- {
- while (IS_WS(conf,*p) && (!IS_EOF(conf,*p)))
- p++;
- return(p);
- }
-
-static char *eat_alpha_numeric(CONF *conf, char *p)
- {
- for (;;)
- {
- if (IS_ESC(conf,*p))
- {
- p=scan_esc(conf,p);
- continue;
- }
- if (!IS_ALPHA_NUMERIC_PUNCT(conf,*p))
- return(p);
- p++;
- }
- }
-
-static char *scan_quote(CONF *conf, char *p)
- {
- int q= *p;
-
- p++;
- while (!(IS_EOF(conf,*p)) && (*p != q))
- {
- if (IS_ESC(conf,*p))
- {
- p++;
- if (IS_EOF(conf,*p)) return(p);
- }
- p++;
- }
- if (*p == q) p++;
- return(p);
- }
-
-
-static char *scan_dquote(CONF *conf, char *p)
- {
- int q= *p;
-
- p++;
- while (!(IS_EOF(conf,*p)))
- {
- if (*p == q)
- {
- if (*(p+1) == q)
- {
- p++;
- }
- else
- {
- break;
- }
- }
- p++;
- }
- if (*p == q) p++;
- return(p);
- }
-
-static void dump_value(CONF_VALUE *a, BIO *out)
- {
- if (a->name)
- BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value);
- else
- BIO_printf(out, "[[%s]]\n", a->section);
- }
-
-static int def_dump(CONF *conf, BIO *out)
- {
- lh_doall_arg(conf->data, (void (*)())dump_value, out);
- return 1;
- }
-
-static int def_is_number(CONF *conf, char c)
- {
- return IS_NUMBER(conf,c);
- }
-
-static int def_to_int(CONF *conf, char c)
- {
- return c - '0';
- }
-
diff --git a/src/lib/libcrypto/conf/conf_def.h b/src/lib/libcrypto/conf/conf_def.h
deleted file mode 100644
index 3244d9a331..0000000000
--- a/src/lib/libcrypto/conf/conf_def.h
+++ /dev/null
@@ -1,145 +0,0 @@
-/* crypto/conf/conf_def.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* THIS FILE WAS AUTOMAGICALLY GENERATED!
- Please modify and use keysets.pl to regenerate it. */
-
-#define CONF_NUMBER 1
-#define CONF_UPPER 2
-#define CONF_LOWER 4
-#define CONF_UNDER 256
-#define CONF_PUNCTUATION 512
-#define CONF_WS 16
-#define CONF_ESC 32
-#define CONF_QUOTE 64
-#define CONF_DQUOTE 1024
-#define CONF_COMMENT 128
-#define CONF_FCOMMENT 2048
-#define CONF_EOF 8
-#define CONF_ALPHA (CONF_UPPER|CONF_LOWER)
-#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
-#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \
- CONF_PUNCTUATION)
-
-#define KEYTYPES(c) ((unsigned short *)((c)->meth_data))
-#ifndef CHARSET_EBCDIC
-#define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_COMMENT)
-#define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_FCOMMENT)
-#define IS_EOF(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_EOF)
-#define IS_ESC(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_ESC)
-#define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_NUMBER)
-#define IS_WS(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_WS)
-#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_ALPHA_NUMERIC)
-#define IS_ALPHA_NUMERIC_PUNCT(c,a) \
- (KEYTYPES(c)[(a)&0x7f]&CONF_ALPHA_NUMERIC_PUNCT)
-#define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_QUOTE)
-#define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_DQUOTE)
-
-#else /*CHARSET_EBCDIC*/
-
-#define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_COMMENT)
-#define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_FCOMMENT)
-#define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_EOF)
-#define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ESC)
-#define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_NUMBER)
-#define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_WS)
-#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC)
-#define IS_ALPHA_NUMERIC_PUNCT(c,a) \
- (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC_PUNCT)
-#define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_QUOTE)
-#define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_DQUOTE)
-#endif /*CHARSET_EBCDIC*/
-
-static unsigned short CONF_type_default[128]={
- 0x008,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
- 0x000,0x010,0x010,0x000,0x000,0x010,0x000,0x000,
- 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
- 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
- 0x010,0x200,0x040,0x080,0x000,0x200,0x200,0x040,
- 0x000,0x000,0x200,0x200,0x200,0x200,0x200,0x200,
- 0x001,0x001,0x001,0x001,0x001,0x001,0x001,0x001,
- 0x001,0x001,0x000,0x200,0x000,0x000,0x000,0x200,
- 0x200,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
- 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
- 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
- 0x002,0x002,0x002,0x000,0x020,0x000,0x200,0x100,
- 0x040,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
- 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
- 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
- 0x004,0x004,0x004,0x000,0x200,0x000,0x200,0x000,
- };
-
-static unsigned short CONF_type_win32[128]={
- 0x008,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
- 0x000,0x010,0x010,0x000,0x000,0x010,0x000,0x000,
- 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
- 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
- 0x010,0x200,0x400,0x000,0x000,0x200,0x200,0x000,
- 0x000,0x000,0x200,0x200,0x200,0x200,0x200,0x200,
- 0x001,0x001,0x001,0x001,0x001,0x001,0x001,0x001,
- 0x001,0x001,0x000,0xA00,0x000,0x000,0x000,0x200,
- 0x200,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
- 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
- 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
- 0x002,0x002,0x002,0x000,0x000,0x000,0x200,0x100,
- 0x000,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
- 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
- 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
- 0x004,0x004,0x004,0x000,0x200,0x000,0x200,0x000,
- };
-
diff --git a/src/lib/libcrypto/conf/conf_err.c b/src/lib/libcrypto/conf/conf_err.c
deleted file mode 100644
index 8c2bc6f1c4..0000000000
--- a/src/lib/libcrypto/conf/conf_err.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* crypto/conf/conf_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/conf.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA CONF_str_functs[]=
- {
-{ERR_PACK(0,CONF_F_CONF_DUMP_FP,0), "CONF_dump_fp"},
-{ERR_PACK(0,CONF_F_CONF_LOAD,0), "CONF_load"},
-{ERR_PACK(0,CONF_F_CONF_LOAD_BIO,0), "CONF_load_bio"},
-{ERR_PACK(0,CONF_F_CONF_LOAD_FP,0), "CONF_load_fp"},
-{ERR_PACK(0,CONF_F_NCONF_DUMP_BIO,0), "NCONF_dump_bio"},
-{ERR_PACK(0,CONF_F_NCONF_DUMP_FP,0), "NCONF_dump_fp"},
-{ERR_PACK(0,CONF_F_NCONF_GET_NUMBER,0), "NCONF_get_number"},
-{ERR_PACK(0,CONF_F_NCONF_GET_SECTION,0), "NCONF_get_section"},
-{ERR_PACK(0,CONF_F_NCONF_GET_STRING,0), "NCONF_get_string"},
-{ERR_PACK(0,CONF_F_NCONF_LOAD_BIO,0), "NCONF_load_bio"},
-{ERR_PACK(0,CONF_F_NCONF_NEW,0), "NCONF_new"},
-{ERR_PACK(0,CONF_F_STR_COPY,0), "STR_COPY"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA CONF_str_reasons[]=
- {
-{CONF_R_MISSING_CLOSE_SQUARE_BRACKET ,"missing close square bracket"},
-{CONF_R_MISSING_EQUAL_SIGN ,"missing equal sign"},
-{CONF_R_NO_CLOSE_BRACE ,"no close brace"},
-{CONF_R_NO_CONF ,"no conf"},
-{CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE ,"no conf or environment variable"},
-{CONF_R_NO_SECTION ,"no section"},
-{CONF_R_UNABLE_TO_CREATE_NEW_SECTION ,"unable to create new section"},
-{CONF_R_VARIABLE_HAS_NO_VALUE ,"variable has no value"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_CONF_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_CONF,CONF_str_functs);
- ERR_load_strings(ERR_LIB_CONF,CONF_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/conf/conf_lib.c b/src/lib/libcrypto/conf/conf_lib.c
deleted file mode 100644
index 11ec639732..0000000000
--- a/src/lib/libcrypto/conf/conf_lib.c
+++ /dev/null
@@ -1,392 +0,0 @@
-/* conf_lib.c */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/conf.h>
-#include <openssl/conf_api.h>
-#include <openssl/lhash.h>
-
-const char *CONF_version="CONF" OPENSSL_VERSION_PTEXT;
-
-static CONF_METHOD *default_CONF_method=NULL;
-
-/* The following section contains the "CONF classic" functions,
- rewritten in terms of the new CONF interface. */
-
-int CONF_set_default_method(CONF_METHOD *meth)
- {
- default_CONF_method = meth;
- return 1;
- }
-
-LHASH *CONF_load(LHASH *conf, const char *file, long *eline)
- {
- LHASH *ltmp;
- BIO *in=NULL;
-
-#ifdef VMS
- in=BIO_new_file(file, "r");
-#else
- in=BIO_new_file(file, "rb");
-#endif
- if (in == NULL)
- {
- CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
- return NULL;
- }
-
- ltmp = CONF_load_bio(conf, in, eline);
- BIO_free(in);
-
- return ltmp;
- }
-
-#ifndef NO_FP_API
-LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline)
- {
- BIO *btmp;
- LHASH *ltmp;
- if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
- CONFerr(CONF_F_CONF_LOAD_FP,ERR_R_BUF_LIB);
- return NULL;
- }
- ltmp = CONF_load_bio(conf, btmp, eline);
- BIO_free(btmp);
- return ltmp;
- }
-#endif
-
-LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline)
- {
- CONF ctmp;
- int ret;
-
- if (default_CONF_method == NULL)
- default_CONF_method = NCONF_default();
-
- default_CONF_method->init(&ctmp);
- ctmp.data = conf;
- ret = NCONF_load_bio(&ctmp, bp, eline);
- if (ret)
- return ctmp.data;
- return NULL;
- }
-
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,char *section)
- {
- if (conf == NULL)
- {
- return NULL;
- }
- else
- {
- CONF ctmp;
-
- if (default_CONF_method == NULL)
- default_CONF_method = NCONF_default();
-
- default_CONF_method->init(&ctmp);
- ctmp.data = conf;
- return NCONF_get_section(&ctmp, section);
- }
- }
-
-char *CONF_get_string(LHASH *conf,char *group,char *name)
- {
- if (conf == NULL)
- {
- return NCONF_get_string(NULL, group, name);
- }
- else
- {
- CONF ctmp;
-
- if (default_CONF_method == NULL)
- default_CONF_method = NCONF_default();
-
- default_CONF_method->init(&ctmp);
- ctmp.data = conf;
- return NCONF_get_string(&ctmp, group, name);
- }
- }
-
-long CONF_get_number(LHASH *conf,char *group,char *name)
- {
- if (conf == NULL)
- {
- return NCONF_get_number(NULL, group, name);
- }
- else
- {
- CONF ctmp;
-
- if (default_CONF_method == NULL)
- default_CONF_method = NCONF_default();
-
- default_CONF_method->init(&ctmp);
- ctmp.data = conf;
- return NCONF_get_number(&ctmp, group, name);
- }
- }
-
-void CONF_free(LHASH *conf)
- {
- CONF ctmp;
-
- if (default_CONF_method == NULL)
- default_CONF_method = NCONF_default();
-
- default_CONF_method->init(&ctmp);
- ctmp.data = conf;
- NCONF_free_data(&ctmp);
- }
-
-#ifndef NO_FP_API
-int CONF_dump_fp(LHASH *conf, FILE *out)
- {
- BIO *btmp;
- int ret;
-
- if(!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
- CONFerr(CONF_F_CONF_DUMP_FP,ERR_R_BUF_LIB);
- return 0;
- }
- ret = CONF_dump_bio(conf, btmp);
- BIO_free(btmp);
- return ret;
- }
-#endif
-
-int CONF_dump_bio(LHASH *conf, BIO *out)
- {
- CONF ctmp;
-
- if (default_CONF_method == NULL)
- default_CONF_method = NCONF_default();
-
- default_CONF_method->init(&ctmp);
- ctmp.data = conf;
- return NCONF_dump_bio(&ctmp, out);
- }
-
-/* The following section contains the "New CONF" functions. They are
- completely centralised around a new CONF structure that may contain
- basically anything, but at least a method pointer and a table of data.
- These functions are also written in terms of the bridge functions used
- by the "CONF classic" functions, for consistency. */
-
-CONF *NCONF_new(CONF_METHOD *meth)
- {
- CONF *ret;
-
- if (meth == NULL)
- meth = NCONF_default();
-
- ret = meth->create(meth);
- if (ret == NULL)
- {
- CONFerr(CONF_F_NCONF_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
-
- return ret;
- }
-
-void NCONF_free(CONF *conf)
- {
- if (conf == NULL)
- return;
- conf->meth->destroy(conf);
- }
-
-void NCONF_free_data(CONF *conf)
- {
- if (conf == NULL)
- return;
- conf->meth->destroy_data(conf);
- }
-
-int NCONF_load(CONF *conf, const char *file, long *eline)
- {
- int ret;
- BIO *in=NULL;
-
-#ifdef VMS
- in=BIO_new_file(file, "r");
-#else
- in=BIO_new_file(file, "rb");
-#endif
- if (in == NULL)
- {
- CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
- return 0;
- }
-
- ret = NCONF_load_bio(conf, in, eline);
- BIO_free(in);
-
- return ret;
- }
-
-#ifndef NO_FP_API
-int NCONF_load_fp(CONF *conf, FILE *fp,long *eline)
- {
- BIO *btmp;
- int ret;
- if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE)))
- {
- CONFerr(CONF_F_CONF_LOAD_FP,ERR_R_BUF_LIB);
- return 0;
- }
- ret = NCONF_load_bio(conf, btmp, eline);
- BIO_free(btmp);
- return ret;
- }
-#endif
-
-int NCONF_load_bio(CONF *conf, BIO *bp,long *eline)
- {
- if (conf == NULL)
- {
- CONFerr(CONF_F_NCONF_LOAD_BIO,CONF_R_NO_CONF);
- return 0;
- }
-
- return conf->meth->load(conf, bp, eline);
- }
-
-STACK_OF(CONF_VALUE) *NCONF_get_section(CONF *conf,char *section)
- {
- if (conf == NULL)
- {
- CONFerr(CONF_F_NCONF_GET_SECTION,CONF_R_NO_CONF);
- return NULL;
- }
-
- if (section == NULL)
- {
- CONFerr(CONF_F_NCONF_GET_SECTION,CONF_R_NO_SECTION);
- return NULL;
- }
-
- return _CONF_get_section_values(conf, section);
- }
-
-char *NCONF_get_string(CONF *conf,char *group,char *name)
- {
- char *s = _CONF_get_string(conf, group, name);
-
- /* Since we may get a value from an environment variable even
- if conf is NULL, let's check the value first */
- if (s) return s;
-
- if (conf == NULL)
- {
- CONFerr(CONF_F_NCONF_GET_STRING,
- CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE);
- return NULL;
- }
- return NULL;
- }
-
-long NCONF_get_number(CONF *conf,char *group,char *name)
- {
-#if 0 /* As with _CONF_get_string(), we rely on the possibility of finding
- an environment variable with a suitable name. Unfortunately, there's
- no way with the current API to see if we found one or not...
- The meaning of this is that if a number is not found anywhere, it
- will always default to 0. */
- if (conf == NULL)
- {
- CONFerr(CONF_F_NCONF_GET_NUMBER,
- CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE);
- return 0;
- }
-#endif
-
- return _CONF_get_number(conf, group, name);
- }
-
-#ifndef NO_FP_API
-int NCONF_dump_fp(CONF *conf, FILE *out)
- {
- BIO *btmp;
- int ret;
- if(!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
- CONFerr(CONF_F_NCONF_DUMP_FP,ERR_R_BUF_LIB);
- return 0;
- }
- ret = NCONF_dump_bio(conf, btmp);
- BIO_free(btmp);
- return ret;
- }
-#endif
-
-int NCONF_dump_bio(CONF *conf, BIO *out)
- {
- if (conf == NULL)
- {
- CONFerr(CONF_F_NCONF_DUMP_BIO,CONF_R_NO_CONF);
- return 0;
- }
-
- return conf->meth->dump(conf, out);
- }
-
diff --git a/src/lib/libcrypto/conf/keysets.pl b/src/lib/libcrypto/conf/keysets.pl
deleted file mode 100644
index 56669e76ac..0000000000
--- a/src/lib/libcrypto/conf/keysets.pl
+++ /dev/null
@@ -1,179 +0,0 @@
-#!/usr/local/bin/perl
-
-$NUMBER=0x01;
-$UPPER=0x02;
-$LOWER=0x04;
-$UNDER=0x100;
-$PUNCTUATION=0x200;
-$WS=0x10;
-$ESC=0x20;
-$QUOTE=0x40;
-$DQUOTE=0x400;
-$COMMENT=0x80;
-$FCOMMENT=0x800;
-$EOF=0x08;
-
-foreach (0 .. 127)
- {
- $v=0;
- $c=sprintf("%c",$_);
- $v|=$NUMBER if ($c =~ /[0-9]/);
- $v|=$UPPER if ($c =~ /[A-Z]/);
- $v|=$LOWER if ($c =~ /[a-z]/);
- $v|=$UNDER if ($c =~ /_/);
- $v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/);
- $v|=$WS if ($c =~ /[ \t\r\n]/);
- $v|=$ESC if ($c =~ /\\/);
- $v|=$QUOTE if ($c =~ /['`"]/); # for emacs: "`'}/)
- $v|=$COMMENT if ($c =~ /\#/);
- $v|=$EOF if ($c =~ /\0/);
-
- push(@V_def,$v);
- }
-
-foreach (0 .. 127)
- {
- $v=0;
- $c=sprintf("%c",$_);
- $v|=$NUMBER if ($c =~ /[0-9]/);
- $v|=$UPPER if ($c =~ /[A-Z]/);
- $v|=$LOWER if ($c =~ /[a-z]/);
- $v|=$UNDER if ($c =~ /_/);
- $v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/);
- $v|=$WS if ($c =~ /[ \t\r\n]/);
- $v|=$DQUOTE if ($c =~ /["]/); # for emacs: "}/)
- $v|=$FCOMMENT if ($c =~ /;/);
- $v|=$EOF if ($c =~ /\0/);
-
- push(@V_w32,$v);
- }
-
-print <<"EOF";
-/* crypto/conf/conf_def.h */
-/* Copyright (C) 1995-1998 Eric Young (eay\@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay\@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh\@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay\@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh\@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* THIS FILE WAS AUTOMAGICALLY GENERATED!
- Please modify and use keysets.pl to regenerate it. */
-
-#define CONF_NUMBER $NUMBER
-#define CONF_UPPER $UPPER
-#define CONF_LOWER $LOWER
-#define CONF_UNDER $UNDER
-#define CONF_PUNCTUATION $PUNCTUATION
-#define CONF_WS $WS
-#define CONF_ESC $ESC
-#define CONF_QUOTE $QUOTE
-#define CONF_DQUOTE $DQUOTE
-#define CONF_COMMENT $COMMENT
-#define CONF_FCOMMENT $FCOMMENT
-#define CONF_EOF $EOF
-#define CONF_ALPHA (CONF_UPPER|CONF_LOWER)
-#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
-#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \\
- CONF_PUNCTUATION)
-
-#define KEYTYPES(c) ((unsigned short *)((c)->meth_data))
-#ifndef CHARSET_EBCDIC
-#define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_COMMENT)
-#define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_FCOMMENT)
-#define IS_EOF(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_EOF)
-#define IS_ESC(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_ESC)
-#define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_NUMBER)
-#define IS_WS(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_WS)
-#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_ALPHA_NUMERIC)
-#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
- (KEYTYPES(c)[(a)&0x7f]&CONF_ALPHA_NUMERIC_PUNCT)
-#define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_QUOTE)
-#define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_DQUOTE)
-
-#else /*CHARSET_EBCDIC*/
-
-#define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_COMMENT)
-#define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_FCOMMENT)
-#define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_EOF)
-#define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ESC)
-#define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_NUMBER)
-#define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_WS)
-#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC)
-#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
- (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC_PUNCT)
-#define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_QUOTE)
-#define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_DQUOTE)
-#endif /*CHARSET_EBCDIC*/
-
-EOF
-
-print "static unsigned short CONF_type_default[128]={";
-
-for ($i=0; $i<128; $i++)
- {
- print "\n\t" if ($i % 8) == 0;
- printf "0x%03X,",$V_def[$i];
- }
-
-print "\n\t};\n\n";
-
-print "static unsigned short CONF_type_win32[128]={";
-
-for ($i=0; $i<128; $i++)
- {
- print "\n\t" if ($i % 8) == 0;
- printf "0x%03X,",$V_w32[$i];
- }
-
-print "\n\t};\n\n";
diff --git a/src/lib/libcrypto/conf/ssleay.cnf b/src/lib/libcrypto/conf/ssleay.cnf
deleted file mode 100644
index ed33af601e..0000000000
--- a/src/lib/libcrypto/conf/ssleay.cnf
+++ /dev/null
@@ -1,78 +0,0 @@
-#
-# This is a test configuration file for use in SSLeay etc...
-#
-
-init = 5
-in\#it1 =10
-init2='10'
-init3='10\''
-init4="10'"
-init5='='10\'' again'
-
-SSLeay::version = 0.5.0
-
-[genrsa]
-default_bits = 512
-SSLEAY::version = 0.5.0
-
-[gendh]
-default_bits = 512
-def_generator = 2
-
-[s_client]
-cipher1 = DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5\
-cipher2 = 'DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5'
-cipher3 = "DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5"
-cipher4 = DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5
-
-[ default ]
-cert_dir = $ENV::HOME/.ca_certs
-
-HOME = /tmp/eay
-
-tmp_cert_dir = $HOME/.ca_certs
-tmp2_cert_dir = thisis$(HOME)stuff
-
-LOGNAME = Eric Young (home=$HOME)
-
-[ special ]
-
-H=$HOME
-H=$default::HOME
-H=$ENV::HOME
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE = $HOME/.rand
-
-[ req ]
-default_bits = 512
-default_keyfile = privkey.pem
-
-Attribute_type_1 = countryName
-Attribute_text_1 = Country Name (2 letter code)
-Attribute_default_1 = AU
-
-Attribute_type_2 = stateOrProvinceName
-Attribute_text_2 = State or Province Name (full name)
-Attribute_default_2 = Queensland
-
-Attribute_type_3 = localityName
-Attribute_text_3 = Locality Name (eg, city)
-
-Attribute_type_4 = organizationName
-Attribute_text_4 = Organization Name (eg, company)
-Attribute_default_4 = Mincom Pty Ltd
-
-Attribute_type_5 = organizationalUnitName
-Attribute_text_5 = Organizational Unit Name (eg, section)
-Attribute_default_5 = TR
-
-Attribute_type_6 = commonName
-Attribute_text_6 = Common Name (eg, YOUR name)
-
-Attribute_type_7 = emailAddress
-Attribute_text_7 = Email Address
-
diff --git a/src/lib/libcrypto/cpt_err.c b/src/lib/libcrypto/cpt_err.c
deleted file mode 100644
index 7018b74ca0..0000000000
--- a/src/lib/libcrypto/cpt_err.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* crypto/cpt_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/crypto.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA CRYPTO_str_functs[]=
- {
-{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,0), "CRYPTO_get_ex_new_index"},
-{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,0), "CRYPTO_get_new_dynlockid"},
-{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_LOCKID,0), "CRYPTO_get_new_lockid"},
-{ERR_PACK(0,CRYPTO_F_CRYPTO_SET_EX_DATA,0), "CRYPTO_set_ex_data"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA CRYPTO_str_reasons[]=
- {
-{CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK ,"no dynlock create callback"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_CRYPTO_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_functs);
- ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/cryptlib.c b/src/lib/libcrypto/cryptlib.c
deleted file mode 100644
index a7a9262133..0000000000
--- a/src/lib/libcrypto/cryptlib.c
+++ /dev/null
@@ -1,489 +0,0 @@
-/* crypto/cryptlib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/safestack.h>
-
-#if defined(WIN32) || defined(WIN16)
-static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */
-#endif
-
-DECLARE_STACK_OF(CRYPTO_dynlock)
-IMPLEMENT_STACK_OF(CRYPTO_dynlock)
-
-/* real #defines in crypto.h, keep these upto date */
-static const char* lock_names[CRYPTO_NUM_LOCKS] =
- {
- "<<ERROR>>",
- "err",
- "err_hash",
- "x509",
- "x509_info",
- "x509_pkey",
- "x509_crl",
- "x509_req",
- "dsa",
- "rsa",
- "evp_pkey",
- "x509_store",
- "ssl_ctx",
- "ssl_cert",
- "ssl_session",
- "ssl_sess_cert",
- "ssl",
- "rand",
- "debug_malloc",
- "BIO",
- "gethostbyname",
- "getservbyname",
- "readdir",
- "RSA_blinding",
- "dh",
- "debug_malloc2",
- "dso",
- "dynlock",
- "engine",
-#if CRYPTO_NUM_LOCKS != 29
-# error "Inconsistency between crypto.h and cryptlib.c"
-#endif
- };
-
-/* This is for applications to allocate new type names in the non-dynamic
- array of lock names. These are numbered with positive numbers. */
-static STACK *app_locks=NULL;
-
-/* For applications that want a more dynamic way of handling threads, the
- following stack is used. These are externally numbered with negative
- numbers. */
-static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL;
-
-
-static void (MS_FAR *locking_callback)(int mode,int type,
- const char *file,int line)=NULL;
-static int (MS_FAR *add_lock_callback)(int *pointer,int amount,
- int type,const char *file,int line)=NULL;
-static unsigned long (MS_FAR *id_callback)(void)=NULL;
-static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback)
- (const char *file,int line)=NULL;
-static void (MS_FAR *dynlock_lock_callback)(int mode,
- struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL;
-static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l,
- const char *file,int line)=NULL;
-
-int CRYPTO_get_new_lockid(char *name)
- {
- char *str;
- int i;
-
- /* A hack to make Visual C++ 5.0 work correctly when linking as
- * a DLL using /MT. Without this, the application cannot use
- * and floating point printf's.
- * It also seems to be needed for Visual C 1.5 (win16) */
-#if defined(WIN32) || defined(WIN16)
- SSLeay_MSVC5_hack=(double)name[0]*(double)name[1];
-#endif
-
- if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL))
- {
- CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- if ((str=BUF_strdup(name)) == NULL)
- {
- CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- i=sk_push(app_locks,str);
- if (!i)
- OPENSSL_free(str);
- else
- i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */
- return(i);
- }
-
-int CRYPTO_num_locks(void)
- {
- return CRYPTO_NUM_LOCKS;
- }
-
-int CRYPTO_get_new_dynlockid(void)
- {
- int i = 0;
- CRYPTO_dynlock *pointer = NULL;
-
- if (dynlock_create_callback == NULL)
- {
- CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK);
- return(0);
- }
- CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
- if ((dyn_locks == NULL)
- && ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL))
- {
- CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
- CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
- pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock));
- if (pointer == NULL)
- {
- CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- pointer->references = 1;
- pointer->data = dynlock_create_callback(__FILE__,__LINE__);
- if (pointer->data == NULL)
- {
- OPENSSL_free(pointer);
- CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
- return(0);
- }
-
- CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
- /* First, try to find an existing empty slot */
- i=sk_CRYPTO_dynlock_find(dyn_locks,NULL);
- /* If there was none, push, thereby creating a new one */
- if (i == -1)
- i=sk_CRYPTO_dynlock_push(dyn_locks,pointer);
- CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
- if (!i)
- {
- dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
- OPENSSL_free(pointer);
- }
- else
- i += 1; /* to avoid 0 */
- return -i;
- }
-
-void CRYPTO_destroy_dynlockid(int i)
- {
- CRYPTO_dynlock *pointer = NULL;
- if (i)
- i = -i-1;
- if (dynlock_destroy_callback == NULL)
- return;
-
- CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-
- if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks))
- return;
- pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
- if (pointer != NULL)
- {
- --pointer->references;
-#ifdef REF_CHECK
- if (pointer->references < 0)
- {
- fprintf(stderr,"CRYPTO_destroy_dynlockid, bad reference count\n");
- abort();
- }
- else
-#endif
- if (pointer->references <= 0)
- {
- sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
- }
- else
- pointer = NULL;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
- if (pointer)
- {
- dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
- OPENSSL_free(pointer);
- }
- }
-
-struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i)
- {
- CRYPTO_dynlock *pointer = NULL;
- if (i)
- i = -i-1;
-
- CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-
- if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks))
- pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
- if (pointer)
- pointer->references++;
-
- CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
- if (pointer)
- return pointer->data;
- return NULL;
- }
-
-struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))
- (const char *file,int line)
- {
- return(dynlock_create_callback);
- }
-
-void (*CRYPTO_get_dynlock_lock_callback(void))(int mode,
- struct CRYPTO_dynlock_value *l, const char *file,int line)
- {
- return(dynlock_lock_callback);
- }
-
-void (*CRYPTO_get_dynlock_destroy_callback(void))
- (struct CRYPTO_dynlock_value *l, const char *file,int line)
- {
- return(dynlock_destroy_callback);
- }
-
-void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func)
- (const char *file, int line))
- {
- dynlock_create_callback=func;
- }
-
-void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode,
- struct CRYPTO_dynlock_value *l, const char *file, int line))
- {
- dynlock_lock_callback=func;
- }
-
-void CRYPTO_set_dynlock_destroy_callback(void (*func)
- (struct CRYPTO_dynlock_value *l, const char *file, int line))
- {
- dynlock_destroy_callback=func;
- }
-
-
-void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file,
- int line)
- {
- return(locking_callback);
- }
-
-int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
- const char *file,int line)
- {
- return(add_lock_callback);
- }
-
-void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
- const char *file,int line))
- {
- locking_callback=func;
- }
-
-void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
- const char *file,int line))
- {
- add_lock_callback=func;
- }
-
-unsigned long (*CRYPTO_get_id_callback(void))(void)
- {
- return(id_callback);
- }
-
-void CRYPTO_set_id_callback(unsigned long (*func)(void))
- {
- id_callback=func;
- }
-
-unsigned long CRYPTO_thread_id(void)
- {
- unsigned long ret=0;
-
- if (id_callback == NULL)
- {
-#ifdef WIN16
- ret=(unsigned long)GetCurrentTask();
-#elif defined(WIN32)
- ret=(unsigned long)GetCurrentThreadId();
-#elif defined(GETPID_IS_MEANINGLESS)
- ret=1L;
-#else
- ret=(unsigned long)getpid();
-#endif
- }
- else
- ret=id_callback();
- return(ret);
- }
-
-void CRYPTO_lock(int mode, int type, const char *file, int line)
- {
-#ifdef LOCK_DEBUG
- {
- char *rw_text,*operation_text;
-
- if (mode & CRYPTO_LOCK)
- operation_text="lock ";
- else if (mode & CRYPTO_UNLOCK)
- operation_text="unlock";
- else
- operation_text="ERROR ";
-
- if (mode & CRYPTO_READ)
- rw_text="r";
- else if (mode & CRYPTO_WRITE)
- rw_text="w";
- else
- rw_text="ERROR";
-
- fprintf(stderr,"lock:%08lx:(%s)%s %-18s %s:%d\n",
- CRYPTO_thread_id(), rw_text, operation_text,
- CRYPTO_get_lock_name(type), file, line);
- }
-#endif
- if (type < 0)
- {
- struct CRYPTO_dynlock_value *pointer
- = CRYPTO_get_dynlock_value(type);
-
- if (pointer && dynlock_lock_callback)
- {
- dynlock_lock_callback(mode, pointer, file, line);
- }
-
- CRYPTO_destroy_dynlockid(type);
- }
- else
- if (locking_callback != NULL)
- locking_callback(mode,type,file,line);
- }
-
-int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
- int line)
- {
- int ret = 0;
-
- if (add_lock_callback != NULL)
- {
-#ifdef LOCK_DEBUG
- int before= *pointer;
-#endif
-
- ret=add_lock_callback(pointer,amount,type,file,line);
-#ifdef LOCK_DEBUG
- fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
- CRYPTO_thread_id(),
- before,amount,ret,
- CRYPTO_get_lock_name(type),
- file,line);
-#endif
- }
- else
- {
- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,file,line);
-
- ret= *pointer+amount;
-#ifdef LOCK_DEBUG
- fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
- CRYPTO_thread_id(),
- *pointer,amount,ret,
- CRYPTO_get_lock_name(type),
- file,line);
-#endif
- *pointer=ret;
- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file,line);
- }
- return(ret);
- }
-
-const char *CRYPTO_get_lock_name(int type)
- {
- if (type < 0)
- return("dynamic");
- else if (type < CRYPTO_NUM_LOCKS)
- return(lock_names[type]);
- else if (type-CRYPTO_NUM_LOCKS >= sk_num(app_locks))
- return("ERROR");
- else
- return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
- }
-
-#ifdef _DLL
-#ifdef WIN32
-
-/* All we really need to do is remove the 'error' state when a thread
- * detaches */
-
-BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason,
- LPVOID lpvReserved)
- {
- switch(fdwReason)
- {
- case DLL_PROCESS_ATTACH:
- break;
- case DLL_THREAD_ATTACH:
- break;
- case DLL_THREAD_DETACH:
- ERR_remove_state(0);
- break;
- case DLL_PROCESS_DETACH:
- break;
- }
- return(TRUE);
- }
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/cryptlib.h b/src/lib/libcrypto/cryptlib.h
deleted file mode 100644
index 5eff5d3141..0000000000
--- a/src/lib/libcrypto/cryptlib.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/cryptlib.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CRYPTLIB_H
-#define HEADER_CRYPTLIB_H
-
-#include <stdlib.h>
-#include <string.h>
-
-#include "openssl/e_os.h"
-
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/opensslconf.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifndef VMS
-#define X509_CERT_AREA OPENSSLDIR
-#define X509_CERT_DIR OPENSSLDIR "/certs"
-#define X509_CERT_FILE OPENSSLDIR "/cert.pem"
-#define X509_PRIVATE_DIR OPENSSLDIR "/private"
-#else
-#define X509_CERT_AREA "SSLROOT:[000000]"
-#define X509_CERT_DIR "SSLCERTS:"
-#define X509_CERT_FILE "SSLCERTS:cert.pem"
-#define X509_PRIVATE_DIR "SSLPRIVATE:"
-#endif
-
-#define X509_CERT_DIR_EVP "SSL_CERT_DIR"
-#define X509_CERT_FILE_EVP "SSL_CERT_FILE"
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h
deleted file mode 100644
index 9257673279..0000000000
--- a/src/lib/libcrypto/crypto.h
+++ /dev/null
@@ -1,403 +0,0 @@
-/* crypto/crypto.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CRYPTO_H
-#define HEADER_CRYPTO_H
-
-#include <stdlib.h>
-
-#ifndef NO_FP_API
-#include <stdio.h>
-#endif
-
-#include <openssl/stack.h>
-#include <openssl/safestack.h>
-#include <openssl/opensslv.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-/* Resolve problems on some operating systems with symbol names that clash
- one way or another */
-#include <openssl/symhacks.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Backward compatibility to SSLeay */
-/* This is more to be used to check the correct DLL is being used
- * in the MS world. */
-#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
-#define SSLEAY_VERSION 0
-/* #define SSLEAY_OPTIONS 1 no longer supported */
-#define SSLEAY_CFLAGS 2
-#define SSLEAY_BUILT_ON 3
-#define SSLEAY_PLATFORM 4
-
-/* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
- * names in cryptlib.c
- */
-
-#define CRYPTO_LOCK_ERR 1
-#define CRYPTO_LOCK_ERR_HASH 2
-#define CRYPTO_LOCK_X509 3
-#define CRYPTO_LOCK_X509_INFO 4
-#define CRYPTO_LOCK_X509_PKEY 5
-#define CRYPTO_LOCK_X509_CRL 6
-#define CRYPTO_LOCK_X509_REQ 7
-#define CRYPTO_LOCK_DSA 8
-#define CRYPTO_LOCK_RSA 9
-#define CRYPTO_LOCK_EVP_PKEY 10
-#define CRYPTO_LOCK_X509_STORE 11
-#define CRYPTO_LOCK_SSL_CTX 12
-#define CRYPTO_LOCK_SSL_CERT 13
-#define CRYPTO_LOCK_SSL_SESSION 14
-#define CRYPTO_LOCK_SSL_SESS_CERT 15
-#define CRYPTO_LOCK_SSL 16
-#define CRYPTO_LOCK_RAND 17
-#define CRYPTO_LOCK_MALLOC 18
-#define CRYPTO_LOCK_BIO 19
-#define CRYPTO_LOCK_GETHOSTBYNAME 20
-#define CRYPTO_LOCK_GETSERVBYNAME 21
-#define CRYPTO_LOCK_READDIR 22
-#define CRYPTO_LOCK_RSA_BLINDING 23
-#define CRYPTO_LOCK_DH 24
-#define CRYPTO_LOCK_MALLOC2 25
-#define CRYPTO_LOCK_DSO 26
-#define CRYPTO_LOCK_DYNLOCK 27
-#define CRYPTO_LOCK_ENGINE 28
-#define CRYPTO_NUM_LOCKS 29
-
-#define CRYPTO_LOCK 1
-#define CRYPTO_UNLOCK 2
-#define CRYPTO_READ 4
-#define CRYPTO_WRITE 8
-
-#ifndef NO_LOCKING
-#ifndef CRYPTO_w_lock
-#define CRYPTO_w_lock(type) \
- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-#define CRYPTO_w_unlock(type) \
- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-#define CRYPTO_r_lock(type) \
- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-#define CRYPTO_r_unlock(type) \
- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-#define CRYPTO_add(addr,amount,type) \
- CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
-#endif
-#else
-#define CRYPTO_w_lock(a)
-#define CRYPTO_w_unlock(a)
-#define CRYPTO_r_lock(a)
-#define CRYPTO_r_unlock(a)
-#define CRYPTO_add(a,b,c) ((*(a))+=(b))
-#endif
-
-/* Some applications as well as some parts of OpenSSL need to allocate
- and deallocate locks in a dynamic fashion. The following typedef
- makes this possible in a type-safe manner. */
-/* struct CRYPTO_dynlock_value has to be defined by the application. */
-typedef struct
- {
- int references;
- struct CRYPTO_dynlock_value *data;
- } CRYPTO_dynlock;
-
-
-/* The following can be used to detect memory leaks in the SSLeay library.
- * It used, it turns on malloc checking */
-
-#define CRYPTO_MEM_CHECK_OFF 0x0 /* an enume */
-#define CRYPTO_MEM_CHECK_ON 0x1 /* a bit */
-#define CRYPTO_MEM_CHECK_ENABLE 0x2 /* a bit */
-#define CRYPTO_MEM_CHECK_DISABLE 0x3 /* an enume */
-
-/* The following are bit values to turn on or off options connected to the
- * malloc checking functionality */
-
-/* Adds time to the memory checking information */
-#define V_CRYPTO_MDEBUG_TIME 0x1 /* a bit */
-/* Adds thread number to the memory checking information */
-#define V_CRYPTO_MDEBUG_THREAD 0x2 /* a bit */
-
-#define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
-
-
-/* predec of the BIO type */
-typedef struct bio_st BIO_dummy;
-
-typedef struct crypto_ex_data_st
- {
- STACK *sk;
- int dummy; /* gcc is screwing up this data structure :-( */
- } CRYPTO_EX_DATA;
-
-/* Called when a new object is created */
-typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp);
-/* Called when an object is free()ed */
-typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp);
-/* Called when we need to dup an object */
-typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
- int idx, long argl, void *argp);
-
-/* This stuff is basically class callback functions
- * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
-
-typedef struct crypto_ex_data_func_st
- {
- long argl; /* Arbitary long */
- void *argp; /* Arbitary void * */
- CRYPTO_EX_new *new_func;
- CRYPTO_EX_free *free_func;
- CRYPTO_EX_dup *dup_func;
- } CRYPTO_EX_DATA_FUNCS;
-
-DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
-
-/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
- * entry.
- */
-
-#define CRYPTO_EX_INDEX_BIO 0
-#define CRYPTO_EX_INDEX_SSL 1
-#define CRYPTO_EX_INDEX_SSL_CTX 2
-#define CRYPTO_EX_INDEX_SSL_SESSION 3
-#define CRYPTO_EX_INDEX_X509_STORE 4
-#define CRYPTO_EX_INDEX_X509_STORE_CTX 5
-
-
-/* This is the default callbacks, but we can have others as well:
- * this is needed in Win32 where the application malloc and the
- * library malloc may not be the same.
- */
-#define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\
- malloc, realloc, free)
-
-#if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
-# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */
-# define CRYPTO_MDEBUG
-# endif
-#endif
-
-/* Set standard debugging functions (not done by default
- * unless CRYPTO_MDEBUG is defined) */
-#define CRYPTO_malloc_debug_init() do {\
- CRYPTO_set_mem_debug_functions(\
- CRYPTO_dbg_malloc,\
- CRYPTO_dbg_realloc,\
- CRYPTO_dbg_free,\
- CRYPTO_dbg_set_options,\
- CRYPTO_dbg_get_options);\
- } while(0)
-
-int CRYPTO_mem_ctrl(int mode);
-int CRYPTO_is_mem_check_on(void);
-
-/* for applications */
-#define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
-#define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
-
-/* for library-internal use */
-#define MemCheck_on() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE)
-#define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
-#define is_MemCheck_on() CRYPTO_is_mem_check_on()
-
-#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)
-#define OPENSSL_realloc(addr,num) \
- CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
-#define OPENSSL_remalloc(addr,num) \
- CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
-#define OPENSSL_freeFunc CRYPTO_free
-#define OPENSSL_free(addr) CRYPTO_free(addr)
-
-#define OPENSSL_malloc_locked(num) \
- CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
-#define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
-
-
-const char *SSLeay_version(int type);
-unsigned long SSLeay(void);
-
-int OPENSSL_issetugid(void);
-
-int CRYPTO_get_ex_new_index(int idx, STACK_OF(CRYPTO_EX_DATA_FUNCS) **skp, long argl, void *argp,
- CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
-void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad,int idx);
-int CRYPTO_dup_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, CRYPTO_EX_DATA *to,
- CRYPTO_EX_DATA *from);
-void CRYPTO_free_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad);
-void CRYPTO_new_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad);
-
-int CRYPTO_get_new_lockid(char *name);
-
-int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */
-void CRYPTO_lock(int mode, int type,const char *file,int line);
-void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
- const char *file,int line));
-void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file,
- int line);
-void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
- const char *file, int line));
-int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
- const char *file,int line);
-void CRYPTO_set_id_callback(unsigned long (*func)(void));
-unsigned long (*CRYPTO_get_id_callback(void))(void);
-unsigned long CRYPTO_thread_id(void);
-const char *CRYPTO_get_lock_name(int type);
-int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file,
- int line);
-
-int CRYPTO_get_new_dynlockid(void);
-void CRYPTO_destroy_dynlockid(int i);
-struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
-void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*dyn_create_function)(const char *file, int line));
-void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line));
-void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l, const char *file, int line));
-struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))(const char *file,int line);
-void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, struct CRYPTO_dynlock_value *l, const char *file,int line);
-void (*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l, const char *file,int line);
-
-/* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions --
- * call the latter last if you need different functions */
-int CRYPTO_set_mem_functions(void *(*m)(size_t),void *(*r)(void *,size_t), void (*f)(void *));
-int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*free_func)(void *));
-int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int),
- void (*r)(void *,void *,int,const char *,int,int),
- void (*f)(void *,int),
- void (*so)(long),
- long (*go)(void));
-void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *));
-void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *));
-void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
- void (**r)(void *,void *,int,const char *,int,int),
- void (**f)(void *,int),
- void (**so)(long),
- long (**go)(void));
-
-void *CRYPTO_malloc_locked(int num, const char *file, int line);
-void CRYPTO_free_locked(void *);
-void *CRYPTO_malloc(int num, const char *file, int line);
-void CRYPTO_free(void *);
-void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
-void *CRYPTO_remalloc(void *addr,int num, const char *file, int line);
-
-void CRYPTO_set_mem_debug_options(long bits);
-long CRYPTO_get_mem_debug_options(void);
-
-#define CRYPTO_push_info(info) \
- CRYPTO_push_info_(info, __FILE__, __LINE__);
-int CRYPTO_push_info_(const char *info, const char *file, int line);
-int CRYPTO_pop_info(void);
-int CRYPTO_remove_all_info(void);
-
-/* The last argument has the following significance:
- *
- * 0: called before the actual memory allocation has taken place
- * 1: called after the actual memory allocation has taken place
- */
-void CRYPTO_dbg_malloc(void *addr,int num,const char *file,int line,int before_p);
-void CRYPTO_dbg_realloc(void *addr1,void *addr2,int num,const char *file,int line,int before_p);
-void CRYPTO_dbg_free(void *addr,int before_p);
-
-/* Tell the debugging code about options. By default, the following values
- * apply:
- *
- * 0: Clear all options.
- * 1: Set the "Show Time" option.
- * 2: Set the "Show Thread Number" option.
- * 3: 1 + 2
- */
-void CRYPTO_dbg_set_options(long bits);
-long CRYPTO_dbg_get_options(void);
-
-#ifndef NO_FP_API
-void CRYPTO_mem_leaks_fp(FILE *);
-#endif
-void CRYPTO_mem_leaks(struct bio_st *bio);
-/* unsigned long order, char *file, int line, int num_bytes, char *addr */
-void CRYPTO_mem_leaks_cb(void (*cb)(unsigned long, const char *, int, int, void *));
-
-void ERR_load_CRYPTO_strings(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the CRYPTO functions. */
-
-/* Function codes. */
-#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100
-#define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID 103
-#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101
-#define CRYPTO_F_CRYPTO_SET_EX_DATA 102
-
-/* Reason codes. */
-#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/cversion.c b/src/lib/libcrypto/cversion.c
deleted file mode 100644
index affdfca98f..0000000000
--- a/src/lib/libcrypto/cversion.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* crypto/cversion.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-
-#ifndef NO_WINDOWS_BRAINDEATH
-#include "buildinf.h"
-#endif
-
-const char *SSLeay_version(int t)
- {
- if (t == SSLEAY_VERSION)
- return OPENSSL_VERSION_TEXT;
- if (t == SSLEAY_BUILT_ON)
- {
-#ifdef DATE
- static char buf[sizeof(DATE)+11];
-
- sprintf(buf,"built on: %s",DATE);
- return(buf);
-#else
- return("built on: date not available");
-#endif
- }
- if (t == SSLEAY_CFLAGS)
- {
-#ifdef CFLAGS
- static char buf[sizeof(CFLAGS)+11];
-
- sprintf(buf,"compiler: %s",CFLAGS);
- return(buf);
-#else
- return("compiler: information not available");
-#endif
- }
- if (t == SSLEAY_PLATFORM)
- {
-#ifdef PLATFORM
- static char buf[sizeof(PLATFORM)+11];
-
- sprintf(buf,"platform: %s", PLATFORM);
- return(buf);
-#else
- return("platform: information not available");
-#endif
- }
- return("not available");
- }
-
-unsigned long SSLeay(void)
- {
- return(SSLEAY_VERSION_NUMBER);
- }
-
diff --git a/src/lib/libcrypto/des/COPYRIGHT b/src/lib/libcrypto/des/COPYRIGHT
deleted file mode 100644
index 5469e1e469..0000000000
--- a/src/lib/libcrypto/des/COPYRIGHT
+++ /dev/null
@@ -1,50 +0,0 @@
-Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-All rights reserved.
-
-This package is an DES implementation written by Eric Young (eay@cryptsoft.com).
-The implementation was written so as to conform with MIT's libdes.
-
-This library is free for commercial and non-commercial use as long as
-the following conditions are aheared to. The following conditions
-apply to all code found in this distribution.
-
-Copyright remains Eric Young's, and as such any Copyright notices in
-the code are not to be removed.
-If this package is used in a product, Eric Young should be given attribution
-as the author of that the SSL library. This can be in the form of a textual
-message at program startup or in documentation (online or textual) provided
-with the package.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the copyright
- notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-3. All advertising materials mentioning features or use of this software
- must display the following acknowledgement:
- This product includes software developed by Eric Young (eay@cryptsoft.com)
-
-THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-The license and distribution terms for any publically available version or
-derivative of this code cannot be changed. i.e. this code cannot simply be
-copied and put under another distrubution license
-[including the GNU Public License.]
-
-The reason behind this being stated in this direct manner is past
-experience in code simply being copied and the attribution removed
-from it and then being distributed as part of other packages. This
-implementation was a non-trivial and unpaid effort.
diff --git a/src/lib/libcrypto/des/asm/crypt586.pl b/src/lib/libcrypto/des/asm/crypt586.pl
deleted file mode 100644
index 197c413ea6..0000000000
--- a/src/lib/libcrypto/des/asm/crypt586.pl
+++ /dev/null
@@ -1,204 +0,0 @@
-#!/usr/local/bin/perl
-#
-# The inner loop instruction sequence and the IP/FP modifications are from
-# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
-# I've added the stuff needed for crypt() but I've not worried about making
-# things perfect.
-#
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"crypt586.pl");
-
-$L="edi";
-$R="esi";
-
-&external_label("des_SPtrans");
-&fcrypt_body("fcrypt_body");
-&asm_finish();
-
-sub fcrypt_body
- {
- local($name,$do_ip)=@_;
-
- &function_begin($name,"EXTRN _des_SPtrans:DWORD");
-
- &comment("");
- &comment("Load the 2 words");
- $ks="ebp";
-
- &xor( $L, $L);
- &xor( $R, $R);
- &mov($ks,&wparam(1));
-
- &push(&DWC(25)); # add a variable
-
- &set_label("start");
- for ($i=0; $i<16; $i+=2)
- {
- &comment("");
- &comment("Round $i");
- &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
-
- &comment("");
- &comment("Round ".sprintf("%d",$i+1));
- &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
- }
- &mov("ebx", &swtmp(0));
- &mov("eax", $L);
- &dec("ebx");
- &mov($L, $R);
- &mov($R, "eax");
- &mov(&swtmp(0), "ebx");
- &jnz(&label("start"));
-
- &comment("");
- &comment("FP");
- &mov("edx",&wparam(0));
-
- &FP_new($R,$L,"eax",3);
- &mov(&DWP(0,"edx","",0),"eax");
- &mov(&DWP(4,"edx","",0),$L);
-
- &pop("ecx"); # remove variable
-
- &function_end($name);
- }
-
-sub D_ENCRYPT
- {
- local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
-
- &mov( $u, &wparam(2)); # 2
- &mov( $t, $R);
- &shr( $t, 16); # 1
- &mov( $tmp2, &wparam(3)); # 2
- &xor( $t, $R); # 1
-
- &and( $u, $t); # 2
- &and( $t, $tmp2); # 2
-
- &mov( $tmp1, $u);
- &shl( $tmp1, 16); # 1
- &mov( $tmp2, $t);
- &shl( $tmp2, 16); # 1
- &xor( $u, $tmp1); # 2
- &xor( $t, $tmp2); # 2
- &mov( $tmp1, &DWP(&n2a($S*4),$ks,"",0)); # 2
- &xor( $u, $tmp1);
- &mov( $tmp2, &DWP(&n2a(($S+1)*4),$ks,"",0)); # 2
- &xor( $u, $R);
- &xor( $t, $R);
- &xor( $t, $tmp2);
-
- &and( $u, "0xfcfcfcfc" ); # 2
- &xor( $tmp1, $tmp1); # 1
- &and( $t, "0xcfcfcfcf" ); # 2
- &xor( $tmp2, $tmp2);
- &movb( &LB($tmp1), &LB($u) );
- &movb( &LB($tmp2), &HB($u) );
- &rotr( $t, 4 );
- &mov( $ks, &DWP(" $desSP",$tmp1,"",0));
- &movb( &LB($tmp1), &LB($t) );
- &xor( $L, $ks);
- &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0));
- &xor( $L, $ks);
- &movb( &LB($tmp2), &HB($t) );
- &shr( $u, 16);
- &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0));
- &xor( $L, $ks);
- &movb( &LB($tmp1), &HB($u) );
- &shr( $t, 16);
- &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0));
- &xor( $L, $ks);
- &mov( $ks, &wparam(1));
- &movb( &LB($tmp2), &HB($t) );
- &and( $u, "0xff" );
- &and( $t, "0xff" );
- &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0));
- &xor( $L, $tmp1);
- &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0));
- &xor( $L, $tmp1);
- &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0));
- &xor( $L, $tmp1);
- &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0));
- &xor( $L, $tmp1);
- }
-
-sub n2a
- {
- sprintf("%d",$_[0]);
- }
-
-# now has a side affect of rotating $a by $shift
-sub R_PERM_OP
- {
- local($a,$b,$tt,$shift,$mask,$last)=@_;
-
- &rotl( $a, $shift ) if ($shift != 0);
- &mov( $tt, $a );
- &xor( $a, $b );
- &and( $a, $mask );
- if ($notlast eq $b)
- {
- &xor( $b, $a );
- &xor( $tt, $a );
- }
- else
- {
- &xor( $tt, $a );
- &xor( $b, $a );
- }
- &comment("");
- }
-
-sub IP_new
- {
- local($l,$r,$tt,$lr)=@_;
-
- &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
- &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
- &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
- &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
- &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
-
- if ($lr != 3)
- {
- if (($lr-3) < 0)
- { &rotr($tt, 3-$lr); }
- else { &rotl($tt, $lr-3); }
- }
- if ($lr != 2)
- {
- if (($lr-2) < 0)
- { &rotr($r, 2-$lr); }
- else { &rotl($r, $lr-2); }
- }
- }
-
-sub FP_new
- {
- local($l,$r,$tt,$lr)=@_;
-
- if ($lr != 2)
- {
- if (($lr-2) < 0)
- { &rotl($r, 2-$lr); }
- else { &rotr($r, $lr-2); }
- }
- if ($lr != 3)
- {
- if (($lr-3) < 0)
- { &rotl($l, 3-$lr); }
- else { &rotr($l, $lr-3); }
- }
-
- &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
- &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
- &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
- &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
- &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
- &rotr($tt , 4);
- }
-
diff --git a/src/lib/libcrypto/des/asm/des-586.pl b/src/lib/libcrypto/des/asm/des-586.pl
deleted file mode 100644
index c890766bc9..0000000000
--- a/src/lib/libcrypto/des/asm/des-586.pl
+++ /dev/null
@@ -1,253 +0,0 @@
-#!/usr/local/bin/perl
-#
-# The inner loop instruction sequence and the IP/FP modifications are from
-# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
-#
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-require "cbc.pl";
-require "desboth.pl";
-
-# base code is in microsft
-# op dest, source
-# format.
-#
-
-&asm_init($ARGV[0],"des-586.pl");
-
-$L="edi";
-$R="esi";
-
-&external_label("des_SPtrans");
-&des_encrypt("des_encrypt1",1);
-&des_encrypt("des_encrypt2",0);
-&des_encrypt3("des_encrypt3",1);
-&des_encrypt3("des_decrypt3",0);
-&cbc("des_ncbc_encrypt","des_encrypt1","des_encrypt1",0,4,5,3,5,-1);
-&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
-
-&asm_finish();
-
-sub des_encrypt
- {
- local($name,$do_ip)=@_;
-
- &function_begin_B($name,"EXTRN _des_SPtrans:DWORD");
-
- &push("esi");
- &push("edi");
-
- &comment("");
- &comment("Load the 2 words");
- $ks="ebp";
-
- if ($do_ip)
- {
- &mov($R,&wparam(0));
- &xor( "ecx", "ecx" );
-
- &push("ebx");
- &push("ebp");
-
- &mov("eax",&DWP(0,$R,"",0));
- &mov("ebx",&wparam(2)); # get encrypt flag
- &mov($L,&DWP(4,$R,"",0));
- &comment("");
- &comment("IP");
- &IP_new("eax",$L,$R,3);
- }
- else
- {
- &mov("eax",&wparam(0));
- &xor( "ecx", "ecx" );
-
- &push("ebx");
- &push("ebp");
-
- &mov($R,&DWP(0,"eax","",0));
- &mov("ebx",&wparam(2)); # get encrypt flag
- &rotl($R,3);
- &mov($L,&DWP(4,"eax","",0));
- &rotl($L,3);
- }
-
- &mov( $ks, &wparam(1) );
- &cmp("ebx","0");
- &je(&label("start_decrypt"));
-
- for ($i=0; $i<16; $i+=2)
- {
- &comment("");
- &comment("Round $i");
- &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
-
- &comment("");
- &comment("Round ".sprintf("%d",$i+1));
- &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
- }
- &jmp(&label("end"));
-
- &set_label("start_decrypt");
-
- for ($i=15; $i>0; $i-=2)
- {
- &comment("");
- &comment("Round $i");
- &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
- &comment("");
- &comment("Round ".sprintf("%d",$i-1));
- &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
- }
-
- &set_label("end");
-
- if ($do_ip)
- {
- &comment("");
- &comment("FP");
- &mov("edx",&wparam(0));
- &FP_new($L,$R,"eax",3);
-
- &mov(&DWP(0,"edx","",0),"eax");
- &mov(&DWP(4,"edx","",0),$R);
- }
- else
- {
- &comment("");
- &comment("Fixup");
- &rotr($L,3); # r
- &mov("eax",&wparam(0));
- &rotr($R,3); # l
- &mov(&DWP(0,"eax","",0),$L);
- &mov(&DWP(4,"eax","",0),$R);
- }
-
- &pop("ebp");
- &pop("ebx");
- &pop("edi");
- &pop("esi");
- &ret();
-
- &function_end_B($name);
- }
-
-sub D_ENCRYPT
- {
- local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
-
- &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
- &xor( $tmp1, $tmp1);
- &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
- &xor( $u, $R);
- &xor( $t, $R);
- &and( $u, "0xfcfcfcfc" );
- &and( $t, "0xcfcfcfcf" );
- &movb( &LB($tmp1), &LB($u) );
- &movb( &LB($tmp2), &HB($u) );
- &rotr( $t, 4 );
- &mov( $ks, &DWP(" $desSP",$tmp1,"",0));
- &movb( &LB($tmp1), &LB($t) );
- &xor( $L, $ks);
- &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0));
- &xor( $L, $ks); ######
- &movb( &LB($tmp2), &HB($t) );
- &shr( $u, 16);
- &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0));
- &xor( $L, $ks); ######
- &movb( &LB($tmp1), &HB($u) );
- &shr( $t, 16);
- &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0));
- &xor( $L, $ks);
- &mov( $ks, &wparam(1) );
- &movb( &LB($tmp2), &HB($t) );
- &and( $u, "0xff" );
- &and( $t, "0xff" );
- &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0));
- &xor( $L, $tmp1);
- &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0));
- &xor( $L, $tmp1);
- &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0));
- &xor( $L, $tmp1);
- &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0));
- &xor( $L, $tmp1);
- }
-
-sub n2a
- {
- sprintf("%d",$_[0]);
- }
-
-# now has a side affect of rotating $a by $shift
-sub R_PERM_OP
- {
- local($a,$b,$tt,$shift,$mask,$last)=@_;
-
- &rotl( $a, $shift ) if ($shift != 0);
- &mov( $tt, $a );
- &xor( $a, $b );
- &and( $a, $mask );
- # This can never succeed, and besides it is difficult to see what the
- # idea was - Ben 13 Feb 99
- if (!$last eq $b)
- {
- &xor( $b, $a );
- &xor( $tt, $a );
- }
- else
- {
- &xor( $tt, $a );
- &xor( $b, $a );
- }
- &comment("");
- }
-
-sub IP_new
- {
- local($l,$r,$tt,$lr)=@_;
-
- &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
- &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
- &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
- &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
- &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
-
- if ($lr != 3)
- {
- if (($lr-3) < 0)
- { &rotr($tt, 3-$lr); }
- else { &rotl($tt, $lr-3); }
- }
- if ($lr != 2)
- {
- if (($lr-2) < 0)
- { &rotr($r, 2-$lr); }
- else { &rotl($r, $lr-2); }
- }
- }
-
-sub FP_new
- {
- local($l,$r,$tt,$lr)=@_;
-
- if ($lr != 2)
- {
- if (($lr-2) < 0)
- { &rotl($r, 2-$lr); }
- else { &rotr($r, $lr-2); }
- }
- if ($lr != 3)
- {
- if (($lr-3) < 0)
- { &rotl($l, 3-$lr); }
- else { &rotr($l, $lr-3); }
- }
-
- &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
- &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
- &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
- &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
- &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
- &rotr($tt , 4);
- }
-
diff --git a/src/lib/libcrypto/des/asm/desboth.pl b/src/lib/libcrypto/des/asm/desboth.pl
deleted file mode 100644
index d5106414db..0000000000
--- a/src/lib/libcrypto/des/asm/desboth.pl
+++ /dev/null
@@ -1,79 +0,0 @@
-#!/usr/local/bin/perl
-
-$L="edi";
-$R="esi";
-
-sub des_encrypt3
- {
- local($name,$enc)=@_;
-
- &function_begin_B($name,"");
- &push("ebx");
- &mov("ebx",&wparam(0));
-
- &push("ebp");
- &push("esi");
-
- &push("edi");
-
- &comment("");
- &comment("Load the data words");
- &mov($L,&DWP(0,"ebx","",0));
- &mov($R,&DWP(4,"ebx","",0));
- &stack_push(3);
-
- &comment("");
- &comment("IP");
- &IP_new($L,$R,"edx",0);
-
- # put them back
-
- if ($enc)
- {
- &mov(&DWP(4,"ebx","",0),$R);
- &mov("eax",&wparam(1));
- &mov(&DWP(0,"ebx","",0),"edx");
- &mov("edi",&wparam(2));
- &mov("esi",&wparam(3));
- }
- else
- {
- &mov(&DWP(4,"ebx","",0),$R);
- &mov("esi",&wparam(1));
- &mov(&DWP(0,"ebx","",0),"edx");
- &mov("edi",&wparam(2));
- &mov("eax",&wparam(3));
- }
- &mov(&swtmp(2), (DWC(($enc)?"1":"0")));
- &mov(&swtmp(1), "eax");
- &mov(&swtmp(0), "ebx");
- &call("des_encrypt2");
- &mov(&swtmp(2), (DWC(($enc)?"0":"1")));
- &mov(&swtmp(1), "edi");
- &mov(&swtmp(0), "ebx");
- &call("des_encrypt2");
- &mov(&swtmp(2), (DWC(($enc)?"1":"0")));
- &mov(&swtmp(1), "esi");
- &mov(&swtmp(0), "ebx");
- &call("des_encrypt2");
-
- &stack_pop(3);
- &mov($L,&DWP(0,"ebx","",0));
- &mov($R,&DWP(4,"ebx","",0));
-
- &comment("");
- &comment("FP");
- &FP_new($L,$R,"eax",0);
-
- &mov(&DWP(0,"ebx","",0),"eax");
- &mov(&DWP(4,"ebx","",0),$R);
-
- &pop("edi");
- &pop("esi");
- &pop("ebp");
- &pop("ebx");
- &ret();
- &function_end_B($name);
- }
-
-
diff --git a/src/lib/libcrypto/des/cbc_cksm.c b/src/lib/libcrypto/des/cbc_cksm.c
deleted file mode 100644
index b857df0985..0000000000
--- a/src/lib/libcrypto/des/cbc_cksm.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* crypto/des/cbc_cksm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-DES_LONG des_cbc_cksum(const unsigned char *in, des_cblock *output,
- long length,
- des_key_schedule schedule, const_des_cblock *ivec)
- {
- register DES_LONG tout0,tout1,tin0,tin1;
- register long l=length;
- DES_LONG tin[2];
- unsigned char *out = &(*output)[0];
- const unsigned char *iv = &(*ivec)[0];
-
- c2l(iv,tout0);
- c2l(iv,tout1);
- for (; l>0; l-=8)
- {
- if (l >= 8)
- {
- c2l(in,tin0);
- c2l(in,tin1);
- }
- else
- c2ln(in,tin0,tin1,l);
-
- tin0^=tout0; tin[0]=tin0;
- tin1^=tout1; tin[1]=tin1;
- des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
- /* fix 15/10/91 eay - thanks to keithr@sco.COM */
- tout0=tin[0];
- tout1=tin[1];
- }
- if (out != NULL)
- {
- l2c(tout0,out);
- l2c(tout1,out);
- }
- tout0=tin0=tin1=tin[0]=tin[1]=0;
- return(tout1);
- }
diff --git a/src/lib/libcrypto/des/cbc_enc.c b/src/lib/libcrypto/des/cbc_enc.c
deleted file mode 100644
index 677903ae4e..0000000000
--- a/src/lib/libcrypto/des/cbc_enc.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/* crypto/des/cbc_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define CBC_ENC_C__DONT_UPDATE_IV
-
-#include "ncbc_enc.c" /* des_cbc_encrypt */
diff --git a/src/lib/libcrypto/des/cfb64ede.c b/src/lib/libcrypto/des/cfb64ede.c
deleted file mode 100644
index 5362a551bf..0000000000
--- a/src/lib/libcrypto/des/cfb64ede.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/* crypto/des/cfb64ede.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void des_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, des_key_schedule ks1, des_key_schedule ks2,
- des_key_schedule ks3, des_cblock *ivec, int *num, int enc)
- {
- register DES_LONG v0,v1;
- register long l=length;
- register int n= *num;
- DES_LONG ti[2];
- unsigned char *iv,c,cc;
-
- iv=&(*ivec)[0];
- if (enc)
- {
- while (l--)
- {
- if (n == 0)
- {
- c2l(iv,v0);
- c2l(iv,v1);
-
- ti[0]=v0;
- ti[1]=v1;
- des_encrypt3(ti,ks1,ks2,ks3);
- v0=ti[0];
- v1=ti[1];
-
- iv = &(*ivec)[0];
- l2c(v0,iv);
- l2c(v1,iv);
- iv = &(*ivec)[0];
- }
- c= *(in++)^iv[n];
- *(out++)=c;
- iv[n]=c;
- n=(n+1)&0x07;
- }
- }
- else
- {
- while (l--)
- {
- if (n == 0)
- {
- c2l(iv,v0);
- c2l(iv,v1);
-
- ti[0]=v0;
- ti[1]=v1;
- des_encrypt3(ti,ks1,ks2,ks3);
- v0=ti[0];
- v1=ti[1];
-
- iv = &(*ivec)[0];
- l2c(v0,iv);
- l2c(v1,iv);
- iv = &(*ivec)[0];
- }
- cc= *(in++);
- c=iv[n];
- iv[n]=cc;
- *(out++)=c^cc;
- n=(n+1)&0x07;
- }
- }
- v0=v1=ti[0]=ti[1]=c=cc=0;
- *num=n;
- }
-
-#ifdef undef /* MACRO */
-void des_ede2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
- des_key_schedule ks1, des_key_schedule ks2, des_cblock (*ivec),
- int *num, int enc)
- {
- des_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,enc);
- }
-#endif
diff --git a/src/lib/libcrypto/des/cfb64enc.c b/src/lib/libcrypto/des/cfb64enc.c
deleted file mode 100644
index 105530dfa3..0000000000
--- a/src/lib/libcrypto/des/cfb64enc.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/des/cfb64enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void des_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, des_key_schedule schedule, des_cblock *ivec,
- int *num, int enc)
- {
- register DES_LONG v0,v1;
- register long l=length;
- register int n= *num;
- DES_LONG ti[2];
- unsigned char *iv,c,cc;
-
- iv = &(*ivec)[0];
- if (enc)
- {
- while (l--)
- {
- if (n == 0)
- {
- c2l(iv,v0); ti[0]=v0;
- c2l(iv,v1); ti[1]=v1;
- des_encrypt1(ti,schedule,DES_ENCRYPT);
- iv = &(*ivec)[0];
- v0=ti[0]; l2c(v0,iv);
- v0=ti[1]; l2c(v0,iv);
- iv = &(*ivec)[0];
- }
- c= *(in++)^iv[n];
- *(out++)=c;
- iv[n]=c;
- n=(n+1)&0x07;
- }
- }
- else
- {
- while (l--)
- {
- if (n == 0)
- {
- c2l(iv,v0); ti[0]=v0;
- c2l(iv,v1); ti[1]=v1;
- des_encrypt1(ti,schedule,DES_ENCRYPT);
- iv = &(*ivec)[0];
- v0=ti[0]; l2c(v0,iv);
- v0=ti[1]; l2c(v0,iv);
- iv = &(*ivec)[0];
- }
- cc= *(in++);
- c=iv[n];
- iv[n]=cc;
- *(out++)=c^cc;
- n=(n+1)&0x07;
- }
- }
- v0=v1=ti[0]=ti[1]=c=cc=0;
- *num=n;
- }
-
diff --git a/src/lib/libcrypto/des/cfb_enc.c b/src/lib/libcrypto/des/cfb_enc.c
deleted file mode 100644
index ec4fd4ea67..0000000000
--- a/src/lib/libcrypto/des/cfb_enc.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/* crypto/des/cfb_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output are loaded in multiples of 8 bits.
- * What this means is that if you hame numbits=12 and length=2
- * the first 12 bits will be retrieved from the first byte and half
- * the second. The second 12 bits will come from the 3rd and half the 4th
- * byte.
- */
-void des_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
- long length, des_key_schedule schedule, des_cblock *ivec, int enc)
- {
- register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
- register DES_LONG mask0,mask1;
- register unsigned long l=length;
- register int num=numbits;
- DES_LONG ti[2];
- unsigned char *iv;
-
- if (num > 64) return;
- if (num > 32)
- {
- mask0=0xffffffffL;
- if (num == 64)
- mask1=mask0;
- else mask1=(1L<<(num-32))-1;
- }
- else
- {
- if (num == 32)
- mask0=0xffffffffL;
- else mask0=(1L<<num)-1;
- mask1=0x00000000L;
- }
-
- iv = &(*ivec)[0];
- c2l(iv,v0);
- c2l(iv,v1);
- if (enc)
- {
- while (l >= n)
- {
- l-=n;
- ti[0]=v0;
- ti[1]=v1;
- des_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
- c2ln(in,d0,d1,n);
- in+=n;
- d0=(d0^ti[0])&mask0;
- d1=(d1^ti[1])&mask1;
- l2cn(d0,d1,out,n);
- out+=n;
- /* 30-08-94 - eay - changed because l>>32 and
- * l<<32 are bad under gcc :-( */
- if (num == 32)
- { v0=v1; v1=d0; }
- else if (num == 64)
- { v0=d0; v1=d1; }
- else if (num > 32) /* && num != 64 */
- {
- v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
- v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
- }
- else /* num < 32 */
- {
- v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
- v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
- }
- }
- }
- else
- {
- while (l >= n)
- {
- l-=n;
- ti[0]=v0;
- ti[1]=v1;
- des_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
- c2ln(in,d0,d1,n);
- in+=n;
- /* 30-08-94 - eay - changed because l>>32 and
- * l<<32 are bad under gcc :-( */
- if (num == 32)
- { v0=v1; v1=d0; }
- else if (num == 64)
- { v0=d0; v1=d1; }
- else if (num > 32) /* && num != 64 */
- {
- v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
- v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
- }
- else /* num < 32 */
- {
- v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
- v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
- }
- d0=(d0^ti[0])&mask0;
- d1=(d1^ti[1])&mask1;
- l2cn(d0,d1,out,n);
- out+=n;
- }
- }
- iv = &(*ivec)[0];
- l2c(v0,iv);
- l2c(v1,iv);
- v0=v1=d0=d1=ti[0]=ti[1]=0;
- }
-
diff --git a/src/lib/libcrypto/des/des.h b/src/lib/libcrypto/des/des.h
deleted file mode 100644
index 6b8a7ee11b..0000000000
--- a/src/lib/libcrypto/des/des.h
+++ /dev/null
@@ -1,266 +0,0 @@
-/* crypto/des/des.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_DES_H
-#define HEADER_DES_H
-
-#ifdef NO_DES
-#error DES is disabled.
-#endif
-
-#ifdef _KERBEROS_DES_H
-#error <openssl/des.h> replaces <kerberos/des.h>.
-#endif
-
-#include <openssl/opensslconf.h> /* DES_LONG */
-#include <openssl/e_os2.h> /* OPENSSL_EXTERN */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef unsigned char des_cblock[8];
-typedef /* const */ unsigned char const_des_cblock[8];
-/* With "const", gcc 2.8.1 on Solaris thinks that des_cblock *
- * and const_des_cblock * are incompatible pointer types. */
-
-typedef struct des_ks_struct
- {
- union {
- des_cblock cblock;
- /* make sure things are correct size on machines with
- * 8 byte longs */
- DES_LONG deslong[2];
- } ks;
- int weak_key;
- } des_key_schedule[16];
-
-#define DES_KEY_SZ (sizeof(des_cblock))
-#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
-
-#define DES_ENCRYPT 1
-#define DES_DECRYPT 0
-
-#define DES_CBC_MODE 0
-#define DES_PCBC_MODE 1
-
-#define des_ecb2_encrypt(i,o,k1,k2,e) \
- des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
- des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
- des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
- des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-OPENSSL_EXTERN int des_check_key; /* defaults to false */
-OPENSSL_EXTERN int des_rw_mode; /* defaults to DES_PCBC_MODE */
-OPENSSL_EXTERN int des_set_weak_key_flag; /* set the weak key flag */
-
-const char *des_options(void);
-void des_ecb3_encrypt(const_des_cblock *input, des_cblock *output,
- des_key_schedule ks1,des_key_schedule ks2,
- des_key_schedule ks3, int enc);
-DES_LONG des_cbc_cksum(const unsigned char *input,des_cblock *output,
- long length,des_key_schedule schedule,
- const_des_cblock *ivec);
-/* des_cbc_encrypt does not update the IV! Use des_ncbc_encrypt instead. */
-void des_cbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,des_key_schedule schedule,des_cblock *ivec,
- int enc);
-void des_ncbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,des_key_schedule schedule,des_cblock *ivec,
- int enc);
-void des_xcbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,des_key_schedule schedule,des_cblock *ivec,
- const_des_cblock *inw,const_des_cblock *outw,int enc);
-void des_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
- long length,des_key_schedule schedule,des_cblock *ivec,
- int enc);
-void des_ecb_encrypt(const_des_cblock *input,des_cblock *output,
- des_key_schedule ks,int enc);
-
-/* This is the DES encryption function that gets called by just about
- every other DES routine in the library. You should not use this
- function except to implement 'modes' of DES. I say this because the
- functions that call this routine do the conversion from 'char *' to
- long, and this needs to be done to make sure 'non-aligned' memory
- access do not occur. The characters are loaded 'little endian'.
- Data is a pointer to 2 unsigned long's and ks is the
- des_key_schedule to use. enc, is non zero specifies encryption,
- zero if decryption. */
-void des_encrypt1(DES_LONG *data,des_key_schedule ks, int enc);
-
-/* This functions is the same as des_encrypt1() except that the DES
- initial permutation (IP) and final permutation (FP) have been left
- out. As for des_encrypt1(), you should not use this function.
- It is used by the routines in the library that implement triple DES.
- IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
- as des_encrypt1() des_encrypt1() des_encrypt1() except faster :-). */
-void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
-
-void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
- des_key_schedule ks2, des_key_schedule ks3);
-void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
- des_key_schedule ks2, des_key_schedule ks3);
-void des_ede3_cbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,
- des_key_schedule ks1,des_key_schedule ks2,
- des_key_schedule ks3,des_cblock *ivec,int enc);
-void des_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out,
- long length,
- des_key_schedule ks1,des_key_schedule ks2,
- des_key_schedule ks3,
- des_cblock *ivec1,des_cblock *ivec2,
- int enc);
-void des_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out,
- long length,des_key_schedule ks1,
- des_key_schedule ks2,des_key_schedule ks3,
- des_cblock *ivec,int *num,int enc);
-void des_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
- long length,des_key_schedule ks1,
- des_key_schedule ks2,des_key_schedule ks3,
- des_cblock *ivec,int *num);
-
-void des_xwhite_in2out(const_des_cblock *des_key,const_des_cblock *in_white,
- des_cblock *out_white);
-
-int des_enc_read(int fd,void *buf,int len,des_key_schedule sched,
- des_cblock *iv);
-int des_enc_write(int fd,const void *buf,int len,des_key_schedule sched,
- des_cblock *iv);
-char *des_fcrypt(const char *buf,const char *salt, char *ret);
-char *des_crypt(const char *buf,const char *salt);
-#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT)
-char *crypt(const char *buf,const char *salt);
-#endif
-void des_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
- long length,des_key_schedule schedule,des_cblock *ivec);
-void des_pcbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,des_key_schedule schedule,des_cblock *ivec,
- int enc);
-DES_LONG des_quad_cksum(const unsigned char *input,des_cblock output[],
- long length,int out_count,des_cblock *seed);
-void des_random_seed(des_cblock *key);
-int des_random_key(des_cblock *ret);
-int des_read_password(des_cblock *key,const char *prompt,int verify);
-int des_read_2passwords(des_cblock *key1,des_cblock *key2,
- const char *prompt,int verify);
-int des_read_pw_string(char *buf,int length,const char *prompt,int verify);
-void des_set_odd_parity(des_cblock *key);
-int des_check_key_parity(const_des_cblock *key);
-int des_is_weak_key(const_des_cblock *key);
-/* des_set_key (= set_key = des_key_sched = key_sched) calls
- * des_set_key_checked if global variable des_check_key is set,
- * des_set_key_unchecked otherwise. */
-int des_set_key(const_des_cblock *key,des_key_schedule schedule);
-int des_key_sched(const_des_cblock *key,des_key_schedule schedule);
-int des_set_key_checked(const_des_cblock *key,des_key_schedule schedule);
-void des_set_key_unchecked(const_des_cblock *key,des_key_schedule schedule);
-void des_string_to_key(const char *str,des_cblock *key);
-void des_string_to_2keys(const char *str,des_cblock *key1,des_cblock *key2);
-void des_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
- des_key_schedule schedule,des_cblock *ivec,int *num,
- int enc);
-void des_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
- des_key_schedule schedule,des_cblock *ivec,int *num);
-int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
-
-/* The following definitions provide compatibility with the MIT Kerberos
- * library. The des_key_schedule structure is not binary compatible. */
-
-#define _KERBEROS_DES_H
-
-#define KRBDES_ENCRYPT DES_ENCRYPT
-#define KRBDES_DECRYPT DES_DECRYPT
-
-#ifdef KERBEROS
-# define ENCRYPT DES_ENCRYPT
-# define DECRYPT DES_DECRYPT
-#endif
-
-#ifndef NCOMPAT
-# define C_Block des_cblock
-# define Key_schedule des_key_schedule
-# define KEY_SZ DES_KEY_SZ
-# define string_to_key des_string_to_key
-# define read_pw_string des_read_pw_string
-# define random_key des_random_key
-# define pcbc_encrypt des_pcbc_encrypt
-# define set_key des_set_key
-# define key_sched des_key_sched
-# define ecb_encrypt des_ecb_encrypt
-# define cbc_encrypt des_cbc_encrypt
-# define ncbc_encrypt des_ncbc_encrypt
-# define xcbc_encrypt des_xcbc_encrypt
-# define cbc_cksum des_cbc_cksum
-# define quad_cksum des_quad_cksum
-# define check_parity des_check_key_parity
-#endif
-
-typedef des_key_schedule bit_64;
-#define des_fixup_key_parity des_set_odd_parity
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/des/des_enc.c b/src/lib/libcrypto/des/des_enc.c
deleted file mode 100644
index 0bd9fa39bc..0000000000
--- a/src/lib/libcrypto/des/des_enc.c
+++ /dev/null
@@ -1,406 +0,0 @@
-/* crypto/des/des_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-void des_encrypt1(DES_LONG *data, des_key_schedule ks, int enc)
- {
- register DES_LONG l,r,t,u;
-#ifdef DES_PTR
- register const unsigned char *des_SP=(const unsigned char *)des_SPtrans;
-#endif
-#ifndef DES_UNROLL
- register int i;
-#endif
- register DES_LONG *s;
-
- r=data[0];
- l=data[1];
-
- IP(r,l);
- /* Things have been modified so that the initial rotate is
- * done outside the loop. This required the
- * des_SPtrans values in sp.h to be rotated 1 bit to the right.
- * One perl script later and things have a 5% speed up on a sparc2.
- * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
- * for pointing this out. */
- /* clear the top bits on machines with 8byte longs */
- /* shift left by 2 */
- r=ROTATE(r,29)&0xffffffffL;
- l=ROTATE(l,29)&0xffffffffL;
-
- s=ks->ks.deslong;
- /* I don't know if it is worth the effort of loop unrolling the
- * inner loop */
- if (enc)
- {
-#ifdef DES_UNROLL
- D_ENCRYPT(l,r, 0); /* 1 */
- D_ENCRYPT(r,l, 2); /* 2 */
- D_ENCRYPT(l,r, 4); /* 3 */
- D_ENCRYPT(r,l, 6); /* 4 */
- D_ENCRYPT(l,r, 8); /* 5 */
- D_ENCRYPT(r,l,10); /* 6 */
- D_ENCRYPT(l,r,12); /* 7 */
- D_ENCRYPT(r,l,14); /* 8 */
- D_ENCRYPT(l,r,16); /* 9 */
- D_ENCRYPT(r,l,18); /* 10 */
- D_ENCRYPT(l,r,20); /* 11 */
- D_ENCRYPT(r,l,22); /* 12 */
- D_ENCRYPT(l,r,24); /* 13 */
- D_ENCRYPT(r,l,26); /* 14 */
- D_ENCRYPT(l,r,28); /* 15 */
- D_ENCRYPT(r,l,30); /* 16 */
-#else
- for (i=0; i<32; i+=8)
- {
- D_ENCRYPT(l,r,i+0); /* 1 */
- D_ENCRYPT(r,l,i+2); /* 2 */
- D_ENCRYPT(l,r,i+4); /* 3 */
- D_ENCRYPT(r,l,i+6); /* 4 */
- }
-#endif
- }
- else
- {
-#ifdef DES_UNROLL
- D_ENCRYPT(l,r,30); /* 16 */
- D_ENCRYPT(r,l,28); /* 15 */
- D_ENCRYPT(l,r,26); /* 14 */
- D_ENCRYPT(r,l,24); /* 13 */
- D_ENCRYPT(l,r,22); /* 12 */
- D_ENCRYPT(r,l,20); /* 11 */
- D_ENCRYPT(l,r,18); /* 10 */
- D_ENCRYPT(r,l,16); /* 9 */
- D_ENCRYPT(l,r,14); /* 8 */
- D_ENCRYPT(r,l,12); /* 7 */
- D_ENCRYPT(l,r,10); /* 6 */
- D_ENCRYPT(r,l, 8); /* 5 */
- D_ENCRYPT(l,r, 6); /* 4 */
- D_ENCRYPT(r,l, 4); /* 3 */
- D_ENCRYPT(l,r, 2); /* 2 */
- D_ENCRYPT(r,l, 0); /* 1 */
-#else
- for (i=30; i>0; i-=8)
- {
- D_ENCRYPT(l,r,i-0); /* 16 */
- D_ENCRYPT(r,l,i-2); /* 15 */
- D_ENCRYPT(l,r,i-4); /* 14 */
- D_ENCRYPT(r,l,i-6); /* 13 */
- }
-#endif
- }
-
- /* rotate and clear the top bits on machines with 8byte longs */
- l=ROTATE(l,3)&0xffffffffL;
- r=ROTATE(r,3)&0xffffffffL;
-
- FP(r,l);
- data[0]=l;
- data[1]=r;
- l=r=t=u=0;
- }
-
-void des_encrypt2(DES_LONG *data, des_key_schedule ks, int enc)
- {
- register DES_LONG l,r,t,u;
-#ifdef DES_PTR
- register const unsigned char *des_SP=(const unsigned char *)des_SPtrans;
-#endif
-#ifndef DES_UNROLL
- register int i;
-#endif
- register DES_LONG *s;
-
- r=data[0];
- l=data[1];
-
- /* Things have been modified so that the initial rotate is
- * done outside the loop. This required the
- * des_SPtrans values in sp.h to be rotated 1 bit to the right.
- * One perl script later and things have a 5% speed up on a sparc2.
- * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
- * for pointing this out. */
- /* clear the top bits on machines with 8byte longs */
- r=ROTATE(r,29)&0xffffffffL;
- l=ROTATE(l,29)&0xffffffffL;
-
- s=ks->ks.deslong;
- /* I don't know if it is worth the effort of loop unrolling the
- * inner loop */
- if (enc)
- {
-#ifdef DES_UNROLL
- D_ENCRYPT(l,r, 0); /* 1 */
- D_ENCRYPT(r,l, 2); /* 2 */
- D_ENCRYPT(l,r, 4); /* 3 */
- D_ENCRYPT(r,l, 6); /* 4 */
- D_ENCRYPT(l,r, 8); /* 5 */
- D_ENCRYPT(r,l,10); /* 6 */
- D_ENCRYPT(l,r,12); /* 7 */
- D_ENCRYPT(r,l,14); /* 8 */
- D_ENCRYPT(l,r,16); /* 9 */
- D_ENCRYPT(r,l,18); /* 10 */
- D_ENCRYPT(l,r,20); /* 11 */
- D_ENCRYPT(r,l,22); /* 12 */
- D_ENCRYPT(l,r,24); /* 13 */
- D_ENCRYPT(r,l,26); /* 14 */
- D_ENCRYPT(l,r,28); /* 15 */
- D_ENCRYPT(r,l,30); /* 16 */
-#else
- for (i=0; i<32; i+=8)
- {
- D_ENCRYPT(l,r,i+0); /* 1 */
- D_ENCRYPT(r,l,i+2); /* 2 */
- D_ENCRYPT(l,r,i+4); /* 3 */
- D_ENCRYPT(r,l,i+6); /* 4 */
- }
-#endif
- }
- else
- {
-#ifdef DES_UNROLL
- D_ENCRYPT(l,r,30); /* 16 */
- D_ENCRYPT(r,l,28); /* 15 */
- D_ENCRYPT(l,r,26); /* 14 */
- D_ENCRYPT(r,l,24); /* 13 */
- D_ENCRYPT(l,r,22); /* 12 */
- D_ENCRYPT(r,l,20); /* 11 */
- D_ENCRYPT(l,r,18); /* 10 */
- D_ENCRYPT(r,l,16); /* 9 */
- D_ENCRYPT(l,r,14); /* 8 */
- D_ENCRYPT(r,l,12); /* 7 */
- D_ENCRYPT(l,r,10); /* 6 */
- D_ENCRYPT(r,l, 8); /* 5 */
- D_ENCRYPT(l,r, 6); /* 4 */
- D_ENCRYPT(r,l, 4); /* 3 */
- D_ENCRYPT(l,r, 2); /* 2 */
- D_ENCRYPT(r,l, 0); /* 1 */
-#else
- for (i=30; i>0; i-=8)
- {
- D_ENCRYPT(l,r,i-0); /* 16 */
- D_ENCRYPT(r,l,i-2); /* 15 */
- D_ENCRYPT(l,r,i-4); /* 14 */
- D_ENCRYPT(r,l,i-6); /* 13 */
- }
-#endif
- }
- /* rotate and clear the top bits on machines with 8byte longs */
- data[0]=ROTATE(l,3)&0xffffffffL;
- data[1]=ROTATE(r,3)&0xffffffffL;
- l=r=t=u=0;
- }
-
-void des_encrypt3(DES_LONG *data, des_key_schedule ks1, des_key_schedule ks2,
- des_key_schedule ks3)
- {
- register DES_LONG l,r;
-
- l=data[0];
- r=data[1];
- IP(l,r);
- data[0]=l;
- data[1]=r;
- des_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
- des_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
- des_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
- l=data[0];
- r=data[1];
- FP(r,l);
- data[0]=l;
- data[1]=r;
- }
-
-void des_decrypt3(DES_LONG *data, des_key_schedule ks1, des_key_schedule ks2,
- des_key_schedule ks3)
- {
- register DES_LONG l,r;
-
- l=data[0];
- r=data[1];
- IP(l,r);
- data[0]=l;
- data[1]=r;
- des_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
- des_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
- des_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
- l=data[0];
- r=data[1];
- FP(r,l);
- data[0]=l;
- data[1]=r;
- }
-
-#ifndef DES_DEFAULT_OPTIONS
-
-#undef CBC_ENC_C__DONT_UPDATE_IV
-#include "ncbc_enc.c" /* des_ncbc_encrypt */
-
-void des_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, des_key_schedule ks1, des_key_schedule ks2,
- des_key_schedule ks3, des_cblock *ivec, int enc)
- {
- register DES_LONG tin0,tin1;
- register DES_LONG tout0,tout1,xor0,xor1;
- register const unsigned char *in;
- unsigned char *out;
- register long l=length;
- DES_LONG tin[2];
- unsigned char *iv;
-
- in=input;
- out=output;
- iv = &(*ivec)[0];
-
- if (enc)
- {
- c2l(iv,tout0);
- c2l(iv,tout1);
- for (l-=8; l>=0; l-=8)
- {
- c2l(in,tin0);
- c2l(in,tin1);
- tin0^=tout0;
- tin1^=tout1;
-
- tin[0]=tin0;
- tin[1]=tin1;
- des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
- tout0=tin[0];
- tout1=tin[1];
-
- l2c(tout0,out);
- l2c(tout1,out);
- }
- if (l != -8)
- {
- c2ln(in,tin0,tin1,l+8);
- tin0^=tout0;
- tin1^=tout1;
-
- tin[0]=tin0;
- tin[1]=tin1;
- des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
- tout0=tin[0];
- tout1=tin[1];
-
- l2c(tout0,out);
- l2c(tout1,out);
- }
- iv = &(*ivec)[0];
- l2c(tout0,iv);
- l2c(tout1,iv);
- }
- else
- {
- register DES_LONG t0,t1;
-
- c2l(iv,xor0);
- c2l(iv,xor1);
- for (l-=8; l>=0; l-=8)
- {
- c2l(in,tin0);
- c2l(in,tin1);
-
- t0=tin0;
- t1=tin1;
-
- tin[0]=tin0;
- tin[1]=tin1;
- des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
- tout0=tin[0];
- tout1=tin[1];
-
- tout0^=xor0;
- tout1^=xor1;
- l2c(tout0,out);
- l2c(tout1,out);
- xor0=t0;
- xor1=t1;
- }
- if (l != -8)
- {
- c2l(in,tin0);
- c2l(in,tin1);
-
- t0=tin0;
- t1=tin1;
-
- tin[0]=tin0;
- tin[1]=tin1;
- des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
- tout0=tin[0];
- tout1=tin[1];
-
- tout0^=xor0;
- tout1^=xor1;
- l2cn(tout0,tout1,out,l+8);
- xor0=t0;
- xor1=t1;
- }
-
- iv = &(*ivec)[0];
- l2c(xor0,iv);
- l2c(xor1,iv);
- }
- tin0=tin1=tout0=tout1=xor0=xor1=0;
- tin[0]=tin[1]=0;
- }
-
-#endif /* DES_DEFAULT_OPTIONS */
diff --git a/src/lib/libcrypto/des/des_locl.h b/src/lib/libcrypto/des/des_locl.h
deleted file mode 100644
index 1ace8f5930..0000000000
--- a/src/lib/libcrypto/des/des_locl.h
+++ /dev/null
@@ -1,412 +0,0 @@
-/* crypto/des/des_locl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_DES_LOCL_H
-#define HEADER_DES_LOCL_H
-
-#if defined(WIN32) || defined(WIN16)
-#ifndef MSDOS
-#define MSDOS
-#endif
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef MSDOS
-#if !defined(VMS) || defined(__DECC)
-#ifdef OPENSSL_UNISTD
-# include OPENSSL_UNISTD
-#else
-# include <unistd.h>
-#endif
-#include <math.h>
-#endif
-#endif
-#include <openssl/des.h>
-
-#ifdef MSDOS /* Visual C++ 2.1 (Windows NT/95) */
-#include <stdlib.h>
-#include <errno.h>
-#include <time.h>
-#include <io.h>
-#endif
-
-#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
-#include <string.h>
-#endif
-
-#define ITERATIONS 16
-#define HALF_ITERATIONS 8
-
-/* used in des_read and des_write */
-#define MAXWRITE (1024*16)
-#define BSIZE (MAXWRITE+4)
-
-#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
- l|=((DES_LONG)(*((c)++)))<< 8L, \
- l|=((DES_LONG)(*((c)++)))<<16L, \
- l|=((DES_LONG)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#define c2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
- case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
- case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
- case 5: l2|=((DES_LONG)(*(--(c)))); \
- case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
- case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
- case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
- case 1: l1|=((DES_LONG)(*(--(c)))); \
- } \
- }
-
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* replacements for htonl and ntohl since I have no idea what to do
- * when faced with machines with 8 byte longs. */
-#define HDRSIZE 4
-
-#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
- l|=((DES_LONG)(*((c)++)))<<16L, \
- l|=((DES_LONG)(*((c)++)))<< 8L, \
- l|=((DES_LONG)(*((c)++))))
-
-#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#define l2cn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
- } \
- }
-
-#if defined(WIN32) && defined(_MSC_VER)
-#define ROTATE(a,n) (_lrotr(a,n))
-#else
-#define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n))))
-#endif
-
-/* Don't worry about the LOAD_DATA() stuff, that is used by
- * fcrypt() to add it's little bit to the front */
-
-#ifdef DES_FCRYPT
-
-#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
- { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
-
-#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
- t=R^(R>>16L); \
- u=t&E0; t&=E1; \
- tmp=(u<<16); u^=R^s[S ]; u^=tmp; \
- tmp=(t<<16); t^=R^s[S+1]; t^=tmp
-#else
-#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
-#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
- u=R^s[S ]; \
- t=R^s[S+1]
-#endif
-
-/* The changes to this macro may help or hinder, depending on the
- * compiler and the architecture. gcc2 always seems to do well :-).
- * Inspired by Dana How <how@isl.stanford.edu>
- * DO NOT use the alternative version on machines with 8 byte longs.
- * It does not seem to work on the Alpha, even when DES_LONG is 4
- * bytes, probably an issue of accessing non-word aligned objects :-( */
-#ifdef DES_PTR
-
-/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
- * is no reason to not xor all the sub items together. This potentially
- * saves a register since things can be xored directly into L */
-
-#if defined(DES_RISC1) || defined(DES_RISC2)
-#ifdef DES_RISC1
-#define D_ENCRYPT(LL,R,S) { \
- unsigned int u1,u2,u3; \
- LOAD_DATA(R,S,u,t,E0,E1,u1); \
- u2=(int)u>>8L; \
- u1=(int)u&0xfc; \
- u2&=0xfc; \
- t=ROTATE(t,4); \
- u>>=16L; \
- LL^= *(const DES_LONG *)(des_SP +u1); \
- LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
- u3=(int)(u>>8L); \
- u1=(int)u&0xfc; \
- u3&=0xfc; \
- LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
- LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
- u2=(int)t>>8L; \
- u1=(int)t&0xfc; \
- u2&=0xfc; \
- t>>=16L; \
- LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
- LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
- u3=(int)t>>8L; \
- u1=(int)t&0xfc; \
- u3&=0xfc; \
- LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
- LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
-#endif
-#ifdef DES_RISC2
-#define D_ENCRYPT(LL,R,S) { \
- unsigned int u1,u2,s1,s2; \
- LOAD_DATA(R,S,u,t,E0,E1,u1); \
- u2=(int)u>>8L; \
- u1=(int)u&0xfc; \
- u2&=0xfc; \
- t=ROTATE(t,4); \
- LL^= *(const DES_LONG *)(des_SP +u1); \
- LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
- s1=(int)(u>>16L); \
- s2=(int)(u>>24L); \
- s1&=0xfc; \
- s2&=0xfc; \
- LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
- LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
- u2=(int)t>>8L; \
- u1=(int)t&0xfc; \
- u2&=0xfc; \
- LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
- LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
- s1=(int)(t>>16L); \
- s2=(int)(t>>24L); \
- s1&=0xfc; \
- s2&=0xfc; \
- LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
- LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
-#endif
-#else
-#define D_ENCRYPT(LL,R,S) { \
- LOAD_DATA_tmp(R,S,u,t,E0,E1); \
- t=ROTATE(t,4); \
- LL^= \
- *(const DES_LONG *)(des_SP +((u )&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x100+((t )&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
-#endif
-
-#else /* original version */
-
-#if defined(DES_RISC1) || defined(DES_RISC2)
-#ifdef DES_RISC1
-#define D_ENCRYPT(LL,R,S) {\
- unsigned int u1,u2,u3; \
- LOAD_DATA(R,S,u,t,E0,E1,u1); \
- u>>=2L; \
- t=ROTATE(t,6); \
- u2=(int)u>>8L; \
- u1=(int)u&0x3f; \
- u2&=0x3f; \
- u>>=16L; \
- LL^=des_SPtrans[0][u1]; \
- LL^=des_SPtrans[2][u2]; \
- u3=(int)u>>8L; \
- u1=(int)u&0x3f; \
- u3&=0x3f; \
- LL^=des_SPtrans[4][u1]; \
- LL^=des_SPtrans[6][u3]; \
- u2=(int)t>>8L; \
- u1=(int)t&0x3f; \
- u2&=0x3f; \
- t>>=16L; \
- LL^=des_SPtrans[1][u1]; \
- LL^=des_SPtrans[3][u2]; \
- u3=(int)t>>8L; \
- u1=(int)t&0x3f; \
- u3&=0x3f; \
- LL^=des_SPtrans[5][u1]; \
- LL^=des_SPtrans[7][u3]; }
-#endif
-#ifdef DES_RISC2
-#define D_ENCRYPT(LL,R,S) {\
- unsigned int u1,u2,s1,s2; \
- LOAD_DATA(R,S,u,t,E0,E1,u1); \
- u>>=2L; \
- t=ROTATE(t,6); \
- u2=(int)u>>8L; \
- u1=(int)u&0x3f; \
- u2&=0x3f; \
- LL^=des_SPtrans[0][u1]; \
- LL^=des_SPtrans[2][u2]; \
- s1=(int)u>>16L; \
- s2=(int)u>>24L; \
- s1&=0x3f; \
- s2&=0x3f; \
- LL^=des_SPtrans[4][s1]; \
- LL^=des_SPtrans[6][s2]; \
- u2=(int)t>>8L; \
- u1=(int)t&0x3f; \
- u2&=0x3f; \
- LL^=des_SPtrans[1][u1]; \
- LL^=des_SPtrans[3][u2]; \
- s1=(int)t>>16; \
- s2=(int)t>>24L; \
- s1&=0x3f; \
- s2&=0x3f; \
- LL^=des_SPtrans[5][s1]; \
- LL^=des_SPtrans[7][s2]; }
-#endif
-
-#else
-
-#define D_ENCRYPT(LL,R,S) {\
- LOAD_DATA_tmp(R,S,u,t,E0,E1); \
- t=ROTATE(t,4); \
- LL^=\
- des_SPtrans[0][(u>> 2L)&0x3f]^ \
- des_SPtrans[2][(u>>10L)&0x3f]^ \
- des_SPtrans[4][(u>>18L)&0x3f]^ \
- des_SPtrans[6][(u>>26L)&0x3f]^ \
- des_SPtrans[1][(t>> 2L)&0x3f]^ \
- des_SPtrans[3][(t>>10L)&0x3f]^ \
- des_SPtrans[5][(t>>18L)&0x3f]^ \
- des_SPtrans[7][(t>>26L)&0x3f]; }
-#endif
-#endif
-
- /* IP and FP
- * The problem is more of a geometric problem that random bit fiddling.
- 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
- 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
- 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
- 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
-
- 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
- 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
- 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
- 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
-
- The output has been subject to swaps of the form
- 0 1 -> 3 1 but the odd and even bits have been put into
- 2 3 2 0
- different words. The main trick is to remember that
- t=((l>>size)^r)&(mask);
- r^=t;
- l^=(t<<size);
- can be used to swap and move bits between words.
-
- So l = 0 1 2 3 r = 16 17 18 19
- 4 5 6 7 20 21 22 23
- 8 9 10 11 24 25 26 27
- 12 13 14 15 28 29 30 31
- becomes (for size == 2 and mask == 0x3333)
- t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
- 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
- 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
- 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
-
- Thanks for hints from Richard Outerbridge - he told me IP&FP
- could be done in 15 xor, 10 shifts and 5 ands.
- When I finally started to think of the problem in 2D
- I first got ~42 operations without xors. When I remembered
- how to use xors :-) I got it to its final state.
- */
-#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
- (b)^=(t),\
- (a)^=((t)<<(n)))
-
-#define IP(l,r) \
- { \
- register DES_LONG tt; \
- PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
- PERM_OP(l,r,tt,16,0x0000ffffL); \
- PERM_OP(r,l,tt, 2,0x33333333L); \
- PERM_OP(l,r,tt, 8,0x00ff00ffL); \
- PERM_OP(r,l,tt, 1,0x55555555L); \
- }
-
-#define FP(l,r) \
- { \
- register DES_LONG tt; \
- PERM_OP(l,r,tt, 1,0x55555555L); \
- PERM_OP(r,l,tt, 8,0x00ff00ffL); \
- PERM_OP(l,r,tt, 2,0x33333333L); \
- PERM_OP(r,l,tt,16,0x0000ffffL); \
- PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
- }
-
-OPENSSL_EXTERN const DES_LONG des_SPtrans[8][64];
-
-void fcrypt_body(DES_LONG *out,des_key_schedule ks,
- DES_LONG Eswap0, DES_LONG Eswap1);
-#endif
diff --git a/src/lib/libcrypto/des/ecb3_enc.c b/src/lib/libcrypto/des/ecb3_enc.c
deleted file mode 100644
index fb28b97e1a..0000000000
--- a/src/lib/libcrypto/des/ecb3_enc.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* crypto/des/ecb3_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-void des_ecb3_encrypt(const_des_cblock *input, des_cblock *output,
- des_key_schedule ks1, des_key_schedule ks2, des_key_schedule ks3,
- int enc)
- {
- register DES_LONG l0,l1;
- DES_LONG ll[2];
- const unsigned char *in = &(*input)[0];
- unsigned char *out = &(*output)[0];
-
- c2l(in,l0);
- c2l(in,l1);
- ll[0]=l0;
- ll[1]=l1;
- if (enc)
- des_encrypt3(ll,ks1,ks2,ks3);
- else
- des_decrypt3(ll,ks1,ks2,ks3);
- l0=ll[0];
- l1=ll[1];
- l2c(l0,out);
- l2c(l1,out);
- }
diff --git a/src/lib/libcrypto/des/ecb_enc.c b/src/lib/libcrypto/des/ecb_enc.c
deleted file mode 100644
index d481327ef3..0000000000
--- a/src/lib/libcrypto/des/ecb_enc.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/des/ecb_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-#include "spr.h"
-#include <openssl/opensslv.h>
-
-OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT;
-OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT;
-
-const char *des_options(void)
- {
- static int init=1;
- static char buf[32];
-
- if (init)
- {
- const char *ptr,*unroll,*risc,*size;
-
-#ifdef DES_PTR
- ptr="ptr";
-#else
- ptr="idx";
-#endif
-#if defined(DES_RISC1) || defined(DES_RISC2)
-#ifdef DES_RISC1
- risc="risc1";
-#endif
-#ifdef DES_RISC2
- risc="risc2";
-#endif
-#else
- risc="cisc";
-#endif
-#ifdef DES_UNROLL
- unroll="16";
-#else
- unroll="4";
-#endif
- if (sizeof(DES_LONG) != sizeof(long))
- size="int";
- else
- size="long";
- sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size);
- init=0;
- }
- return(buf);
- }
-
-
-void des_ecb_encrypt(const_des_cblock *input, des_cblock *output,
- des_key_schedule ks,
- int enc)
- {
- register DES_LONG l;
- DES_LONG ll[2];
- const unsigned char *in = &(*input)[0];
- unsigned char *out = &(*output)[0];
-
- c2l(in,l); ll[0]=l;
- c2l(in,l); ll[1]=l;
- des_encrypt1(ll,ks,enc);
- l=ll[0]; l2c(l,out);
- l=ll[1]; l2c(l,out);
- l=ll[0]=ll[1]=0;
- }
-
diff --git a/src/lib/libcrypto/des/ede_cbcm_enc.c b/src/lib/libcrypto/des/ede_cbcm_enc.c
deleted file mode 100644
index b98f7e17af..0000000000
--- a/src/lib/libcrypto/des/ede_cbcm_enc.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/* ede_cbcm_enc.c */
-/* Written by Ben Laurie <ben@algroup.co.uk> for the OpenSSL
- * project 13 Feb 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
-
-This is an implementation of Triple DES Cipher Block Chaining with Output
-Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
-
-Note that there is a known attack on this by Biham and Knudsen but it takes
-a lot of work:
-
-http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz
-
-*/
-
-#ifndef NO_DESCBCM
-#include "des_locl.h"
-
-void des_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
- long length, des_key_schedule ks1, des_key_schedule ks2,
- des_key_schedule ks3, des_cblock *ivec1, des_cblock *ivec2,
- int enc)
- {
- register DES_LONG tin0,tin1;
- register DES_LONG tout0,tout1,xor0,xor1,m0,m1;
- register long l=length;
- DES_LONG tin[2];
- unsigned char *iv1,*iv2;
-
- iv1 = &(*ivec1)[0];
- iv2 = &(*ivec2)[0];
-
- if (enc)
- {
- c2l(iv1,m0);
- c2l(iv1,m1);
- c2l(iv2,tout0);
- c2l(iv2,tout1);
- for (l-=8; l>=-7; l-=8)
- {
- tin[0]=m0;
- tin[1]=m1;
- des_encrypt1(tin,ks3,1);
- m0=tin[0];
- m1=tin[1];
-
- if(l < 0)
- {
- c2ln(in,tin0,tin1,l+8);
- }
- else
- {
- c2l(in,tin0);
- c2l(in,tin1);
- }
- tin0^=tout0;
- tin1^=tout1;
-
- tin[0]=tin0;
- tin[1]=tin1;
- des_encrypt1(tin,ks1,1);
- tin[0]^=m0;
- tin[1]^=m1;
- des_encrypt1(tin,ks2,0);
- tin[0]^=m0;
- tin[1]^=m1;
- des_encrypt1(tin,ks1,1);
- tout0=tin[0];
- tout1=tin[1];
-
- l2c(tout0,out);
- l2c(tout1,out);
- }
- iv1=&(*ivec1)[0];
- l2c(m0,iv1);
- l2c(m1,iv1);
-
- iv2=&(*ivec2)[0];
- l2c(tout0,iv2);
- l2c(tout1,iv2);
- }
- else
- {
- register DES_LONG t0,t1;
-
- c2l(iv1,m0);
- c2l(iv1,m1);
- c2l(iv2,xor0);
- c2l(iv2,xor1);
- for (l-=8; l>=-7; l-=8)
- {
- tin[0]=m0;
- tin[1]=m1;
- des_encrypt1(tin,ks3,1);
- m0=tin[0];
- m1=tin[1];
-
- c2l(in,tin0);
- c2l(in,tin1);
-
- t0=tin0;
- t1=tin1;
-
- tin[0]=tin0;
- tin[1]=tin1;
- des_encrypt1(tin,ks1,0);
- tin[0]^=m0;
- tin[1]^=m1;
- des_encrypt1(tin,ks2,1);
- tin[0]^=m0;
- tin[1]^=m1;
- des_encrypt1(tin,ks1,0);
- tout0=tin[0];
- tout1=tin[1];
-
- tout0^=xor0;
- tout1^=xor1;
- if(l < 0)
- {
- l2cn(tout0,tout1,out,l+8);
- }
- else
- {
- l2c(tout0,out);
- l2c(tout1,out);
- }
- xor0=t0;
- xor1=t1;
- }
-
- iv1=&(*ivec1)[0];
- l2c(m0,iv1);
- l2c(m1,iv1);
-
- iv2=&(*ivec2)[0];
- l2c(xor0,iv2);
- l2c(xor1,iv2);
- }
- tin0=tin1=tout0=tout1=xor0=xor1=0;
- tin[0]=tin[1]=0;
- }
-#endif
diff --git a/src/lib/libcrypto/des/enc_read.c b/src/lib/libcrypto/des/enc_read.c
deleted file mode 100644
index af2d9177d2..0000000000
--- a/src/lib/libcrypto/des/enc_read.c
+++ /dev/null
@@ -1,228 +0,0 @@
-/* crypto/des/enc_read.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include "des_locl.h"
-
-/* This has some uglies in it but it works - even over sockets. */
-/*extern int errno;*/
-OPENSSL_GLOBAL int des_rw_mode=DES_PCBC_MODE;
-
-
-/*
- * WARNINGS:
- *
- * - The data format used by des_enc_write() and des_enc_read()
- * has a cryptographic weakness: When asked to write more
- * than MAXWRITE bytes, des_enc_write will split the data
- * into several chunks that are all encrypted
- * using the same IV. So don't use these functions unless you
- * are sure you know what you do (in which case you might
- * not want to use them anyway).
- *
- * - This code cannot handle non-blocking sockets.
- *
- * - This function uses an internal state and thus cannot be
- * used on multiple files.
- */
-
-
-int des_enc_read(int fd, void *buf, int len, des_key_schedule sched,
- des_cblock *iv)
- {
- /* data to be unencrypted */
- int net_num=0;
- static unsigned char *net=NULL;
- /* extra unencrypted data
- * for when a block of 100 comes in but is des_read one byte at
- * a time. */
- static unsigned char *unnet=NULL;
- static int unnet_start=0;
- static int unnet_left=0;
- static unsigned char *tmpbuf=NULL;
- int i;
- long num=0,rnum;
- unsigned char *p;
-
- if (tmpbuf == NULL)
- {
- tmpbuf=OPENSSL_malloc(BSIZE);
- if (tmpbuf == NULL) return(-1);
- }
- if (net == NULL)
- {
- net=OPENSSL_malloc(BSIZE);
- if (net == NULL) return(-1);
- }
- if (unnet == NULL)
- {
- unnet=OPENSSL_malloc(BSIZE);
- if (unnet == NULL) return(-1);
- }
- /* left over data from last decrypt */
- if (unnet_left != 0)
- {
- if (unnet_left < len)
- {
- /* we still still need more data but will return
- * with the number of bytes we have - should always
- * check the return value */
- memcpy(buf,&(unnet[unnet_start]),
- unnet_left);
- /* eay 26/08/92 I had the next 2 lines
- * reversed :-( */
- i=unnet_left;
- unnet_start=unnet_left=0;
- }
- else
- {
- memcpy(buf,&(unnet[unnet_start]),len);
- unnet_start+=len;
- unnet_left-=len;
- i=len;
- }
- return(i);
- }
-
- /* We need to get more data. */
- if (len > MAXWRITE) len=MAXWRITE;
-
- /* first - get the length */
- while (net_num < HDRSIZE)
- {
- i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num);
-#ifdef EINTR
- if ((i == -1) && (errno == EINTR)) continue;
-#endif
- if (i <= 0) return(0);
- net_num+=i;
- }
-
- /* we now have at net_num bytes in net */
- p=net;
- /* num=0; */
- n2l(p,num);
- /* num should be rounded up to the next group of eight
- * we make sure that we have read a multiple of 8 bytes from the net.
- */
- if ((num > MAXWRITE) || (num < 0)) /* error */
- return(-1);
- rnum=(num < 8)?8:((num+7)/8*8);
-
- net_num=0;
- while (net_num < rnum)
- {
- i=read(fd,(void *)&(net[net_num]),rnum-net_num);
-#ifdef EINTR
- if ((i == -1) && (errno == EINTR)) continue;
-#endif
- if (i <= 0) return(0);
- net_num+=i;
- }
-
- /* Check if there will be data left over. */
- if (len < num)
- {
- if (des_rw_mode & DES_PCBC_MODE)
- des_pcbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
- else
- des_cbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
- memcpy(buf,unnet,len);
- unnet_start=len;
- unnet_left=num-len;
-
- /* The following line is done because we return num
- * as the number of bytes read. */
- num=len;
- }
- else
- {
- /* >output is a multiple of 8 byes, if len < rnum
- * >we must be careful. The user must be aware that this
- * >routine will write more bytes than he asked for.
- * >The length of the buffer must be correct.
- * FIXED - Should be ok now 18-9-90 - eay */
- if (len < rnum)
- {
-
- if (des_rw_mode & DES_PCBC_MODE)
- des_pcbc_encrypt(net,tmpbuf,num,sched,iv,
- DES_DECRYPT);
- else
- des_cbc_encrypt(net,tmpbuf,num,sched,iv,
- DES_DECRYPT);
-
- /* eay 26/08/92 fix a bug that returned more
- * bytes than you asked for (returned len bytes :-( */
- memcpy(buf,tmpbuf,num);
- }
- else
- {
- if (des_rw_mode & DES_PCBC_MODE)
- des_pcbc_encrypt(net,buf,num,sched,iv,
- DES_DECRYPT);
- else
- des_cbc_encrypt(net,buf,num,sched,iv,
- DES_DECRYPT);
- }
- }
- return num;
- }
-
diff --git a/src/lib/libcrypto/des/enc_writ.c b/src/lib/libcrypto/des/enc_writ.c
deleted file mode 100644
index cc2b50fb50..0000000000
--- a/src/lib/libcrypto/des/enc_writ.c
+++ /dev/null
@@ -1,171 +0,0 @@
-/* crypto/des/enc_writ.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <time.h>
-#include <stdio.h>
-#include "cryptlib.h"
-#include "des_locl.h"
-#include <openssl/rand.h>
-
-/*
- * WARNINGS:
- *
- * - The data format used by des_enc_write() and des_enc_read()
- * has a cryptographic weakness: When asked to write more
- * than MAXWRITE bytes, des_enc_write will split the data
- * into several chunks that are all encrypted
- * using the same IV. So don't use these functions unless you
- * are sure you know what you do (in which case you might
- * not want to use them anyway).
- *
- * - This code cannot handle non-blocking sockets.
- */
-
-int des_enc_write(int fd, const void *_buf, int len,
- des_key_schedule sched, des_cblock *iv)
- {
-#ifdef _LIBC
- extern unsigned long time();
- extern int write();
-#endif
- const unsigned char *buf=_buf;
- long rnum;
- int i,j,k,outnum;
- static unsigned char *outbuf=NULL;
- unsigned char shortbuf[8];
- unsigned char *p;
- const unsigned char *cp;
- static int start=1;
-
- if (outbuf == NULL)
- {
- outbuf=OPENSSL_malloc(BSIZE+HDRSIZE);
- if (outbuf == NULL) return(-1);
- }
- /* If we are sending less than 8 bytes, the same char will look
- * the same if we don't pad it out with random bytes */
- if (start)
- {
- start=0;
- }
-
- /* lets recurse if we want to send the data in small chunks */
- if (len > MAXWRITE)
- {
- j=0;
- for (i=0; i<len; i+=k)
- {
- k=des_enc_write(fd,&(buf[i]),
- ((len-i) > MAXWRITE)?MAXWRITE:(len-i),sched,iv);
- if (k < 0)
- return(k);
- else
- j+=k;
- }
- return(j);
- }
-
- /* write length first */
- p=outbuf;
- l2n(len,p);
-
- /* pad short strings */
- if (len < 8)
- {
- cp=shortbuf;
- memcpy(shortbuf,buf,len);
- RAND_pseudo_bytes(shortbuf+len, 8-len);
- rnum=8;
- }
- else
- {
- cp=buf;
- rnum=((len+7)/8*8); /* round up to nearest eight */
- }
-
- if (des_rw_mode & DES_PCBC_MODE)
- des_pcbc_encrypt(cp,&(outbuf[HDRSIZE]),(len<8)?8:len,sched,iv,
- DES_ENCRYPT);
- else
- des_cbc_encrypt(cp,&(outbuf[HDRSIZE]),(len<8)?8:len,sched,iv,
- DES_ENCRYPT);
-
- /* output */
- outnum=rnum+HDRSIZE;
-
- for (j=0; j<outnum; j+=i)
- {
- /* eay 26/08/92 I was not doing writing from where we
- * got up to. */
- i=write(fd,(void *)&(outbuf[j]),outnum-j);
- if (i == -1)
- {
-#ifdef EINTR
- if (errno == EINTR)
- i=0;
- else
-#endif
- /* This is really a bad error - very bad
- * It will stuff-up both ends. */
- return(-1);
- }
- }
-
- return(len);
- }
diff --git a/src/lib/libcrypto/des/fcrypt.c b/src/lib/libcrypto/des/fcrypt.c
deleted file mode 100644
index 9b21f81cc2..0000000000
--- a/src/lib/libcrypto/des/fcrypt.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/* NOCW */
-#include <stdio.h>
-
-/* This version of crypt has been developed from my MIT compatible
- * DES library.
- * Eric Young (eay@cryptsoft.com)
- */
-
-/* Modification by Jens Kupferschmidt (Cu)
- * I have included directive PARA for shared memory computers.
- * I have included a directive LONGCRYPT to using this routine to cipher
- * passwords with more then 8 bytes like HP-UX 10.x it used. The MAXPLEN
- * definition is the maximum of length of password and can changed. I have
- * defined 24.
- */
-
-#include "des_locl.h"
-
-/* Added more values to handle illegal salt values the way normal
- * crypt() implementations do. The patch was sent by
- * Bjorn Gronvall <bg@sics.se>
- */
-static unsigned const char con_salt[128]={
-0xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0xD8,0xD9,
-0xDA,0xDB,0xDC,0xDD,0xDE,0xDF,0xE0,0xE1,
-0xE2,0xE3,0xE4,0xE5,0xE6,0xE7,0xE8,0xE9,
-0xEA,0xEB,0xEC,0xED,0xEE,0xEF,0xF0,0xF1,
-0xF2,0xF3,0xF4,0xF5,0xF6,0xF7,0xF8,0xF9,
-0xFA,0xFB,0xFC,0xFD,0xFE,0xFF,0x00,0x01,
-0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,
-0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A,
-0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12,
-0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,
-0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22,
-0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24,
-0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,
-0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,
-0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,
-0x3D,0x3E,0x3F,0x40,0x41,0x42,0x43,0x44,
-};
-
-static unsigned const char cov_2char[64]={
-0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
-0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
-0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
-0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
-0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
-0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
-0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
-0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
-};
-
-#ifndef NOPROTO
-void fcrypt_body(DES_LONG *out,des_key_schedule ks,
- DES_LONG Eswap0, DES_LONG Eswap1);
-
-#if defined(PERL5) || defined(FreeBSD) || defined(__OpenBSD__)
-char *des_crypt(const char *buf,const char *salt);
-#else
-char *crypt(const char *buf,const char *salt);
-#endif
-#else
-void fcrypt_body();
-#ifdef PERL5
-char *des_crypt();
-#else
-char *crypt();
-#endif
-#endif
-
-#if defined(PERL5) || defined(FreeBSD) || defined(__OpenBSD__)
-char *des_crypt(buf,salt)
-#else
-char *crypt(buf,salt)
-#endif
-const char *buf;
-const char *salt;
- {
- static char buff[14];
-
- return(des_fcrypt(buf,salt,buff));
- }
-
-
-char *des_fcrypt(buf,salt,ret)
-const char *buf;
-const char *salt;
-char *ret;
- {
- unsigned int i,j,x,y;
- DES_LONG Eswap0,Eswap1;
- DES_LONG out[2],ll;
- des_cblock key;
- des_key_schedule ks;
- unsigned char bb[9];
- unsigned char *b=bb;
- unsigned char c,u;
-
- /* eay 25/08/92
- * If you call crypt("pwd","*") as often happens when you
- * have * as the pwd field in /etc/passwd, the function
- * returns *\0XXXXXXXXX
- * The \0 makes the string look like * so the pwd "*" would
- * crypt to "*". This was found when replacing the crypt in
- * our shared libraries. People found that the disabled
- * accounts effectively had no passwd :-(. */
- x=ret[0]=((salt[0] == '\0')?'A':salt[0]);
- Eswap0=con_salt[x]<<2;
- x=ret[1]=((salt[1] == '\0')?'A':salt[1]);
- Eswap1=con_salt[x]<<6;
-
-/* EAY
-r=strlen(buf);
-r=(r+7)/8;
-*/
- for (i=0; i<8; i++)
- {
- c= *(buf++);
- if (!c) break;
- key[i]=(c<<1);
- }
- for (; i<8; i++)
- key[i]=0;
-
- des_set_key_unchecked(&key,ks);
- fcrypt_body(&(out[0]),ks,Eswap0,Eswap1);
-
- ll=out[0]; l2c(ll,b);
- ll=out[1]; l2c(ll,b);
- y=0;
- u=0x80;
- bb[8]=0;
- for (i=2; i<13; i++)
- {
- c=0;
- for (j=0; j<6; j++)
- {
- c<<=1;
- if (bb[y] & u) c|=1;
- u>>=1;
- if (!u)
- {
- y++;
- u=0x80;
- }
- }
- ret[i]=cov_2char[c];
- }
- ret[13]='\0';
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/des/fcrypt_b.c b/src/lib/libcrypto/des/fcrypt_b.c
deleted file mode 100644
index 22c87f5983..0000000000
--- a/src/lib/libcrypto/des/fcrypt_b.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* crypto/des/fcrypt_b.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-/* This version of crypt has been developed from my MIT compatible
- * DES library.
- * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
- * Eric Young (eay@cryptsoft.com)
- */
-
-#define DES_FCRYPT
-#include "des_locl.h"
-#undef DES_FCRYPT
-
-#undef PERM_OP
-#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
- (b)^=(t),\
- (a)^=((t)<<(n)))
-
-#undef HPERM_OP
-#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
- (a)=(a)^(t)^(t>>(16-(n))))\
-
-void fcrypt_body(DES_LONG *out, des_key_schedule ks, DES_LONG Eswap0,
- DES_LONG Eswap1)
- {
- register DES_LONG l,r,t,u;
-#ifdef DES_PTR
- register const unsigned char *des_SP=(const unsigned char *)des_SPtrans;
-#endif
- register DES_LONG *s;
- register int j;
- register DES_LONG E0,E1;
-
- l=0;
- r=0;
-
- s=(DES_LONG *)ks;
- E0=Eswap0;
- E1=Eswap1;
-
- for (j=0; j<25; j++)
- {
-#ifndef DES_UNROLL
- register int i;
-
- for (i=0; i<32; i+=8)
- {
- D_ENCRYPT(l,r,i+0); /* 1 */
- D_ENCRYPT(r,l,i+2); /* 2 */
- D_ENCRYPT(l,r,i+4); /* 1 */
- D_ENCRYPT(r,l,i+6); /* 2 */
- }
-#else
- D_ENCRYPT(l,r, 0); /* 1 */
- D_ENCRYPT(r,l, 2); /* 2 */
- D_ENCRYPT(l,r, 4); /* 3 */
- D_ENCRYPT(r,l, 6); /* 4 */
- D_ENCRYPT(l,r, 8); /* 5 */
- D_ENCRYPT(r,l,10); /* 6 */
- D_ENCRYPT(l,r,12); /* 7 */
- D_ENCRYPT(r,l,14); /* 8 */
- D_ENCRYPT(l,r,16); /* 9 */
- D_ENCRYPT(r,l,18); /* 10 */
- D_ENCRYPT(l,r,20); /* 11 */
- D_ENCRYPT(r,l,22); /* 12 */
- D_ENCRYPT(l,r,24); /* 13 */
- D_ENCRYPT(r,l,26); /* 14 */
- D_ENCRYPT(l,r,28); /* 15 */
- D_ENCRYPT(r,l,30); /* 16 */
-#endif
-
- t=l;
- l=r;
- r=t;
- }
- l=ROTATE(l,3)&0xffffffffL;
- r=ROTATE(r,3)&0xffffffffL;
-
- PERM_OP(l,r,t, 1,0x55555555L);
- PERM_OP(r,l,t, 8,0x00ff00ffL);
- PERM_OP(l,r,t, 2,0x33333333L);
- PERM_OP(r,l,t,16,0x0000ffffL);
- PERM_OP(l,r,t, 4,0x0f0f0f0fL);
-
- out[0]=r;
- out[1]=l;
- }
-
diff --git a/src/lib/libcrypto/des/ncbc_enc.c b/src/lib/libcrypto/des/ncbc_enc.c
deleted file mode 100644
index b8db07b199..0000000000
--- a/src/lib/libcrypto/des/ncbc_enc.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* crypto/des/ncbc_enc.c */
-/*
- * #included by:
- * cbc_enc.c (des_cbc_encrypt)
- * des_enc.c (des_ncbc_encrypt)
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-#ifdef CBC_ENC_C__DONT_UPDATE_IV
-void des_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- des_key_schedule schedule, des_cblock *ivec, int enc)
-#else
-void des_ncbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- des_key_schedule schedule, des_cblock *ivec, int enc)
-#endif
- {
- register DES_LONG tin0,tin1;
- register DES_LONG tout0,tout1,xor0,xor1;
- register long l=length;
- DES_LONG tin[2];
- unsigned char *iv;
-
- iv = &(*ivec)[0];
-
- if (enc)
- {
- c2l(iv,tout0);
- c2l(iv,tout1);
- for (l-=8; l>=0; l-=8)
- {
- c2l(in,tin0);
- c2l(in,tin1);
- tin0^=tout0; tin[0]=tin0;
- tin1^=tout1; tin[1]=tin1;
- des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
- tout0=tin[0]; l2c(tout0,out);
- tout1=tin[1]; l2c(tout1,out);
- }
- if (l != -8)
- {
- c2ln(in,tin0,tin1,l+8);
- tin0^=tout0; tin[0]=tin0;
- tin1^=tout1; tin[1]=tin1;
- des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
- tout0=tin[0]; l2c(tout0,out);
- tout1=tin[1]; l2c(tout1,out);
- }
-#ifndef CBC_ENC_C__DONT_UPDATE_IV
- iv = &(*ivec)[0];
- l2c(tout0,iv);
- l2c(tout1,iv);
-#endif
- }
- else
- {
- c2l(iv,xor0);
- c2l(iv,xor1);
- for (l-=8; l>=0; l-=8)
- {
- c2l(in,tin0); tin[0]=tin0;
- c2l(in,tin1); tin[1]=tin1;
- des_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
- tout0=tin[0]^xor0;
- tout1=tin[1]^xor1;
- l2c(tout0,out);
- l2c(tout1,out);
- xor0=tin0;
- xor1=tin1;
- }
- if (l != -8)
- {
- c2l(in,tin0); tin[0]=tin0;
- c2l(in,tin1); tin[1]=tin1;
- des_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
- tout0=tin[0]^xor0;
- tout1=tin[1]^xor1;
- l2cn(tout0,tout1,out,l+8);
-#ifndef CBC_ENC_C__DONT_UPDATE_IV
- xor0=tin0;
- xor1=tin1;
-#endif
- }
-#ifndef CBC_ENC_C__DONT_UPDATE_IV
- iv = &(*ivec)[0];
- l2c(xor0,iv);
- l2c(xor1,iv);
-#endif
- }
- tin0=tin1=tout0=tout1=xor0=xor1=0;
- tin[0]=tin[1]=0;
- }
diff --git a/src/lib/libcrypto/des/ofb64ede.c b/src/lib/libcrypto/des/ofb64ede.c
deleted file mode 100644
index 6eafe908da..0000000000
--- a/src/lib/libcrypto/des/ofb64ede.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* crypto/des/ofb64ede.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void des_ede3_ofb64_encrypt(register const unsigned char *in,
- register unsigned char *out, long length, des_key_schedule k1,
- des_key_schedule k2, des_key_schedule k3, des_cblock *ivec,
- int *num)
- {
- register DES_LONG v0,v1;
- register int n= *num;
- register long l=length;
- des_cblock d;
- register char *dp;
- DES_LONG ti[2];
- unsigned char *iv;
- int save=0;
-
- iv = &(*ivec)[0];
- c2l(iv,v0);
- c2l(iv,v1);
- ti[0]=v0;
- ti[1]=v1;
- dp=(char *)d;
- l2c(v0,dp);
- l2c(v1,dp);
- while (l--)
- {
- if (n == 0)
- {
- /* ti[0]=v0; */
- /* ti[1]=v1; */
- des_encrypt3(ti,k1,k2,k3);
- v0=ti[0];
- v1=ti[1];
-
- dp=(char *)d;
- l2c(v0,dp);
- l2c(v1,dp);
- save++;
- }
- *(out++)= *(in++)^d[n];
- n=(n+1)&0x07;
- }
- if (save)
- {
-/* v0=ti[0];
- v1=ti[1];*/
- iv = &(*ivec)[0];
- l2c(v0,iv);
- l2c(v1,iv);
- }
- v0=v1=ti[0]=ti[1]=0;
- *num=n;
- }
-
-#ifdef undef /* MACRO */
-void des_ede2_ofb64_encrypt(register unsigned char *in,
- register unsigned char *out, long length, des_key_schedule k1,
- des_key_schedule k2, des_cblock (*ivec), int *num)
- {
- des_ede3_ofb64_encrypt(in, out, length, k1,k2,k1, ivec, num);
- }
-#endif
diff --git a/src/lib/libcrypto/des/ofb64enc.c b/src/lib/libcrypto/des/ofb64enc.c
deleted file mode 100644
index 1a1d1f1ac4..0000000000
--- a/src/lib/libcrypto/des/ofb64enc.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/des/ofb64enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void des_ofb64_encrypt(register const unsigned char *in,
- register unsigned char *out, long length, des_key_schedule schedule,
- des_cblock *ivec, int *num)
- {
- register DES_LONG v0,v1,t;
- register int n= *num;
- register long l=length;
- des_cblock d;
- register unsigned char *dp;
- DES_LONG ti[2];
- unsigned char *iv;
- int save=0;
-
- iv = &(*ivec)[0];
- c2l(iv,v0);
- c2l(iv,v1);
- ti[0]=v0;
- ti[1]=v1;
- dp=d;
- l2c(v0,dp);
- l2c(v1,dp);
- while (l--)
- {
- if (n == 0)
- {
- des_encrypt1(ti,schedule,DES_ENCRYPT);
- dp=d;
- t=ti[0]; l2c(t,dp);
- t=ti[1]; l2c(t,dp);
- save++;
- }
- *(out++)= *(in++)^d[n];
- n=(n+1)&0x07;
- }
- if (save)
- {
- v0=ti[0];
- v1=ti[1];
- iv = &(*ivec)[0];
- l2c(v0,iv);
- l2c(v1,iv);
- }
- t=v0=v1=ti[0]=ti[1]=0;
- *num=n;
- }
-
diff --git a/src/lib/libcrypto/des/ofb_enc.c b/src/lib/libcrypto/des/ofb_enc.c
deleted file mode 100644
index 70493e632c..0000000000
--- a/src/lib/libcrypto/des/ofb_enc.c
+++ /dev/null
@@ -1,134 +0,0 @@
-/* crypto/des/ofb_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output are loaded in multiples of 8 bits.
- * What this means is that if you hame numbits=12 and length=2
- * the first 12 bits will be retrieved from the first byte and half
- * the second. The second 12 bits will come from the 3rd and half the 4th
- * byte.
- */
-void des_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
- long length, des_key_schedule schedule, des_cblock *ivec)
- {
- register DES_LONG d0,d1,vv0,vv1,v0,v1,n=(numbits+7)/8;
- register DES_LONG mask0,mask1;
- register long l=length;
- register int num=numbits;
- DES_LONG ti[2];
- unsigned char *iv;
-
- if (num > 64) return;
- if (num > 32)
- {
- mask0=0xffffffffL;
- if (num >= 64)
- mask1=mask0;
- else
- mask1=(1L<<(num-32))-1;
- }
- else
- {
- if (num == 32)
- mask0=0xffffffffL;
- else
- mask0=(1L<<num)-1;
- mask1=0x00000000L;
- }
-
- iv = &(*ivec)[0];
- c2l(iv,v0);
- c2l(iv,v1);
- ti[0]=v0;
- ti[1]=v1;
- while (l-- > 0)
- {
- ti[0]=v0;
- ti[1]=v1;
- des_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
- vv0=ti[0];
- vv1=ti[1];
- c2ln(in,d0,d1,n);
- in+=n;
- d0=(d0^vv0)&mask0;
- d1=(d1^vv1)&mask1;
- l2cn(d0,d1,out,n);
- out+=n;
-
- if (num == 32)
- { v0=v1; v1=vv0; }
- else if (num == 64)
- { v0=vv0; v1=vv1; }
- else if (num > 32) /* && num != 64 */
- {
- v0=((v1>>(num-32))|(vv0<<(64-num)))&0xffffffffL;
- v1=((vv0>>(num-32))|(vv1<<(64-num)))&0xffffffffL;
- }
- else /* num < 32 */
- {
- v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
- v1=((v1>>num)|(vv0<<(32-num)))&0xffffffffL;
- }
- }
- iv = &(*ivec)[0];
- l2c(v0,iv);
- l2c(v1,iv);
- v0=v1=d0=d1=ti[0]=ti[1]=vv0=vv1=0;
- }
-
diff --git a/src/lib/libcrypto/des/pcbc_enc.c b/src/lib/libcrypto/des/pcbc_enc.c
deleted file mode 100644
index 5b987f074d..0000000000
--- a/src/lib/libcrypto/des/pcbc_enc.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/des/pcbc_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-void des_pcbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, des_key_schedule schedule, des_cblock *ivec, int enc)
- {
- register DES_LONG sin0,sin1,xor0,xor1,tout0,tout1;
- DES_LONG tin[2];
- const unsigned char *in;
- unsigned char *out,*iv;
-
- in=input;
- out=output;
- iv = &(*ivec)[0];
-
- if (enc)
- {
- c2l(iv,xor0);
- c2l(iv,xor1);
- for (; length>0; length-=8)
- {
- if (length >= 8)
- {
- c2l(in,sin0);
- c2l(in,sin1);
- }
- else
- c2ln(in,sin0,sin1,length);
- tin[0]=sin0^xor0;
- tin[1]=sin1^xor1;
- des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
- tout0=tin[0];
- tout1=tin[1];
- xor0=sin0^tout0;
- xor1=sin1^tout1;
- l2c(tout0,out);
- l2c(tout1,out);
- }
- }
- else
- {
- c2l(iv,xor0); c2l(iv,xor1);
- for (; length>0; length-=8)
- {
- c2l(in,sin0);
- c2l(in,sin1);
- tin[0]=sin0;
- tin[1]=sin1;
- des_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
- tout0=tin[0]^xor0;
- tout1=tin[1]^xor1;
- if (length >= 8)
- {
- l2c(tout0,out);
- l2c(tout1,out);
- }
- else
- l2cn(tout0,tout1,out,length);
- xor0=tout0^sin0;
- xor1=tout1^sin1;
- }
- }
- tin[0]=tin[1]=0;
- sin0=sin1=xor0=xor1=tout0=tout1=0;
- }
diff --git a/src/lib/libcrypto/des/qud_cksm.c b/src/lib/libcrypto/des/qud_cksm.c
deleted file mode 100644
index 9fff989edb..0000000000
--- a/src/lib/libcrypto/des/qud_cksm.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* crypto/des/qud_cksm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer
- * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40
- * This module in only based on the code in this paper and is
- * almost definitely not the same as the MIT implementation.
- */
-#include "des_locl.h"
-
-/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
-#define Q_B0(a) (((DES_LONG)(a)))
-#define Q_B1(a) (((DES_LONG)(a))<<8)
-#define Q_B2(a) (((DES_LONG)(a))<<16)
-#define Q_B3(a) (((DES_LONG)(a))<<24)
-
-/* used to scramble things a bit */
-/* Got the value MIT uses via brute force :-) 2/10/90 eay */
-#define NOISE ((DES_LONG)83653421L)
-
-DES_LONG des_quad_cksum(const unsigned char *input, des_cblock output[],
- long length, int out_count, des_cblock *seed)
- {
- DES_LONG z0,z1,t0,t1;
- int i;
- long l;
- const unsigned char *cp;
-#ifdef _CRAY
- struct lp_st { int a:32; int b:32; } *lp;
-#else
- DES_LONG *lp;
-#endif
-
- if (out_count < 1) out_count=1;
-#ifdef _CRAY
- lp = (struct lp_st *) &(output[0])[0];
-#else
- lp = (DES_LONG *) &(output[0])[0];
-#endif
-
- z0=Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3((*seed)[3]);
- z1=Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3((*seed)[7]);
-
- for (i=0; ((i<4)&&(i<out_count)); i++)
- {
- cp=input;
- l=length;
- while (l > 0)
- {
- if (l > 1)
- {
- t0= (DES_LONG)(*(cp++));
- t0|=(DES_LONG)Q_B1(*(cp++));
- l--;
- }
- else
- t0= (DES_LONG)(*(cp++));
- l--;
- /* add */
- t0+=z0;
- t0&=0xffffffffL;
- t1=z1;
- /* square, well sort of square */
- z0=((((t0*t0)&0xffffffffL)+((t1*t1)&0xffffffffL))
- &0xffffffffL)%0x7fffffffL;
- z1=((t0*((t1+NOISE)&0xffffffffL))&0xffffffffL)%0x7fffffffL;
- }
- if (lp != NULL)
- {
- /* The MIT library assumes that the checksum is
- * composed of 2*out_count 32 bit ints */
-#ifdef _CRAY
- (*lp).a = z0;
- (*lp).b = z1;
- lp++;
-#else
- *lp++ = z0;
- *lp++ = z1;
-#endif
- }
- }
- return(z0);
- }
-
diff --git a/src/lib/libcrypto/des/rand_key.c b/src/lib/libcrypto/des/rand_key.c
deleted file mode 100644
index ee1a6c274e..0000000000
--- a/src/lib/libcrypto/des/rand_key.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* crypto/des/rand_key.c */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/des.h>
-#include <openssl/rand.h>
-
-void des_random_seed(des_cblock *key)
- {
- RAND_seed(key, sizeof(des_cblock));
- }
-
-int des_random_key(des_cblock *ret)
- {
- do
- {
- if (RAND_bytes((unsigned char *)ret, sizeof(des_cblock)) != 1)
- return (0);
- } while (des_is_weak_key(ret));
- des_set_odd_parity(ret);
- return (1);
- }
diff --git a/src/lib/libcrypto/des/set_key.c b/src/lib/libcrypto/des/set_key.c
deleted file mode 100644
index 09afd4fc03..0000000000
--- a/src/lib/libcrypto/des/set_key.c
+++ /dev/null
@@ -1,402 +0,0 @@
-/* crypto/des/set_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* set_key.c v 1.4 eay 24/9/91
- * 1.4 Speed up by 400% :-)
- * 1.3 added register declarations.
- * 1.2 unrolled make_key_sched a bit more
- * 1.1 added norm_expand_bits
- * 1.0 First working version
- */
-#include "des_locl.h"
-
-OPENSSL_GLOBAL int des_check_key=0;
-
-static const unsigned char odd_parity[256]={
- 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
- 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
- 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
- 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
- 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
- 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
- 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
-112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
-128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
-145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
-161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
-176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
-193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
-208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
-224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
-241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
-
-void des_set_odd_parity(des_cblock *key)
- {
- int i;
-
- for (i=0; i<DES_KEY_SZ; i++)
- (*key)[i]=odd_parity[(*key)[i]];
- }
-
-int des_check_key_parity(const_des_cblock *key)
- {
- int i;
-
- for (i=0; i<DES_KEY_SZ; i++)
- {
- if ((*key)[i] != odd_parity[(*key)[i]])
- return(0);
- }
- return(1);
- }
-
-/* Weak and semi week keys as take from
- * %A D.W. Davies
- * %A W.L. Price
- * %T Security for Computer Networks
- * %I John Wiley & Sons
- * %D 1984
- * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
- * (and actual cblock values).
- */
-#define NUM_WEAK_KEY 16
-static des_cblock weak_keys[NUM_WEAK_KEY]={
- /* weak keys */
- {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
- {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
- {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
- {0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
- /* semi-weak keys */
- {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
- {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
- {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
- {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
- {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
- {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
- {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
- {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
- {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
- {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
- {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
- {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
-
-int des_is_weak_key(const_des_cblock *key)
- {
- int i;
-
- for (i=0; i<NUM_WEAK_KEY; i++)
- /* Added == 0 to comparison, I obviously don't run
- * this section very often :-(, thanks to
- * engineering@MorningStar.Com for the fix
- * eay 93/06/29
- * Another problem, I was comparing only the first 4
- * bytes, 97/03/18 */
- if (memcmp(weak_keys[i],key,sizeof(des_cblock)) == 0) return(1);
- return(0);
- }
-
-/* NOW DEFINED IN des_local.h
- * See ecb_encrypt.c for a pseudo description of these macros.
- * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
- * (b)^=(t),\
- * (a)=((a)^((t)<<(n))))
- */
-
-#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
- (a)=(a)^(t)^(t>>(16-(n))))
-
-static const DES_LONG des_skb[8][64]={
- {
- /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
- 0x00000000L,0x00000010L,0x20000000L,0x20000010L,
- 0x00010000L,0x00010010L,0x20010000L,0x20010010L,
- 0x00000800L,0x00000810L,0x20000800L,0x20000810L,
- 0x00010800L,0x00010810L,0x20010800L,0x20010810L,
- 0x00000020L,0x00000030L,0x20000020L,0x20000030L,
- 0x00010020L,0x00010030L,0x20010020L,0x20010030L,
- 0x00000820L,0x00000830L,0x20000820L,0x20000830L,
- 0x00010820L,0x00010830L,0x20010820L,0x20010830L,
- 0x00080000L,0x00080010L,0x20080000L,0x20080010L,
- 0x00090000L,0x00090010L,0x20090000L,0x20090010L,
- 0x00080800L,0x00080810L,0x20080800L,0x20080810L,
- 0x00090800L,0x00090810L,0x20090800L,0x20090810L,
- 0x00080020L,0x00080030L,0x20080020L,0x20080030L,
- 0x00090020L,0x00090030L,0x20090020L,0x20090030L,
- 0x00080820L,0x00080830L,0x20080820L,0x20080830L,
- 0x00090820L,0x00090830L,0x20090820L,0x20090830L,
- },{
- /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
- 0x00000000L,0x02000000L,0x00002000L,0x02002000L,
- 0x00200000L,0x02200000L,0x00202000L,0x02202000L,
- 0x00000004L,0x02000004L,0x00002004L,0x02002004L,
- 0x00200004L,0x02200004L,0x00202004L,0x02202004L,
- 0x00000400L,0x02000400L,0x00002400L,0x02002400L,
- 0x00200400L,0x02200400L,0x00202400L,0x02202400L,
- 0x00000404L,0x02000404L,0x00002404L,0x02002404L,
- 0x00200404L,0x02200404L,0x00202404L,0x02202404L,
- 0x10000000L,0x12000000L,0x10002000L,0x12002000L,
- 0x10200000L,0x12200000L,0x10202000L,0x12202000L,
- 0x10000004L,0x12000004L,0x10002004L,0x12002004L,
- 0x10200004L,0x12200004L,0x10202004L,0x12202004L,
- 0x10000400L,0x12000400L,0x10002400L,0x12002400L,
- 0x10200400L,0x12200400L,0x10202400L,0x12202400L,
- 0x10000404L,0x12000404L,0x10002404L,0x12002404L,
- 0x10200404L,0x12200404L,0x10202404L,0x12202404L,
- },{
- /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
- 0x00000000L,0x00000001L,0x00040000L,0x00040001L,
- 0x01000000L,0x01000001L,0x01040000L,0x01040001L,
- 0x00000002L,0x00000003L,0x00040002L,0x00040003L,
- 0x01000002L,0x01000003L,0x01040002L,0x01040003L,
- 0x00000200L,0x00000201L,0x00040200L,0x00040201L,
- 0x01000200L,0x01000201L,0x01040200L,0x01040201L,
- 0x00000202L,0x00000203L,0x00040202L,0x00040203L,
- 0x01000202L,0x01000203L,0x01040202L,0x01040203L,
- 0x08000000L,0x08000001L,0x08040000L,0x08040001L,
- 0x09000000L,0x09000001L,0x09040000L,0x09040001L,
- 0x08000002L,0x08000003L,0x08040002L,0x08040003L,
- 0x09000002L,0x09000003L,0x09040002L,0x09040003L,
- 0x08000200L,0x08000201L,0x08040200L,0x08040201L,
- 0x09000200L,0x09000201L,0x09040200L,0x09040201L,
- 0x08000202L,0x08000203L,0x08040202L,0x08040203L,
- 0x09000202L,0x09000203L,0x09040202L,0x09040203L,
- },{
- /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
- 0x00000000L,0x00100000L,0x00000100L,0x00100100L,
- 0x00000008L,0x00100008L,0x00000108L,0x00100108L,
- 0x00001000L,0x00101000L,0x00001100L,0x00101100L,
- 0x00001008L,0x00101008L,0x00001108L,0x00101108L,
- 0x04000000L,0x04100000L,0x04000100L,0x04100100L,
- 0x04000008L,0x04100008L,0x04000108L,0x04100108L,
- 0x04001000L,0x04101000L,0x04001100L,0x04101100L,
- 0x04001008L,0x04101008L,0x04001108L,0x04101108L,
- 0x00020000L,0x00120000L,0x00020100L,0x00120100L,
- 0x00020008L,0x00120008L,0x00020108L,0x00120108L,
- 0x00021000L,0x00121000L,0x00021100L,0x00121100L,
- 0x00021008L,0x00121008L,0x00021108L,0x00121108L,
- 0x04020000L,0x04120000L,0x04020100L,0x04120100L,
- 0x04020008L,0x04120008L,0x04020108L,0x04120108L,
- 0x04021000L,0x04121000L,0x04021100L,0x04121100L,
- 0x04021008L,0x04121008L,0x04021108L,0x04121108L,
- },{
- /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
- 0x00000000L,0x10000000L,0x00010000L,0x10010000L,
- 0x00000004L,0x10000004L,0x00010004L,0x10010004L,
- 0x20000000L,0x30000000L,0x20010000L,0x30010000L,
- 0x20000004L,0x30000004L,0x20010004L,0x30010004L,
- 0x00100000L,0x10100000L,0x00110000L,0x10110000L,
- 0x00100004L,0x10100004L,0x00110004L,0x10110004L,
- 0x20100000L,0x30100000L,0x20110000L,0x30110000L,
- 0x20100004L,0x30100004L,0x20110004L,0x30110004L,
- 0x00001000L,0x10001000L,0x00011000L,0x10011000L,
- 0x00001004L,0x10001004L,0x00011004L,0x10011004L,
- 0x20001000L,0x30001000L,0x20011000L,0x30011000L,
- 0x20001004L,0x30001004L,0x20011004L,0x30011004L,
- 0x00101000L,0x10101000L,0x00111000L,0x10111000L,
- 0x00101004L,0x10101004L,0x00111004L,0x10111004L,
- 0x20101000L,0x30101000L,0x20111000L,0x30111000L,
- 0x20101004L,0x30101004L,0x20111004L,0x30111004L,
- },{
- /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
- 0x00000000L,0x08000000L,0x00000008L,0x08000008L,
- 0x00000400L,0x08000400L,0x00000408L,0x08000408L,
- 0x00020000L,0x08020000L,0x00020008L,0x08020008L,
- 0x00020400L,0x08020400L,0x00020408L,0x08020408L,
- 0x00000001L,0x08000001L,0x00000009L,0x08000009L,
- 0x00000401L,0x08000401L,0x00000409L,0x08000409L,
- 0x00020001L,0x08020001L,0x00020009L,0x08020009L,
- 0x00020401L,0x08020401L,0x00020409L,0x08020409L,
- 0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
- 0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
- 0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
- 0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
- 0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
- 0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
- 0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
- 0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
- },{
- /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
- 0x00000000L,0x00000100L,0x00080000L,0x00080100L,
- 0x01000000L,0x01000100L,0x01080000L,0x01080100L,
- 0x00000010L,0x00000110L,0x00080010L,0x00080110L,
- 0x01000010L,0x01000110L,0x01080010L,0x01080110L,
- 0x00200000L,0x00200100L,0x00280000L,0x00280100L,
- 0x01200000L,0x01200100L,0x01280000L,0x01280100L,
- 0x00200010L,0x00200110L,0x00280010L,0x00280110L,
- 0x01200010L,0x01200110L,0x01280010L,0x01280110L,
- 0x00000200L,0x00000300L,0x00080200L,0x00080300L,
- 0x01000200L,0x01000300L,0x01080200L,0x01080300L,
- 0x00000210L,0x00000310L,0x00080210L,0x00080310L,
- 0x01000210L,0x01000310L,0x01080210L,0x01080310L,
- 0x00200200L,0x00200300L,0x00280200L,0x00280300L,
- 0x01200200L,0x01200300L,0x01280200L,0x01280300L,
- 0x00200210L,0x00200310L,0x00280210L,0x00280310L,
- 0x01200210L,0x01200310L,0x01280210L,0x01280310L,
- },{
- /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
- 0x00000000L,0x04000000L,0x00040000L,0x04040000L,
- 0x00000002L,0x04000002L,0x00040002L,0x04040002L,
- 0x00002000L,0x04002000L,0x00042000L,0x04042000L,
- 0x00002002L,0x04002002L,0x00042002L,0x04042002L,
- 0x00000020L,0x04000020L,0x00040020L,0x04040020L,
- 0x00000022L,0x04000022L,0x00040022L,0x04040022L,
- 0x00002020L,0x04002020L,0x00042020L,0x04042020L,
- 0x00002022L,0x04002022L,0x00042022L,0x04042022L,
- 0x00000800L,0x04000800L,0x00040800L,0x04040800L,
- 0x00000802L,0x04000802L,0x00040802L,0x04040802L,
- 0x00002800L,0x04002800L,0x00042800L,0x04042800L,
- 0x00002802L,0x04002802L,0x00042802L,0x04042802L,
- 0x00000820L,0x04000820L,0x00040820L,0x04040820L,
- 0x00000822L,0x04000822L,0x00040822L,0x04040822L,
- 0x00002820L,0x04002820L,0x00042820L,0x04042820L,
- 0x00002822L,0x04002822L,0x00042822L,0x04042822L,
- }};
-
-int des_set_key(const_des_cblock *key, des_key_schedule schedule)
- {
- if (des_check_key)
- {
- return des_set_key_checked(key, schedule);
- }
- else
- {
- des_set_key_unchecked(key, schedule);
- return 0;
- }
- }
-
-/* return 0 if key parity is odd (correct),
- * return -1 if key parity error,
- * return -2 if illegal weak key.
- */
-int des_set_key_checked(const_des_cblock *key, des_key_schedule schedule)
- {
- if (!des_check_key_parity(key))
- return(-1);
- if (des_is_weak_key(key))
- return(-2);
- des_set_key_unchecked(key, schedule);
- return 0;
- }
-
-void des_set_key_unchecked(const_des_cblock *key, des_key_schedule schedule)
- {
- static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
- register DES_LONG c,d,t,s,t2;
- register const unsigned char *in;
- register DES_LONG *k;
- register int i;
-
- k = &schedule->ks.deslong[0];
- in = &(*key)[0];
-
- c2l(in,c);
- c2l(in,d);
-
- /* do PC1 in 47 simple operations :-)
- * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
- * for the inspiration. :-) */
- PERM_OP (d,c,t,4,0x0f0f0f0fL);
- HPERM_OP(c,t,-2,0xcccc0000L);
- HPERM_OP(d,t,-2,0xcccc0000L);
- PERM_OP (d,c,t,1,0x55555555L);
- PERM_OP (c,d,t,8,0x00ff00ffL);
- PERM_OP (d,c,t,1,0x55555555L);
- d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) |
- ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
- c&=0x0fffffffL;
-
- for (i=0; i<ITERATIONS; i++)
- {
- if (shifts2[i])
- { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
- else
- { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
- c&=0x0fffffffL;
- d&=0x0fffffffL;
- /* could be a few less shifts but I am to lazy at this
- * point in time to investigate */
- s= des_skb[0][ (c )&0x3f ]|
- des_skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]|
- des_skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]|
- des_skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) |
- ((c>>22L)&0x38)];
- t= des_skb[4][ (d )&0x3f ]|
- des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
- des_skb[6][ (d>>15L)&0x3f ]|
- des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
-
- /* table contained 0213 4657 */
- t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
- *(k++)=ROTATE(t2,30)&0xffffffffL;
-
- t2=((s>>16L)|(t&0xffff0000L));
- *(k++)=ROTATE(t2,26)&0xffffffffL;
- }
- }
-
-int des_key_sched(const_des_cblock *key, des_key_schedule schedule)
- {
- return(des_set_key(key,schedule));
- }
-
-#undef des_fixup_key_parity
-void des_fixup_key_parity(des_cblock *key)
- {
- des_set_odd_parity(key);
- }
diff --git a/src/lib/libcrypto/des/spr.h b/src/lib/libcrypto/des/spr.h
deleted file mode 100644
index b8fbdcf8d3..0000000000
--- a/src/lib/libcrypto/des/spr.h
+++ /dev/null
@@ -1,204 +0,0 @@
-/* crypto/des/spr.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-OPENSSL_GLOBAL const DES_LONG des_SPtrans[8][64]={
-{
-/* nibble 0 */
-0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
-0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
-0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
-0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
-0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
-0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
-0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
-0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
-0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
-0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
-0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
-0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
-0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
-0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
-0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
-0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
-},{
-/* nibble 1 */
-0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
-0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
-0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
-0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
-0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
-0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
-0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
-0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
-0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
-0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
-0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
-0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
-0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
-0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
-0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
-0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
-},{
-/* nibble 2 */
-0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
-0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
-0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
-0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
-0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
-0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
-0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
-0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
-0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
-0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
-0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
-0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
-0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
-0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
-0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
-0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
-},{
-/* nibble 3 */
-0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
-0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
-0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
-0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
-0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
-0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
-0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
-0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
-0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
-0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
-0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
-0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
-0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
-0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
-0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
-0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
-},{
-/* nibble 4 */
-0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
-0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
-0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
-0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
-0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
-0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
-0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
-0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
-0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
-0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
-0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
-0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
-0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
-0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
-0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
-0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
-},{
-/* nibble 5 */
-0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
-0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
-0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
-0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
-0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
-0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
-0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
-0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
-0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
-0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
-0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
-0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
-0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
-0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
-0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
-0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
-},{
-/* nibble 6 */
-0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
-0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
-0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
-0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
-0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
-0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
-0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
-0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
-0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
-0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
-0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
-0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
-0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
-0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
-0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
-0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
-},{
-/* nibble 7 */
-0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
-0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
-0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
-0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
-0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
-0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
-0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
-0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
-0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
-0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
-0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
-0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
-0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
-0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
-0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
-0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
-}};
diff --git a/src/lib/libcrypto/des/str2key.c b/src/lib/libcrypto/des/str2key.c
deleted file mode 100644
index c6abb87201..0000000000
--- a/src/lib/libcrypto/des/str2key.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/* crypto/des/str2key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-void des_string_to_key(const char *str, des_cblock *key)
- {
- des_key_schedule ks;
- int i,length;
- register unsigned char j;
-
- memset(key,0,8);
- length=strlen(str);
-#ifdef OLD_STR_TO_KEY
- for (i=0; i<length; i++)
- (*key)[i%8]^=(str[i]<<1);
-#else /* MIT COMPATIBLE */
- for (i=0; i<length; i++)
- {
- j=str[i];
- if ((i%16) < 8)
- (*key)[i%8]^=(j<<1);
- else
- {
- /* Reverse the bit order 05/05/92 eay */
- j=((j<<4)&0xf0)|((j>>4)&0x0f);
- j=((j<<2)&0xcc)|((j>>2)&0x33);
- j=((j<<1)&0xaa)|((j>>1)&0x55);
- (*key)[7-(i%8)]^=j;
- }
- }
-#endif
- des_set_odd_parity(key);
- des_set_key_unchecked(key,ks);
- des_cbc_cksum((const unsigned char*)str,key,length,ks,key);
- memset(ks,0,sizeof(ks));
- des_set_odd_parity(key);
- }
-
-void des_string_to_2keys(const char *str, des_cblock *key1, des_cblock *key2)
- {
- des_key_schedule ks;
- int i,length;
- register unsigned char j;
-
- memset(key1,0,8);
- memset(key2,0,8);
- length=strlen(str);
-#ifdef OLD_STR_TO_KEY
- if (length <= 8)
- {
- for (i=0; i<length; i++)
- {
- (*key2)[i]=(*key1)[i]=(str[i]<<1);
- }
- }
- else
- {
- for (i=0; i<length; i++)
- {
- if ((i/8)&1)
- (*key2)[i%8]^=(str[i]<<1);
- else
- (*key1)[i%8]^=(str[i]<<1);
- }
- }
-#else /* MIT COMPATIBLE */
- for (i=0; i<length; i++)
- {
- j=str[i];
- if ((i%32) < 16)
- {
- if ((i%16) < 8)
- (*key1)[i%8]^=(j<<1);
- else
- (*key2)[i%8]^=(j<<1);
- }
- else
- {
- j=((j<<4)&0xf0)|((j>>4)&0x0f);
- j=((j<<2)&0xcc)|((j>>2)&0x33);
- j=((j<<1)&0xaa)|((j>>1)&0x55);
- if ((i%16) < 8)
- (*key1)[7-(i%8)]^=j;
- else
- (*key2)[7-(i%8)]^=j;
- }
- }
- if (length <= 8) memcpy(key2,key1,8);
-#endif
- des_set_odd_parity(key1);
- des_set_odd_parity(key2);
- des_set_key_unchecked(key1,ks);
- des_cbc_cksum((const unsigned char*)str,key1,length,ks,key1);
- des_set_key_unchecked(key2,ks);
- des_cbc_cksum((const unsigned char*)str,key2,length,ks,key2);
- memset(ks,0,sizeof(ks));
- des_set_odd_parity(key1);
- des_set_odd_parity(key2);
- }
diff --git a/src/lib/libcrypto/des/xcbc_enc.c b/src/lib/libcrypto/des/xcbc_enc.c
deleted file mode 100644
index ccfede13ac..0000000000
--- a/src/lib/libcrypto/des/xcbc_enc.c
+++ /dev/null
@@ -1,194 +0,0 @@
-/* crypto/des/xcbc_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* RSA's DESX */
-
-static unsigned char desx_white_in2out[256]={
-0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0,
-0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A,
-0x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36,
-0x3E,0xEE,0xFB,0x95,0x1A,0xFE,0xCE,0xA8,0x34,0xA9,0x13,0xF0,0xA6,0x3F,0xD8,0x0C,
-0x78,0x24,0xAF,0x23,0x52,0xC1,0x67,0x17,0xF5,0x66,0x90,0xE7,0xE8,0x07,0xB8,0x60,
-0x48,0xE6,0x1E,0x53,0xF3,0x92,0xA4,0x72,0x8C,0x08,0x15,0x6E,0x86,0x00,0x84,0xFA,
-0xF4,0x7F,0x8A,0x42,0x19,0xF6,0xDB,0xCD,0x14,0x8D,0x50,0x12,0xBA,0x3C,0x06,0x4E,
-0xEC,0xB3,0x35,0x11,0xA1,0x88,0x8E,0x2B,0x94,0x99,0xB7,0x71,0x74,0xD3,0xE4,0xBF,
-0x3A,0xDE,0x96,0x0E,0xBC,0x0A,0xED,0x77,0xFC,0x37,0x6B,0x03,0x79,0x89,0x62,0xC6,
-0xD7,0xC0,0xD2,0x7C,0x6A,0x8B,0x22,0xA3,0x5B,0x05,0x5D,0x02,0x75,0xD5,0x61,0xE3,
-0x18,0x8F,0x55,0x51,0xAD,0x1F,0x0B,0x5E,0x85,0xE5,0xC2,0x57,0x63,0xCA,0x3D,0x6C,
-0xB4,0xC5,0xCC,0x70,0xB2,0x91,0x59,0x0D,0x47,0x20,0xC8,0x4F,0x58,0xE0,0x01,0xE2,
-0x16,0x38,0xC4,0x6F,0x3B,0x0F,0x65,0x46,0xBE,0x7E,0x2D,0x7B,0x82,0xF9,0x40,0xB5,
-0x1D,0x73,0xF8,0xEB,0x26,0xC7,0x87,0x97,0x25,0x54,0xB1,0x28,0xAA,0x98,0x9D,0xA5,
-0x64,0x6D,0x7A,0xD4,0x10,0x81,0x44,0xEF,0x49,0xD6,0xAE,0x2E,0xDD,0x76,0x5C,0x2F,
-0xA7,0x1C,0xC9,0x09,0x69,0x9A,0x83,0xCF,0x29,0x39,0xB9,0xE9,0x4C,0xFF,0x43,0xAB,
- };
-
-void des_xwhite_in2out(const_des_cblock *des_key, const_des_cblock *in_white,
- des_cblock *out_white)
- {
- int out0,out1;
- int i;
- const unsigned char *key = &(*des_key)[0];
- const unsigned char *in = &(*in_white)[0];
- unsigned char *out = &(*out_white)[0];
-
- out[0]=out[1]=out[2]=out[3]=out[4]=out[5]=out[6]=out[7]=0;
- out0=out1=0;
- for (i=0; i<8; i++)
- {
- out[i]=key[i]^desx_white_in2out[out0^out1];
- out0=out1;
- out1=(int)out[i&0x07];
- }
-
- out0=out[0];
- out1=out[i];
- for (i=0; i<8; i++)
- {
- out[i]=in[i]^desx_white_in2out[out0^out1];
- out0=out1;
- out1=(int)out[i&0x07];
- }
- }
-
-void des_xcbc_encrypt(const unsigned char *in, unsigned char *out,
- long length, des_key_schedule schedule, des_cblock *ivec,
- const_des_cblock *inw, const_des_cblock *outw, int enc)
- {
- register DES_LONG tin0,tin1;
- register DES_LONG tout0,tout1,xor0,xor1;
- register DES_LONG inW0,inW1,outW0,outW1;
- register const unsigned char *in2;
- register long l=length;
- DES_LONG tin[2];
- unsigned char *iv;
-
- in2 = &(*inw)[0];
- c2l(in2,inW0);
- c2l(in2,inW1);
- in2 = &(*outw)[0];
- c2l(in2,outW0);
- c2l(in2,outW1);
-
- iv = &(*ivec)[0];
-
- if (enc)
- {
- c2l(iv,tout0);
- c2l(iv,tout1);
- for (l-=8; l>=0; l-=8)
- {
- c2l(in,tin0);
- c2l(in,tin1);
- tin0^=tout0^inW0; tin[0]=tin0;
- tin1^=tout1^inW1; tin[1]=tin1;
- des_encrypt1(tin,schedule,DES_ENCRYPT);
- tout0=tin[0]^outW0; l2c(tout0,out);
- tout1=tin[1]^outW1; l2c(tout1,out);
- }
- if (l != -8)
- {
- c2ln(in,tin0,tin1,l+8);
- tin0^=tout0^inW0; tin[0]=tin0;
- tin1^=tout1^inW1; tin[1]=tin1;
- des_encrypt1(tin,schedule,DES_ENCRYPT);
- tout0=tin[0]^outW0; l2c(tout0,out);
- tout1=tin[1]^outW1; l2c(tout1,out);
- }
- iv = &(*ivec)[0];
- l2c(tout0,iv);
- l2c(tout1,iv);
- }
- else
- {
- c2l(iv,xor0);
- c2l(iv,xor1);
- for (l-=8; l>0; l-=8)
- {
- c2l(in,tin0); tin[0]=tin0^outW0;
- c2l(in,tin1); tin[1]=tin1^outW1;
- des_encrypt1(tin,schedule,DES_DECRYPT);
- tout0=tin[0]^xor0^inW0;
- tout1=tin[1]^xor1^inW1;
- l2c(tout0,out);
- l2c(tout1,out);
- xor0=tin0;
- xor1=tin1;
- }
- if (l != -8)
- {
- c2l(in,tin0); tin[0]=tin0^outW0;
- c2l(in,tin1); tin[1]=tin1^outW1;
- des_encrypt1(tin,schedule,DES_DECRYPT);
- tout0=tin[0]^xor0^inW0;
- tout1=tin[1]^xor1^inW1;
- l2cn(tout0,tout1,out,l+8);
- xor0=tin0;
- xor1=tin1;
- }
-
- iv = &(*ivec)[0];
- l2c(xor0,iv);
- l2c(xor1,iv);
- }
- tin0=tin1=tout0=tout1=xor0=xor1=0;
- inW0=inW1=outW0=outW1=0;
- tin[0]=tin[1]=0;
- }
-
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
deleted file mode 100644
index 7a8d9f88c2..0000000000
--- a/src/lib/libcrypto/dh/dh.h
+++ /dev/null
@@ -1,213 +0,0 @@
-/* crypto/dh/dh.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_DH_H
-#define HEADER_DH_H
-
-#ifdef NO_DH
-#error DH is disabled.
-#endif
-
-#ifndef NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/bn.h>
-#include <openssl/crypto.h>
-
-#define DH_FLAG_CACHE_MONT_P 0x01
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct dh_st DH;
-
-typedef struct dh_method {
- const char *name;
- /* Methods here */
- int (*generate_key)(DH *dh);
- int (*compute_key)(unsigned char *key,BIGNUM *pub_key,DH *dh);
- int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx); /* Can be null */
-
- int (*init)(DH *dh);
- int (*finish)(DH *dh);
- int flags;
- char *app_data;
-} DH_METHOD;
-
-struct dh_st
- {
- /* This first argument is used to pick up errors when
- * a DH is passed instead of a EVP_PKEY */
- int pad;
- int version;
- BIGNUM *p;
- BIGNUM *g;
- int length; /* optional */
- BIGNUM *pub_key; /* g^x */
- BIGNUM *priv_key; /* x */
-
- int flags;
- char *method_mont_p;
- /* Place holders if we want to do X9.42 DH */
- BIGNUM *q;
- BIGNUM *j;
- unsigned char *seed;
- int seedlen;
- BIGNUM *counter;
-
- int references;
- CRYPTO_EX_DATA ex_data;
-#if 0
- DH_METHOD *meth;
-#else
- struct engine_st *engine;
-#endif
- };
-
-#define DH_GENERATOR_2 2
-/* #define DH_GENERATOR_3 3 */
-#define DH_GENERATOR_5 5
-
-/* DH_check error codes */
-#define DH_CHECK_P_NOT_PRIME 0x01
-#define DH_CHECK_P_NOT_SAFE_PRIME 0x02
-#define DH_UNABLE_TO_CHECK_GENERATOR 0x04
-#define DH_NOT_SUITABLE_GENERATOR 0x08
-
-/* primes p where (p-1)/2 is prime too are called "safe"; we define
- this for backward compatibility: */
-#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
-
-#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
- (char *(*)())d2i_DHparams,(char *)(x))
-#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
- (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
-#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
- (unsigned char *)(x))
-#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \
- (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x))
-#ifdef __cplusplus
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio((int (*)())i2d_DHparams,(bp), \
- (unsigned char *)(x))
-#else
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \
- (unsigned char *)(x))
-#endif
-
-DH_METHOD *DH_OpenSSL(void);
-
-void DH_set_default_openssl_method(DH_METHOD *meth);
-DH_METHOD *DH_get_default_openssl_method(void);
-#if 0
-DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth);
-DH *DH_new_method(DH_METHOD *meth);
-#else
-int DH_set_method(DH *dh, struct engine_st *engine);
-DH *DH_new_method(struct engine_st *engine);
-#endif
-
-DH * DH_new(void);
-void DH_free(DH *dh);
-int DH_size(DH *dh);
-int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DH_set_ex_data(DH *d, int idx, void *arg);
-void *DH_get_ex_data(DH *d, int idx);
-DH * DH_generate_parameters(int prime_len,int generator,
- void (*callback)(int,int,void *),void *cb_arg);
-int DH_check(DH *dh,int *codes);
-int DH_generate_key(DH *dh);
-int DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh);
-DH * d2i_DHparams(DH **a,unsigned char **pp, long length);
-int i2d_DHparams(DH *a,unsigned char **pp);
-#ifndef NO_FP_API
-int DHparams_print_fp(FILE *fp, DH *x);
-#endif
-#ifndef NO_BIO
-int DHparams_print(BIO *bp, DH *x);
-#else
-int DHparams_print(char *bp, DH *x);
-#endif
-void ERR_load_DH_strings(void );
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the DH functions. */
-
-/* Function codes. */
-#define DH_F_DHPARAMS_PRINT 100
-#define DH_F_DHPARAMS_PRINT_FP 101
-#define DH_F_DH_COMPUTE_KEY 102
-#define DH_F_DH_GENERATE_KEY 103
-#define DH_F_DH_GENERATE_PARAMETERS 104
-#define DH_F_DH_NEW 105
-
-/* Reason codes. */
-#define DH_R_NO_PRIVATE_VALUE 100
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
deleted file mode 100644
index 7e5cfd8bfc..0000000000
--- a/src/lib/libcrypto/dh/dh_check.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/* crypto/dh/dh_check.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-
-/* Check that p is a safe prime and
- * if g is 2, 3 or 5, check that is is a suitable generator
- * where
- * for 2, p mod 24 == 11
- * for 3, p mod 12 == 5
- * for 5, p mod 10 == 3 or 7
- * should hold.
- */
-
-int DH_check(DH *dh, int *ret)
- {
- int ok=0;
- BN_CTX *ctx=NULL;
- BN_ULONG l;
- BIGNUM *q=NULL;
-
- *ret=0;
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
- q=BN_new();
- if (q == NULL) goto err;
-
- if (BN_is_word(dh->g,DH_GENERATOR_2))
- {
- l=BN_mod_word(dh->p,24);
- if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
- }
-#if 0
- else if (BN_is_word(dh->g,DH_GENERATOR_3))
- {
- l=BN_mod_word(dh->p,12);
- if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
- }
-#endif
- else if (BN_is_word(dh->g,DH_GENERATOR_5))
- {
- l=BN_mod_word(dh->p,10);
- if ((l != 3) && (l != 7))
- *ret|=DH_NOT_SUITABLE_GENERATOR;
- }
- else
- *ret|=DH_UNABLE_TO_CHECK_GENERATOR;
-
- if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL))
- *ret|=DH_CHECK_P_NOT_PRIME;
- else
- {
- if (!BN_rshift1(q,dh->p)) goto err;
- if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL))
- *ret|=DH_CHECK_P_NOT_SAFE_PRIME;
- }
- ok=1;
-err:
- if (ctx != NULL) BN_CTX_free(ctx);
- if (q != NULL) BN_free(q);
- return(ok);
- }
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c
deleted file mode 100644
index ff2d1684c2..0000000000
--- a/src/lib/libcrypto/dh/dh_err.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* crypto/dh/dh_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/dh.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA DH_str_functs[]=
- {
-{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"},
-{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0), "DHparams_print_fp"},
-{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"},
-{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"},
-{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"},
-{ERR_PACK(0,DH_F_DH_NEW,0), "DH_new"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA DH_str_reasons[]=
- {
-{DH_R_NO_PRIVATE_VALUE ,"no private value"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_DH_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_DH,DH_str_functs);
- ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
deleted file mode 100644
index 7a6a38fbb4..0000000000
--- a/src/lib/libcrypto/dh/dh_gen.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/* crypto/dh/dh_gen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-
-/* We generate DH parameters as follows
- * find a prime q which is prime_len/2 bits long.
- * p=(2*q)+1 or (p-1)/2 = q
- * For this case, g is a generator if
- * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
- * Since the factors of p-1 are q and 2, we just need to check
- * g^2 mod p != 1 and g^q mod p != 1.
- *
- * Having said all that,
- * there is another special case method for the generators 2, 3 and 5.
- * for 2, p mod 24 == 11
- * for 3, p mod 12 == 5 <<<<< does not work for safe primes.
- * for 5, p mod 10 == 3 or 7
- *
- * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
- * special generators and for answering some of my questions.
- *
- * I've implemented the second simple method :-).
- * Since DH should be using a safe prime (both p and q are prime),
- * this generator function can take a very very long time to run.
- */
-
-DH *DH_generate_parameters(int prime_len, int generator,
- void (*callback)(int,int,void *), void *cb_arg)
- {
- BIGNUM *p=NULL,*t1,*t2;
- DH *ret=NULL;
- int g,ok= -1;
- BN_CTX *ctx=NULL;
-
- ret=DH_new();
- if (ret == NULL) goto err;
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
- BN_CTX_start(ctx);
- t1 = BN_CTX_get(ctx);
- t2 = BN_CTX_get(ctx);
- if (t1 == NULL || t2 == NULL) goto err;
-
- if (generator == DH_GENERATOR_2)
- {
- BN_set_word(t1,24);
- BN_set_word(t2,11);
- g=2;
- }
-#ifdef undef /* does not work for safe primes */
- else if (generator == DH_GENERATOR_3)
- {
- BN_set_word(t1,12);
- BN_set_word(t2,5);
- g=3;
- }
-#endif
- else if (generator == DH_GENERATOR_5)
- {
- BN_set_word(t1,10);
- BN_set_word(t2,3);
- /* BN_set_word(t3,7); just have to miss
- * out on these ones :-( */
- g=5;
- }
- else
- g=generator;
-
- p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg);
- if (p == NULL) goto err;
- if (callback != NULL) callback(3,0,cb_arg);
- ret->p=p;
- ret->g=BN_new();
- if (!BN_set_word(ret->g,g)) goto err;
- ok=1;
-err:
- if (ok == -1)
- {
- DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB);
- ok=0;
- }
-
- if (ctx != NULL)
- {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- if (!ok && (ret != NULL))
- {
- DH_free(ret);
- ret=NULL;
- }
- return(ret);
- }
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
deleted file mode 100644
index 22b087b778..0000000000
--- a/src/lib/libcrypto/dh/dh_key.c
+++ /dev/null
@@ -1,216 +0,0 @@
-/* crypto/dh/dh_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/dh.h>
-#include <openssl/engine.h>
-
-static int generate_key(DH *dh);
-static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
-static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-static int dh_init(DH *dh);
-static int dh_finish(DH *dh);
-
-int DH_generate_key(DH *dh)
- {
- return ENGINE_get_DH(dh->engine)->generate_key(dh);
- }
-
-int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
- {
- return ENGINE_get_DH(dh->engine)->compute_key(key, pub_key, dh);
- }
-
-static DH_METHOD dh_ossl = {
-"OpenSSL DH Method",
-generate_key,
-compute_key,
-dh_bn_mod_exp,
-dh_init,
-dh_finish,
-0,
-NULL
-};
-
-DH_METHOD *DH_OpenSSL(void)
-{
- return &dh_ossl;
-}
-
-static int generate_key(DH *dh)
- {
- int ok=0;
- BN_CTX ctx;
- BN_MONT_CTX *mont;
- BIGNUM *pub_key=NULL,*priv_key=NULL;
-
- BN_CTX_init(&ctx);
-
- if (dh->priv_key == NULL)
- {
- priv_key=BN_new();
- if (priv_key == NULL) goto err;
- do
- if (!BN_rand_range(priv_key, dh->p)) goto err;
- while (BN_is_zero(priv_key));
- }
- else
- priv_key=dh->priv_key;
-
- if (dh->pub_key == NULL)
- {
- pub_key=BN_new();
- if (pub_key == NULL) goto err;
- }
- else
- pub_key=dh->pub_key;
-
- if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
- {
- if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
- if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
- dh->p,&ctx)) goto err;
- }
- mont=(BN_MONT_CTX *)dh->method_mont_p;
-
- if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g,
- priv_key,dh->p,&ctx,mont))
- goto err;
-
- dh->pub_key=pub_key;
- dh->priv_key=priv_key;
- ok=1;
-err:
- if (ok != 1)
- DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
-
- if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
- if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
- BN_CTX_free(&ctx);
- return(ok);
- }
-
-static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
- {
- BN_CTX ctx;
- BN_MONT_CTX *mont;
- BIGNUM *tmp;
- int ret= -1;
-
- BN_CTX_init(&ctx);
- BN_CTX_start(&ctx);
- tmp = BN_CTX_get(&ctx);
-
- if (dh->priv_key == NULL)
- {
- DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
- goto err;
- }
- if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
- {
- if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
- if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
- dh->p,&ctx)) goto err;
- }
-
- mont=(BN_MONT_CTX *)dh->method_mont_p;
- if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, tmp, pub_key,
- dh->priv_key,dh->p,&ctx,mont))
- {
- DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
- goto err;
- }
-
- ret=BN_bn2bin(tmp,key);
-err:
- BN_CTX_end(&ctx);
- BN_CTX_free(&ctx);
- return(ret);
- }
-
-static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
- {
- if (a->top == 1)
- {
- BN_ULONG A = a->d[0];
- return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
- }
- else
- return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx);
- }
-
-
-static int dh_init(DH *dh)
- {
- dh->flags |= DH_FLAG_CACHE_MONT_P;
- return(1);
- }
-
-static int dh_finish(DH *dh)
- {
- if(dh->method_mont_p)
- BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
- return(1);
- }
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
deleted file mode 100644
index 96f118c153..0000000000
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ /dev/null
@@ -1,237 +0,0 @@
-/* crypto/dh/dh_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/engine.h>
-
-const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
-
-static DH_METHOD *default_DH_method;
-static int dh_meth_num = 0;
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL;
-
-void DH_set_default_openssl_method(DH_METHOD *meth)
-{
- ENGINE *e;
- /* We'll need to notify the "openssl" ENGINE of this
- * change too. We won't bother locking things down at
- * our end as there was never any locking in these
- * functions! */
- if(default_DH_method != meth)
- {
- default_DH_method = meth;
- e = ENGINE_by_id("openssl");
- if(e)
- {
- ENGINE_set_DH(e, meth);
- ENGINE_free(e);
- }
- }
-}
-
-DH_METHOD *DH_get_default_openssl_method(void)
-{
- if(!default_DH_method) default_DH_method = DH_OpenSSL();
- return default_DH_method;
-}
-
-#if 0
-DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth)
-{
- DH_METHOD *mtmp;
- mtmp = dh->meth;
- if (mtmp->finish) mtmp->finish(dh);
- dh->meth = meth;
- if (meth->init) meth->init(dh);
- return mtmp;
-}
-#else
-int DH_set_method(DH *dh, ENGINE *engine)
-{
- ENGINE *mtmp;
- DH_METHOD *meth;
- mtmp = dh->engine;
- meth = ENGINE_get_DH(mtmp);
- if (!ENGINE_init(engine))
- return 0;
- if (meth->finish) meth->finish(dh);
- dh->engine= engine;
- meth = ENGINE_get_DH(engine);
- if (meth->init) meth->init(dh);
- /* SHOULD ERROR CHECK THIS!!! */
- ENGINE_finish(mtmp);
- return 1;
-}
-#endif
-
-DH *DH_new(void)
-{
- return DH_new_method(NULL);
-}
-
-#if 0
-DH *DH_new_method(DH_METHOD *meth)
-#else
-DH *DH_new_method(ENGINE *engine)
-#endif
- {
- DH_METHOD *meth;
- DH *ret;
- ret=(DH *)OPENSSL_malloc(sizeof(DH));
-
- if (ret == NULL)
- {
- DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- if(engine)
- ret->engine = engine;
- else
- {
- if((ret->engine=ENGINE_get_default_DH()) == NULL)
- {
- OPENSSL_free(ret);
- return NULL;
- }
- }
- meth = ENGINE_get_DH(ret->engine);
- ret->pad=0;
- ret->version=0;
- ret->p=NULL;
- ret->g=NULL;
- ret->length=0;
- ret->pub_key=NULL;
- ret->priv_key=NULL;
- ret->q=NULL;
- ret->j=NULL;
- ret->seed = NULL;
- ret->seedlen = 0;
- ret->counter = NULL;
- ret->method_mont_p=NULL;
- ret->references = 1;
- ret->flags=meth->flags;
- CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data);
- if ((meth->init != NULL) && !meth->init(ret))
- {
- CRYPTO_free_ex_data(dh_meth,ret,&ret->ex_data);
- OPENSSL_free(ret);
- ret=NULL;
- }
- return(ret);
- }
-
-void DH_free(DH *r)
- {
- DH_METHOD *meth;
- int i;
- if(r == NULL) return;
- i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
-#ifdef REF_PRINT
- REF_PRINT("DH",r);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"DH_free, bad reference count\n");
- abort();
- }
-#endif
-
- meth = ENGINE_get_DH(r->engine);
- if(meth->finish) meth->finish(r);
- ENGINE_finish(r->engine);
-
- CRYPTO_free_ex_data(dh_meth, r, &r->ex_data);
-
- if (r->p != NULL) BN_clear_free(r->p);
- if (r->g != NULL) BN_clear_free(r->g);
- if (r->q != NULL) BN_clear_free(r->q);
- if (r->j != NULL) BN_clear_free(r->j);
- if (r->seed) OPENSSL_free(r->seed);
- if (r->counter != NULL) BN_clear_free(r->counter);
- if (r->pub_key != NULL) BN_clear_free(r->pub_key);
- if (r->priv_key != NULL) BN_clear_free(r->priv_key);
- OPENSSL_free(r);
- }
-
-int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
- {
- dh_meth_num++;
- return(CRYPTO_get_ex_new_index(dh_meth_num-1,
- &dh_meth,argl,argp,new_func,dup_func,free_func));
- }
-
-int DH_set_ex_data(DH *d, int idx, void *arg)
- {
- return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
- }
-
-void *DH_get_ex_data(DH *d, int idx)
- {
- return(CRYPTO_get_ex_data(&d->ex_data,idx));
- }
-
-int DH_size(DH *dh)
- {
- return(BN_num_bytes(dh->p));
- }
diff --git a/src/lib/libcrypto/doc/DH_generate_key.pod b/src/lib/libcrypto/doc/DH_generate_key.pod
deleted file mode 100644
index 81f09fdf45..0000000000
--- a/src/lib/libcrypto/doc/DH_generate_key.pod
+++ /dev/null
@@ -1,50 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_generate_key, DH_compute_key - perform Diffie-Hellman key exchange
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- int DH_generate_key(DH *dh);
-
- int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
-
-=head1 DESCRIPTION
-
-DH_generate_key() performs the first step of a Diffie-Hellman key
-exchange by generating private and public DH values. By calling
-DH_compute_key(), these are combined with the other party's public
-value to compute the shared key.
-
-DH_generate_key() expects B<dh> to contain the shared parameters
-B<dh-E<gt>p> and B<dh-E<gt>g>. It generates a random private DH value
-unless B<dh-E<gt>priv_key> is already set, and computes the
-corresponding public value B<dh-E<gt>pub_key>, which can then be
-published.
-
-DH_compute_key() computes the shared secret from the private DH value
-in B<dh> and the other party's public value in B<pub_key> and stores
-it in B<key>. B<key> must point to B<DH_size(dh)> bytes of memory.
-
-=head1 RETURN VALUES
-
-DH_generate_key() returns 1 on success, 0 otherwise.
-
-DH_compute_key() returns the size of the shared secret on success, -1
-on error.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_size(3)|DH_size(3)>
-
-=head1 HISTORY
-
-DH_generate_key() and DH_compute_key() are available in all versions
-of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DH_generate_parameters.pod b/src/lib/libcrypto/doc/DH_generate_parameters.pod
deleted file mode 100644
index 4a2d653758..0000000000
--- a/src/lib/libcrypto/doc/DH_generate_parameters.pod
+++ /dev/null
@@ -1,72 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_generate_parameters, DH_check - generate and check Diffie-Hellman parameters
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- DH *DH_generate_parameters(int prime_len, int generator,
- void (*callback)(int, int, void *), void *cb_arg);
-
- int DH_check(DH *dh, int *codes);
-
-=head1 DESCRIPTION
-
-DH_generate_parameters() generates Diffie-Hellman parameters that can
-be shared among a group of users, and returns them in a newly
-allocated B<DH> structure. The pseudo-random number generator must be
-seeded prior to calling DH_generate_parameters().
-
-B<prime_len> is the length in bits of the safe prime to be generated.
-B<generator> is a small number E<gt> 1, typically 2 or 5.
-
-A callback function may be used to provide feedback about the progress
-of the key generation. If B<callback> is not B<NULL>, it will be
-called as described in L<BN_generate_prime(3)|BN_generate_prime(3)> while a random prime
-number is generated, and when a prime has been found, B<callback(3,
-0, cb_arg)> is called.
-
-DH_check() validates Diffie-Hellman parameters. It checks that B<p> is
-a safe prime, and that B<g> is a suitable generator. In the case of an
-error, the bit flags DH_CHECK_P_NOT_SAFE_PRIME or
-DH_NOT_SUITABLE_GENERATOR are set in B<*codes>.
-DH_UNABLE_TO_CHECK_GENERATOR is set if the generator cannot be
-checked, i.e. it does not equal 2 or 5.
-
-=head1 RETURN VALUES
-
-DH_generate_parameters() returns a pointer to the DH structure, or
-NULL if the parameter generation fails. The error codes can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-DH_check() returns 1 if the check could be performed, 0 otherwise.
-
-=head1 NOTES
-
-DH_generate_parameters() may run for several hours before finding a
-suitable prime.
-
-The parameters generated by DH_generate_parameters() are not to be
-used in signature schemes.
-
-=head1 BUGS
-
-If B<generator> is not 2 or 5, B<dh-E<gt>g>=B<generator> is not
-a usable generator.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_free(3)|DH_free(3)>
-
-=head1 HISTORY
-
-DH_check() is available in all versions of SSLeay and OpenSSL.
-The B<cb_arg> argument to DH_generate_parameters() was added in SSLeay 0.9.0.
-
-In versions before OpenSSL 0.9.5, DH_CHECK_P_NOT_STRONG_PRIME is used
-instead of DH_CHECK_P_NOT_SAFE_PRIME.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DH_get_ex_new_index.pod b/src/lib/libcrypto/doc/DH_get_ex_new_index.pod
deleted file mode 100644
index 82e2548bcd..0000000000
--- a/src/lib/libcrypto/doc/DH_get_ex_new_index.pod
+++ /dev/null
@@ -1,36 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data - add application specific data to DH structures
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- int DH_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-
- int DH_set_ex_data(DH *d, int idx, void *arg);
-
- char *DH_get_ex_data(DH *d, int idx);
-
-=head1 DESCRIPTION
-
-These functions handle application specific data in DH
-structures. Their usage is identical to that of
-RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data()
-as described in L<RSA_get_ex_new_index(3)>.
-
-=head1 SEE ALSO
-
-L<RSA_get_ex_new_index()|RSA_get_ex_new_index()>, L<dh(3)|dh(3)>
-
-=head1 HISTORY
-
-DH_get_ex_new_index(), DH_set_ex_data() and DH_get_ex_data() are
-available since OpenSSL 0.9.5.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DH_new.pod b/src/lib/libcrypto/doc/DH_new.pod
deleted file mode 100644
index 60c930093e..0000000000
--- a/src/lib/libcrypto/doc/DH_new.pod
+++ /dev/null
@@ -1,40 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_new, DH_free - allocate and free DH objects
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- DH* DH_new(void);
-
- void DH_free(DH *dh);
-
-=head1 DESCRIPTION
-
-DH_new() allocates and initializes a B<DH> structure.
-
-DH_free() frees the B<DH> structure and its components. The values are
-erased before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-If the allocation fails, DH_new() returns B<NULL> and sets an error
-code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns
-a pointer to the newly allocated structure.
-
-DH_free() returns no value.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
-L<DH_generate_key(3)|DH_generate_key(3)>
-
-=head1 HISTORY
-
-DH_new() and DH_free() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DH_set_method.pod b/src/lib/libcrypto/doc/DH_set_method.pod
deleted file mode 100644
index 62088eea1b..0000000000
--- a/src/lib/libcrypto/doc/DH_set_method.pod
+++ /dev/null
@@ -1,111 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_set_default_openssl_method, DH_get_default_openssl_method,
-DH_set_method, DH_new_method, DH_OpenSSL - select DH method
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
- #include <openssl/engine.h>
-
- void DH_set_default_openssl_method(DH_METHOD *meth);
-
- DH_METHOD *DH_get_default_openssl_method(void);
-
- int DH_set_method(DH *dh, ENGINE *engine);
-
- DH *DH_new_method(ENGINE *engine);
-
- DH_METHOD *DH_OpenSSL(void);
-
-=head1 DESCRIPTION
-
-A B<DH_METHOD> specifies the functions that OpenSSL uses for Diffie-Hellman
-operations. By modifying the method, alternative implementations
-such as hardware accelerators may be used.
-
-Initially, the default is to use the OpenSSL internal implementation.
-DH_OpenSSL() returns a pointer to that method.
-
-DH_set_default_openssl_method() makes B<meth> the default method for all DH
-structures created later. B<NB:> This is true only whilst the default engine
-for Diffie-Hellman operations remains as "openssl". ENGINEs provide an
-encapsulation for implementations of one or more algorithms, and all the DH
-functions mentioned here operate within the scope of the default
-"openssl" engine.
-
-DH_get_default_openssl_method() returns a pointer to the current default
-method for the "openssl" engine.
-
-DH_set_method() selects B<engine> as the engine that will be responsible for
-all operations using the structure B<dh>. If this function completes successfully,
-then the B<dh> structure will have its own functional reference of B<engine>, so
-the caller should remember to free their own reference to B<engine> when they are
-finished with it. NB: An ENGINE's DH_METHOD can be retrieved (or set) by
-ENGINE_get_DH() or ENGINE_set_DH().
-
-DH_new_method() allocates and initializes a DH structure so that
-B<engine> will be used for the DH operations. If B<engine> is NULL,
-the default engine for Diffie-Hellman opertaions is used.
-
-=head1 THE DH_METHOD STRUCTURE
-
- typedef struct dh_meth_st
- {
- /* name of the implementation */
- const char *name;
-
- /* generate private and public DH values for key agreement */
- int (*generate_key)(DH *dh);
-
- /* compute shared secret */
- int (*compute_key)(unsigned char *key, BIGNUM *pub_key, DH *dh);
-
- /* compute r = a ^ p mod m (May be NULL for some implementations) */
- int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-
- /* called at DH_new */
- int (*init)(DH *dh);
-
- /* called at DH_free */
- int (*finish)(DH *dh);
-
- int flags;
-
- char *app_data; /* ?? */
-
- } DH_METHOD;
-
-=head1 RETURN VALUES
-
-DH_OpenSSL() and DH_get_default_method() return pointers to the respective
-DH_METHODs.
-
-DH_set_default_openssl_method() returns no value.
-
-DH_set_method() returns non-zero if the ENGINE associated with B<dh>
-was successfully changed to B<engine>.
-
-DH_new_method() returns NULL and sets an error code that can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails.
-Otherwise it returns a pointer to the newly allocated structure.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<DH_new(3)|DH_new(3)>
-
-=head1 HISTORY
-
-DH_set_default_method(), DH_get_default_method(), DH_set_method(),
-DH_new_method() and DH_OpenSSL() were added in OpenSSL 0.9.4.
-
-DH_set_default_openssl_method() and DH_get_default_openssl_method()
-replaced DH_set_default_method() and DH_get_default_method() respectively,
-and DH_set_method() and DH_new_method() were altered to use B<ENGINE>s
-rather than B<DH_METHOD>s during development of OpenSSL 0.9.6.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DH_size.pod b/src/lib/libcrypto/doc/DH_size.pod
deleted file mode 100644
index 97f26fda78..0000000000
--- a/src/lib/libcrypto/doc/DH_size.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_size - get Diffie-Hellman prime size
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- int DH_size(DH *dh);
-
-=head1 DESCRIPTION
-
-This function returns the Diffie-Hellman size in bytes. It can be used
-to determine how much memory must be allocated for the shared secret
-computed by DH_compute_key().
-
-B<dh-E<gt>p> must not be B<NULL>.
-
-=head1 RETURN VALUE
-
-The size in bytes.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<DH_generate_key(3)|DH_generate_key(3)>
-
-=head1 HISTORY
-
-DH_size() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DSA_SIG_new.pod b/src/lib/libcrypto/doc/DSA_SIG_new.pod
deleted file mode 100644
index 45df4c0661..0000000000
--- a/src/lib/libcrypto/doc/DSA_SIG_new.pod
+++ /dev/null
@@ -1,39 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_SIG_new, DSA_SIG_free - allocate and free DSA signature objects
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DSA_SIG *DSA_SIG_new(void);
-
- void DSA_SIG_free(DSA_SIG *a);
-
-=head1 DESCRIPTION
-
-DSA_SIG_new() allocates and initializes a B<DSA_SIG> structure.
-
-DSA_SIG_free() frees the B<DSA_SIG> structure and its components. The
-values are erased before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-If the allocation fails, DSA_SIG_new() returns B<NULL> and sets an
-error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a pointer
-to the newly allocated structure.
-
-DSA_SIG_free() returns no value.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<DSA_do_sign(3)|DSA_do_sign(3)>
-
-=head1 HISTORY
-
-DSA_SIG_new() and DSA_SIG_free() were added in OpenSSL 0.9.3.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DSA_do_sign.pod b/src/lib/libcrypto/doc/DSA_do_sign.pod
deleted file mode 100644
index 5dfc733b20..0000000000
--- a/src/lib/libcrypto/doc/DSA_do_sign.pod
+++ /dev/null
@@ -1,47 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_do_sign, DSA_do_verify - raw DSA signature operations
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-
- int DSA_do_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
-
-=head1 DESCRIPTION
-
-DSA_do_sign() computes a digital signature on the B<len> byte message
-digest B<dgst> using the private key B<dsa> and returns it in a
-newly allocated B<DSA_SIG> structure.
-
-L<DSA_sign_setup(3)|DSA_sign_setup(3)> may be used to precompute part
-of the signing operation in case signature generation is
-time-critical.
-
-DSA_do_verify() verifies that the signature B<sig> matches a given
-message digest B<dgst> of size B<len>. B<dsa> is the signer's public
-key.
-
-=head1 RETURN VALUES
-
-DSA_do_sign() returns the signature, NULL on error. DSA_do_verify()
-returns 1 for a valid signature, 0 for an incorrect signature and -1
-on error. The error codes can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
-L<DSA_sign(3)|DSA_sign(3)>
-
-=head1 HISTORY
-
-DSA_do_sign() and DSA_do_verify() were added in OpenSSL 0.9.3.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DSA_dup_DH.pod b/src/lib/libcrypto/doc/DSA_dup_DH.pod
deleted file mode 100644
index 695f99a13b..0000000000
--- a/src/lib/libcrypto/doc/DSA_dup_DH.pod
+++ /dev/null
@@ -1,36 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_dup_DH - create a DH structure out of DSA structure
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DH * DSA_dup_DH(DSA *r);
-
-=head1 DESCRIPTION
-
-DSA_dup_DH() duplicates DSA parameters/keys as DH parameters/keys. q
-is lost during that conversion, but the resulting DH parameters
-contain its length.
-
-=head1 RETURN VALUE
-
-DSA_dup_DH() returns the new B<DH> structure, and NULL on error. The
-error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTE
-
-Be careful to avoid small subgroup attacks when using this.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-DSA_dup_DH() was added in OpenSSL 0.9.4.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DSA_generate_key.pod b/src/lib/libcrypto/doc/DSA_generate_key.pod
deleted file mode 100644
index 9906a2d7e0..0000000000
--- a/src/lib/libcrypto/doc/DSA_generate_key.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_generate_key - generate DSA key pair
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- int DSA_generate_key(DSA *a);
-
-=head1 DESCRIPTION
-
-DSA_generate_key() expects B<a> to contain DSA parameters. It generates
-a new key pair and stores it in B<a-E<gt>pub_key> and B<a-E<gt>priv_key>.
-
-The PRNG must be seeded prior to calling DSA_generate_key().
-
-=head1 RETURN VALUE
-
-DSA_generate_key() returns 1 on success, 0 otherwise.
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>
-
-=head1 HISTORY
-
-DSA_generate_key() is available since SSLeay 0.8.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DSA_generate_parameters.pod b/src/lib/libcrypto/doc/DSA_generate_parameters.pod
deleted file mode 100644
index be7c924ff8..0000000000
--- a/src/lib/libcrypto/doc/DSA_generate_parameters.pod
+++ /dev/null
@@ -1,105 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_generate_parameters - generate DSA parameters
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DSA *DSA_generate_parameters(int bits, unsigned char *seed,
- int seed_len, int *counter_ret, unsigned long *h_ret,
- void (*callback)(int, int, void *), void *cb_arg);
-
-=head1 DESCRIPTION
-
-DSA_generate_parameters() generates primes p and q and a generator g
-for use in the DSA.
-
-B<bits> is the length of the prime to be generated; the DSS allows a
-maximum of 1024 bits.
-
-If B<seed> is B<NULL> or B<seed_len> E<lt> 20, the primes will be
-generated at random. Otherwise, the seed is used to generate
-them. If the given seed does not yield a prime q, a new random
-seed is chosen and placed at B<seed>.
-
-DSA_generate_parameters() places the iteration count in
-*B<counter_ret> and a counter used for finding a generator in
-*B<h_ret>, unless these are B<NULL>.
-
-A callback function may be used to provide feedback about the progress
-of the key generation. If B<callback> is not B<NULL>, it will be
-called as follows:
-
-=over 4
-
-=item *
-
-When a candidate for q is generated, B<callback(0, m++, cb_arg)> is called
-(m is 0 for the first candidate).
-
-=item *
-
-When a candidate for q has passed a test by trial division,
-B<callback(1, -1, cb_arg)> is called.
-While a candidate for q is tested by Miller-Rabin primality tests,
-B<callback(1, i, cb_arg)> is called in the outer loop
-(once for each witness that confirms that the candidate may be prime);
-i is the loop counter (starting at 0).
-
-=item *
-
-When a prime q has been found, B<callback(2, 0, cb_arg)> and
-B<callback(3, 0, cb_arg)> are called.
-
-=item *
-
-Before a candidate for p (other than the first) is generated and tested,
-B<callback(0, counter, cb_arg)> is called.
-
-=item *
-
-When a candidate for p has passed the test by trial division,
-B<callback(1, -1, cb_arg)> is called.
-While it is tested by the Miller-Rabin primality test,
-B<callback(1, i, cb_arg)> is called in the outer loop
-(once for each witness that confirms that the candidate may be prime).
-i is the loop counter (starting at 0).
-
-=item *
-
-When p has been found, B<callback(2, 1, cb_arg)> is called.
-
-=item *
-
-When the generator has been found, B<callback(3, 1, cb_arg)> is called.
-
-=back
-
-=head1 RETURN VALUE
-
-DSA_generate_parameters() returns a pointer to the DSA structure, or
-B<NULL> if the parameter generation fails. The error codes can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-Seed lengths E<gt> 20 are not supported.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_free(3)|DSA_free(3)>
-
-=head1 HISTORY
-
-DSA_generate_parameters() appeared in SSLeay 0.8. The B<cb_arg>
-argument was added in SSLeay 0.9.0.
-In versions up to OpenSSL 0.9.4, B<callback(1, ...)> was called
-in the inner loop of the Miller-Rabin test whenever it reached the
-squaring step (the parameters to B<callback> did not reveal how many
-witnesses had been tested); since OpenSSL 0.9.5, B<callback(1, ...)>
-is called as in BN_is_prime(3), i.e. once for each witness.
-=cut
diff --git a/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod b/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod
deleted file mode 100644
index 4612e708ec..0000000000
--- a/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod
+++ /dev/null
@@ -1,36 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data - add application specific data to DSA structures
-
-=head1 SYNOPSIS
-
- #include <openssl/DSA.h>
-
- int DSA_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-
- int DSA_set_ex_data(DSA *d, int idx, void *arg);
-
- char *DSA_get_ex_data(DSA *d, int idx);
-
-=head1 DESCRIPTION
-
-These functions handle application specific data in DSA
-structures. Their usage is identical to that of
-RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data()
-as described in L<RSA_get_ex_new_index(3)>.
-
-=head1 SEE ALSO
-
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, L<dsa(3)|dsa(3)>
-
-=head1 HISTORY
-
-DSA_get_ex_new_index(), DSA_set_ex_data() and DSA_get_ex_data() are
-available since OpenSSL 0.9.5.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DSA_new.pod b/src/lib/libcrypto/doc/DSA_new.pod
deleted file mode 100644
index 301af912dd..0000000000
--- a/src/lib/libcrypto/doc/DSA_new.pod
+++ /dev/null
@@ -1,41 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_new, DSA_free - allocate and free DSA objects
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DSA* DSA_new(void);
-
- void DSA_free(DSA *dsa);
-
-=head1 DESCRIPTION
-
-DSA_new() allocates and initializes a B<DSA> structure.
-
-DSA_free() frees the B<DSA> structure and its components. The values are
-erased before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-If the allocation fails, DSA_new() returns B<NULL> and sets an error
-code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a pointer
-to the newly allocated structure.
-
-DSA_free() returns no value.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
-L<DSA_generate_key(3)|DSA_generate_key(3)>
-
-=head1 HISTORY
-
-DSA_new() and DSA_free() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DSA_set_method.pod b/src/lib/libcrypto/doc/DSA_set_method.pod
deleted file mode 100644
index c56dfd0f47..0000000000
--- a/src/lib/libcrypto/doc/DSA_set_method.pod
+++ /dev/null
@@ -1,118 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_set_default_openssl_method, DSA_get_default_openssl_method,
-DSA_set_method, DSA_new_method, DSA_OpenSSL - select DSA method
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
- #include <openssl/engine.h>
-
- void DSA_set_default_openssl_method(DSA_METHOD *meth);
-
- DSA_METHOD *DSA_get_default_openssl_method(void);
-
- int DSA_set_method(DSA *dsa, ENGINE *engine);
-
- DSA *DSA_new_method(ENGINE *engine);
-
- DSA_METHOD *DSA_OpenSSL(void);
-
-=head1 DESCRIPTION
-
-A B<DSA_METHOD> specifies the functions that OpenSSL uses for DSA
-operations. By modifying the method, alternative implementations
-such as hardware accelerators may be used.
-
-Initially, the default is to use the OpenSSL internal implementation.
-DSA_OpenSSL() returns a pointer to that method.
-
-DSA_set_default_openssl_method() makes B<meth> the default method for
-all DSA structures created later. B<NB:> This is true only whilst the
-default engine for DSA operations remains as "openssl". ENGINEs
-provide an encapsulation for implementations of one or more algorithms at a
-time, and all the DSA functions mentioned here operate within the scope
-of the default "openssl" engine.
-
-DSA_get_default_openssl_method() returns a pointer to the current default
-method for the "openssl" engine.
-
-DSA_set_method() selects B<engine> for all operations using the structure B<dsa>.
-
-DSA_new_method() allocates and initializes a DSA structure so that
-B<engine> will be used for the DSA operations. If B<engine> is NULL,
-the default engine for DSA operations is used.
-
-=head1 THE DSA_METHOD STRUCTURE
-
-struct
- {
- /* name of the implementation */
- const char *name;
-
- /* sign */
- DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen,
- DSA *dsa);
-
- /* pre-compute k^-1 and r */
- int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
- BIGNUM **rp);
-
- /* verify */
- int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
-
- /* compute rr = a1^p1 * a2^p2 mod m (May be NULL for some
- implementations) */
- int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
- BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont);
-
- /* compute r = a ^ p mod m (May be NULL for some implementations) */
- int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
- /* called at DSA_new */
- int (*init)(DSA *DSA);
-
- /* called at DSA_free */
- int (*finish)(DSA *DSA);
-
- int flags;
-
- char *app_data; /* ?? */
-
- } DSA_METHOD;
-
-=head1 RETURN VALUES
-
-DSA_OpenSSL() and DSA_get_default_openssl_method() return pointers to the
-respective DSA_METHODs.
-
-DSA_set_default_openssl_method() returns no value.
-
-DSA_set_method() returns non-zero if the ENGINE associated with B<dsa>
-was successfully changed to B<engine>.
-
-DSA_new_method() returns NULL and sets an error code that can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation
-fails. Otherwise it returns a pointer to the newly allocated structure.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<DSA_new(3)|DSA_new(3)>
-
-=head1 HISTORY
-
-DSA_set_default_method(), DSA_get_default_method(), DSA_set_method(),
-DSA_new_method() and DSA_OpenSSL() were added in OpenSSL 0.9.4.
-
-DSA_set_default_openssl_method() and DSA_get_default_openssl_method()
-replaced DSA_set_default_method() and DSA_get_default_method() respectively,
-and DSA_set_method() and DSA_new_method() were altered to use B<ENGINE>s
-rather than B<DSA_METHOD>s during development of OpenSSL 0.9.6.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DSA_sign.pod b/src/lib/libcrypto/doc/DSA_sign.pod
deleted file mode 100644
index 97389e8ec8..0000000000
--- a/src/lib/libcrypto/doc/DSA_sign.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- int DSA_sign(int type, const unsigned char *dgst, int len,
- unsigned char *sigret, unsigned int *siglen, DSA *dsa);
-
- int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
- BIGNUM **rp);
-
- int DSA_verify(int type, const unsigned char *dgst, int len,
- unsigned char *sigbuf, int siglen, DSA *dsa);
-
-=head1 DESCRIPTION
-
-DSA_sign() computes a digital signature on the B<len> byte message
-digest B<dgst> using the private key B<dsa> and places its ASN.1 DER
-encoding at B<sigret>. The length of the signature is places in
-*B<siglen>. B<sigret> must point to DSA_size(B<dsa>) bytes of memory.
-
-DSA_sign_setup() may be used to precompute part of the signing
-operation in case signature generation is time-critical. It expects
-B<dsa> to contain DSA parameters. It places the precomputed values
-in newly allocated B<BIGNUM>s at *B<kinvp> and *B<rp>, after freeing
-the old ones unless *B<kinvp> and *B<rp> are NULL. These values may
-be passed to DSA_sign() in B<dsa-E<gt>kinv> and B<dsa-E<gt>r>.
-B<ctx> is a pre-allocated B<BN_CTX> or NULL.
-
-DSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
-matches a given message digest B<dgst> of size B<len>.
-B<dsa> is the signer's public key.
-
-The B<type> parameter is ignored.
-
-The PRNG must be seeded before DSA_sign() (or DSA_sign_setup())
-is called.
-
-=head1 RETURN VALUES
-
-DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error.
-DSA_verify() returns 1 for a valid signature, 0 for an incorrect
-signature and -1 on error. The error codes can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 CONFORMING TO
-
-US Federal Information Processing Standard FIPS 186 (Digital Signature
-Standard, DSS), ANSI X9.30
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_do_sign(3)|DSA_do_sign(3)>
-
-=head1 HISTORY
-
-DSA_sign() and DSA_verify() are available in all versions of SSLeay.
-DSA_sign_setup() was added in SSLeay 0.8.
-
-=cut
diff --git a/src/lib/libcrypto/doc/DSA_size.pod b/src/lib/libcrypto/doc/DSA_size.pod
deleted file mode 100644
index 23b6320a4d..0000000000
--- a/src/lib/libcrypto/doc/DSA_size.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_size - get DSA signature size
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- int DSA_size(DSA *dsa);
-
-=head1 DESCRIPTION
-
-This function returns the size of an ASN.1 encoded DSA signature in
-bytes. It can be used to determine how much memory must be allocated
-for a DSA signature.
-
-B<dsa-E<gt>q> must not be B<NULL>.
-
-=head1 RETURN VALUE
-
-The size in bytes.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<DSA_sign(3)|DSA_sign(3)>
-
-=head1 HISTORY
-
-DSA_size() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/ERR_GET_LIB.pod b/src/lib/libcrypto/doc/ERR_GET_LIB.pod
deleted file mode 100644
index 2a129da036..0000000000
--- a/src/lib/libcrypto/doc/ERR_GET_LIB.pod
+++ /dev/null
@@ -1,51 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_GET_LIB, ERR_GET_FUNC, ERR_GET_REASON - get library, function and
-reason code
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- int ERR_GET_LIB(unsigned long e);
-
- int ERR_GET_FUNC(unsigned long e);
-
- int ERR_GET_REASON(unsigned long e);
-
-=head1 DESCRIPTION
-
-The error code returned by ERR_get_error() consists of a library
-number, function code and reason code. ERR_GET_LIB(), ERR_GET_FUNC()
-and ERR_GET_REASON() can be used to extract these.
-
-The library number and function code describe where the error
-occurred, the reason code is the information about what went wrong.
-
-Each sub-library of OpenSSL has a unique library number; function and
-reason codes are unique within each sub-library. Note that different
-libraries may use the same value to signal different functions and
-reasons.
-
-B<ERR_R_...> reason codes such as B<ERR_R_MALLOC_FAILURE> are globally
-unique. However, when checking for sub-library specific reason codes,
-be sure to also compare the library number.
-
-ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are macros.
-
-=head1 RETURN VALUES
-
-The library number, function code and reason code respectively.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are available in
-all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/ERR_clear_error.pod b/src/lib/libcrypto/doc/ERR_clear_error.pod
deleted file mode 100644
index 566e1f4e31..0000000000
--- a/src/lib/libcrypto/doc/ERR_clear_error.pod
+++ /dev/null
@@ -1,29 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_clear_error - clear the error queue
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_clear_error(void);
-
-=head1 DESCRIPTION
-
-ERR_clear_error() empties the current thread's error queue.
-
-=head1 RETURN VALUES
-
-ERR_clear_error() has no return value.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-ERR_clear_error() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/ERR_error_string.pod b/src/lib/libcrypto/doc/ERR_error_string.pod
deleted file mode 100644
index e01beb817a..0000000000
--- a/src/lib/libcrypto/doc/ERR_error_string.pod
+++ /dev/null
@@ -1,73 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_error_string, ERR_error_string_n, ERR_lib_error_string,
-ERR_func_error_string, ERR_reason_error_string - obtain human-readable
-error message
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- char *ERR_error_string(unsigned long e, char *buf);
- char *ERR_error_string_n(unsigned long e, char *buf, size_t len);
-
- const char *ERR_lib_error_string(unsigned long e);
- const char *ERR_func_error_string(unsigned long e);
- const char *ERR_reason_error_string(unsigned long e);
-
-=head1 DESCRIPTION
-
-ERR_error_string() generates a human-readable string representing the
-error code I<e>, and places it at I<buf>. I<buf> must be at least 120
-bytes long. If I<buf> is B<NULL>, the error string is placed in a
-static buffer.
-ERR_error_string_n() is a variant of ERR_error_string() that writes
-at most I<len> characters (including the terminating 0)
-and truncates the string if necessary.
-For ERR_error_string_n(), I<buf> may not be B<NULL>.
-
-The string will have the following format:
-
- error:[error code]:[library name]:[function name]:[reason string]
-
-I<error code> is an 8 digit hexadecimal number, I<library name>,
-I<function name> and I<reason string> are ASCII text.
-
-ERR_lib_error_string(), ERR_func_error_string() and
-ERR_reason_error_string() return the library name, function
-name and reason string respectively.
-
-The OpenSSL error strings should be loaded by calling
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)> or, for SSL
-applications, L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-first.
-If there is no text string registered for the given error code,
-the error string will contain the numeric code.
-
-L<ERR_print_errors(3)|ERR_print_errors(3)> can be used to print
-all error codes currently in the queue.
-
-=head1 RETURN VALUES
-
-ERR_error_string() returns a pointer to a static buffer containing the
-string if I<buf> B<== NULL>, I<buf> otherwise.
-
-ERR_lib_error_string(), ERR_func_error_string() and
-ERR_reason_error_string() return the strings, and B<NULL> if
-none is registered for the error code.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-L<ERR_print_errors(3)|ERR_print_errors(3)>
-
-=head1 HISTORY
-
-ERR_error_string() is available in all versions of SSLeay and OpenSSL.
-ERR_error_string_n() was added in OpenSSL 0.9.6.
-
-=cut
diff --git a/src/lib/libcrypto/doc/ERR_get_error.pod b/src/lib/libcrypto/doc/ERR_get_error.pod
deleted file mode 100644
index 3551bacb8d..0000000000
--- a/src/lib/libcrypto/doc/ERR_get_error.pod
+++ /dev/null
@@ -1,63 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_get_error, ERR_peek_error, ERR_get_error_line, ERR_peek_error_line,
-ERR_get_error_line_data, ERR_peek_error_line_data - obtain error code and data
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- unsigned long ERR_get_error(void);
- unsigned long ERR_peek_error(void);
-
- unsigned long ERR_get_error_line(const char **file, int *line);
- unsigned long ERR_peek_error_line(const char **file, int *line);
-
- unsigned long ERR_get_error_line_data(const char **file, int *line,
- const char **data, int *flags);
- unsigned long ERR_peek_error_line_data(const char **file, int *line,
- const char **data, int *flags);
-
-=head1 DESCRIPTION
-
-ERR_get_error() returns the last error code from the thread's error
-queue and removes the entry. This function can be called repeatedly
-until there are no more error codes to return.
-
-ERR_peek_error() returns the last error code from the thread's
-error queue without modifying it.
-
-See L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> for obtaining information about
-location and reason of the error, and
-L<ERR_error_string(3)|ERR_error_string(3)> for human-readable error
-messages.
-
-ERR_get_error_line() and ERR_peek_error_line() are the same as the
-above, but they additionally store the file name and line number where
-the error occurred in *B<file> and *B<line>, unless these are B<NULL>.
-
-ERR_get_error_line_data() and ERR_peek_error_line_data() store
-additional data and flags associated with the error code in *B<data>
-and *B<flags>, unless these are B<NULL>. *B<data> contains a string
-if *B<flags>&B<ERR_TXT_STRING>. If it has been allocated by OPENSSL_malloc(),
-*B<flags>&B<ERR_TXT_MALLOCED> is true.
-
-=head1 RETURN VALUES
-
-The error code, or 0 if there is no error in the queue.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>
-
-=head1 HISTORY
-
-ERR_get_error(), ERR_peek_error(), ERR_get_error_line() and
-ERR_peek_error_line() are available in all versions of SSLeay and
-OpenSSL. ERR_get_error_line_data() and ERR_peek_error_line_data()
-were added in SSLeay 0.9.0.
-
-=cut
diff --git a/src/lib/libcrypto/doc/ERR_load_crypto_strings.pod b/src/lib/libcrypto/doc/ERR_load_crypto_strings.pod
deleted file mode 100644
index 9bdec75a46..0000000000
--- a/src/lib/libcrypto/doc/ERR_load_crypto_strings.pod
+++ /dev/null
@@ -1,46 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_load_crypto_strings, SSL_load_error_strings, ERR_free_strings -
-load and free error strings
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_load_crypto_strings(void);
- void ERR_free_strings(void);
-
- #include <openssl/ssl.h>
-
- void SSL_load_error_strings(void);
-
-=head1 DESCRIPTION
-
-ERR_load_crypto_strings() registers the error strings for all
-B<libcrypto> functions. SSL_load_error_strings() does the same,
-but also registers the B<libssl> error strings.
-
-One of these functions should be called before generating
-textual error messages. However, this is not required when memory
-usage is an issue.
-
-ERR_free_strings() frees all previously loaded error strings.
-
-=head1 RETURN VALUES
-
-ERR_load_crypto_strings(), SSL_load_error_strings() and
-ERR_free_strings() return no values.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
-
-=head1 HISTORY
-
-ERR_load_error_strings(), SSL_load_error_strings() and
-ERR_free_strings() are available in all versions of SSLeay and
-OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/ERR_load_strings.pod b/src/lib/libcrypto/doc/ERR_load_strings.pod
deleted file mode 100644
index 5acdd0edbc..0000000000
--- a/src/lib/libcrypto/doc/ERR_load_strings.pod
+++ /dev/null
@@ -1,54 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_load_strings, ERR_PACK, ERR_get_next_error_library - load
-arbitrary error strings
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
-
- int ERR_get_next_error_library(void);
-
- unsigned long ERR_PACK(int lib, int func, int reason);
-
-=head1 DESCRIPTION
-
-ERR_load_strings() registers error strings for library number B<lib>.
-
-B<str> is an array of error string data:
-
- typedef struct ERR_string_data_st
- {
- unsigned long error;
- char *string;
- } ERR_STRING_DATA;
-
-The error code is generated from the library number and a function and
-reason code: B<error> = ERR_PACK(B<lib>, B<func>, B<reason>).
-ERR_PACK() is a macro.
-
-The last entry in the array is {0,0}.
-
-ERR_get_next_error_library() can be used to assign library numbers
-to user libraries at runtime.
-
-=head1 RETURN VALUE
-
-ERR_load_strings() returns no value. ERR_PACK() return the error code.
-ERR_get_next_error_library() returns a new library number.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-
-=head1 HISTORY
-
-ERR_load_error_strings() and ERR_PACK() are available in all versions
-of SSLeay and OpenSSL. ERR_get_next_error_library() was added in
-SSLeay 0.9.0.
-
-=cut
diff --git a/src/lib/libcrypto/doc/ERR_print_errors.pod b/src/lib/libcrypto/doc/ERR_print_errors.pod
deleted file mode 100644
index b100a5fa2b..0000000000
--- a/src/lib/libcrypto/doc/ERR_print_errors.pod
+++ /dev/null
@@ -1,51 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_print_errors, ERR_print_errors_fp - print error messages
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_print_errors(BIO *bp);
- void ERR_print_errors_fp(FILE *fp);
-
-=head1 DESCRIPTION
-
-ERR_print_errors() is a convenience function that prints the error
-strings for all errors that OpenSSL has recorded to B<bp>, thus
-emptying the error queue.
-
-ERR_print_errors_fp() is the same, except that the output goes to a
-B<FILE>.
-
-
-The error strings will have the following format:
-
- [pid]:error:[error code]:[library name]:[function name]:[reason string]:[file name]:[line]:[optional text message]
-
-I<error code> is an 8 digit hexadecimal number. I<library name>,
-I<function name> and I<reason string> are ASCII text, as is I<optional
-text message> if one was set for the respective error code.
-
-If there is no text string registered for the given error code,
-the error string will contain the numeric code.
-
-=head1 RETURN VALUES
-
-ERR_print_errors() and ERR_print_errors_fp() return no values.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-
-=head1 HISTORY
-
-ERR_print_errors() and ERR_print_errors_fp()
-are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/ERR_put_error.pod b/src/lib/libcrypto/doc/ERR_put_error.pod
deleted file mode 100644
index acd241fbe4..0000000000
--- a/src/lib/libcrypto/doc/ERR_put_error.pod
+++ /dev/null
@@ -1,44 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_put_error, ERR_add_error_data - record an error
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_put_error(int lib, int func, int reason, const char *file,
- int line);
-
- void ERR_add_error_data(int num, ...);
-
-=head1 DESCRIPTION
-
-ERR_put_error() adds an error code to the thread's error queue. It
-signals that the error of reason code B<reason> occurred in function
-B<func> of library B<lib>, in line number B<line> of B<file>.
-This function is usually called by a macro.
-
-ERR_add_error_data() associates the concatenation of its B<num> string
-arguments with the error code added last.
-
-L<ERR_load_strings(3)|ERR_load_strings(3)> can be used to register
-error strings so that the application can a generate human-readable
-error messages for the error code.
-
-=head1 RETURN VALUES
-
-ERR_put_error() and ERR_add_error_data() return
-no values.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-
-=head1 HISTORY
-
-ERR_put_error() is available in all versions of SSLeay and OpenSSL.
-ERR_add_error_data() was added in SSLeay 0.9.0.
-
-=cut
diff --git a/src/lib/libcrypto/doc/ERR_remove_state.pod b/src/lib/libcrypto/doc/ERR_remove_state.pod
deleted file mode 100644
index 72925fb9f4..0000000000
--- a/src/lib/libcrypto/doc/ERR_remove_state.pod
+++ /dev/null
@@ -1,34 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_remove_state - free a thread's error queue
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_remove_state(unsigned long pid);
-
-=head1 DESCRIPTION
-
-ERR_remove_state() frees the error queue associated with thread B<pid>.
-If B<pid> == 0, the current thread will have its error queue removed.
-
-Since error queue data structures are allocated automatically for new
-threads, they must be freed when threads are terminated in order to
-avoid memory leaks.
-
-=head1 RETURN VALUE
-
-ERR_remove_state() returns no value.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>
-
-=head1 HISTORY
-
-ERR_remove_state() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/EVP_DigestInit.pod b/src/lib/libcrypto/doc/EVP_DigestInit.pod
deleted file mode 100644
index fefc858f7e..0000000000
--- a/src/lib/libcrypto/doc/EVP_DigestInit.pod
+++ /dev/null
@@ -1,202 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal, EVP_MAX_MD_SIZE,
-EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size,
-EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type,
-EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2,
-EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
-EVP digest routines
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
- void EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- void EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
- unsigned int *s);
-
- #define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
-
- int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
-
- #define EVP_MD_type(e) ((e)->type)
- #define EVP_MD_pkey_type(e) ((e)->pkey_type)
- #define EVP_MD_size(e) ((e)->md_size)
- #define EVP_MD_block_size(e) ((e)->block_size)
-
- #define EVP_MD_CTX_md(e) (e)->digest)
- #define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
- #define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
- #define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
-
- EVP_MD *EVP_md_null(void);
- EVP_MD *EVP_md2(void);
- EVP_MD *EVP_md5(void);
- EVP_MD *EVP_sha(void);
- EVP_MD *EVP_sha1(void);
- EVP_MD *EVP_dss(void);
- EVP_MD *EVP_dss1(void);
- EVP_MD *EVP_mdc2(void);
- EVP_MD *EVP_ripemd160(void);
-
- const EVP_MD *EVP_get_digestbyname(const char *name);
- #define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
- #define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
-
-=head1 DESCRIPTION
-
-The EVP digest routines are a high level interface to message digests.
-
-EVP_DigestInit() initializes a digest context B<ctx> to use a digest
-B<type>: this will typically be supplied by a function such as
-EVP_sha1().
-
-EVP_DigestUpdate() hashes B<cnt> bytes of data at B<d> into the
-digest context B<ctx>. This function can be called several times on the
-same B<ctx> to hash additional data.
-
-EVP_DigestFinal() retrieves the digest value from B<ctx> and places
-it in B<md>. If the B<s> parameter is not NULL then the number of
-bytes of data written (i.e. the length of the digest) will be written
-to the integer at B<s>, at most B<EVP_MAX_MD_SIZE> bytes will be written.
-After calling EVP_DigestFinal() no additional calls to EVP_DigestUpdate()
-can be made, but EVP_DigestInit() can be called to initialize a new
-digest operation.
-
-EVP_MD_CTX_copy() can be used to copy the message digest state from
-B<in> to B<out>. This is useful if large amounts of data are to be
-hashed which only differ in the last few bytes.
-
-EVP_MD_size() and EVP_MD_CTX_size() return the size of the message digest
-when passed an B<EVP_MD> or an B<EVP_MD_CTX> structure, i.e. the size of the
-hash.
-
-EVP_MD_block_size() and EVP_MD_CTX_block_size() return the block size of the
-message digest when passed an B<EVP_MD> or an B<EVP_MD_CTX> structure.
-
-EVP_MD_type() and EVP_MD_CTX_type() return the NID of the OBJECT IDENTIFIER
-representing the given message digest when passed an B<EVP_MD> structure.
-For example EVP_MD_type(EVP_sha1()) returns B<NID_sha1>. This function is
-normally used when setting ASN1 OIDs.
-
-EVP_MD_CTX_md() returns the B<EVP_MD> structure corresponding to the passed
-B<EVP_MD_CTX>.
-
-EVP_MD_pkey_type() returns the NID of the public key signing algorithm associated
-with this digest. For example EVP_sha1() is associated with RSA so this will
-return B<NID_sha1WithRSAEncryption>. This "link" between digests and signature
-algorithms may not be retained in future versions of OpenSSL.
-
-EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_mdc2() and EVP_ripemd160()
-return B<EVP_MD> structures for the MD2, MD5, SHA, SHA1, MDC2 and RIPEMD160 digest
-algorithms respectively. The associated signature algorithm is RSA in each case.
-
-EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
-algorithms but using DSS (DSA) for the signature algorithm.
-
-EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it
-returns is of zero length.
-
-EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
-return an B<EVP_MD> structure when passed a digest name, a digest NID or
-an ASN1_OBJECT structure respectively. The digest table must be initialized
-using, for example, OpenSSL_add_all_digests() for these functions to work.
-
-=head1 RETURN VALUES
-
-EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() do not return values.
-
-EVP_MD_CTX_copy() returns 1 if successful or 0 for failure.
-
-EVP_MD_type(), EVP_MD_pkey_type() and EVP_MD_type() return the NID of the
-corresponding OBJECT IDENTIFIER or NID_undef if none exists.
-
-EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(e), EVP_MD_size(),
-EVP_MD_CTX_block_size() and EVP_MD_block_size() return the digest or block
-size in bytes.
-
-EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
-EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
-corresponding EVP_MD structures.
-
-EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
-return either an B<EVP_MD> structure or NULL if an error occurs.
-
-=head1 NOTES
-
-The B<EVP> interface to message digests should almost always be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the digest used and much more flexible.
-
-SHA1 is the digest of choice for new applications. The other digest algorithms
-are still in common use.
-
-=head1 EXAMPLE
-
-This example digests the data "Test Message\n" and "Hello World\n", using the
-digest name passed on the command line.
-
- #include <stdio.h>
- #include <openssl/evp.h>
-
- main(int argc, char *argv[])
- {
- EVP_MD_CTX mdctx;
- const EVP_MD *md;
- char mess1[] = "Test Message\n";
- char mess2[] = "Hello World\n";
- unsigned char md_value[EVP_MAX_MD_SIZE];
- int md_len, i;
-
- OpenSSL_add_all_digests();
-
- if(!argv[1]) {
- printf("Usage: mdtest digestname\n");
- exit(1);
- }
-
- md = EVP_get_digestbyname(argv[1]);
-
- if(!md) {
- printf("Unknown message digest %s\n", argv[1]);
- exit(1);
- }
-
- EVP_DigestInit(&mdctx, md);
- EVP_DigestUpdate(&mdctx, mess1, strlen(mess1));
- EVP_DigestUpdate(&mdctx, mess2, strlen(mess2));
- EVP_DigestFinal(&mdctx, md_value, &md_len);
-
- printf("Digest is: ");
- for(i = 0; i < md_len; i++) printf("%02x", md_value[i]);
- printf("\n");
- }
-
-=head1 BUGS
-
-Several of the functions do not return values: maybe they should. Although the
-internal digest operations will never fail some future hardware based operations
-might.
-
-The link between digests and signing algorithms results in a situation where
-EVP_sha1() must be used with RSA and EVP_dss1() must be used with DSS
-even though they are identical digests.
-
-The size of an B<EVP_MD_CTX> structure is determined at compile time: this results
-in code that must be recompiled if the size of B<EVP_MD_CTX> increases.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<HMAC(3)|HMAC(3)>, L<MD2(3)|MD2(3)>,
-L<MD5(3)|MD5(3)>, L<MDC2(3)|MDC2(3)>, L<RIPEMD160(3)|RIPEMD160(3)>,
-L<SHA1(3)|SHA1(3)>
-
-=head1 HISTORY
-
-EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() are
-available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/EVP_EncryptInit.pod b/src/lib/libcrypto/doc/EVP_EncryptInit.pod
deleted file mode 100644
index 9afe2396e2..0000000000
--- a/src/lib/libcrypto/doc/EVP_EncryptInit.pod
+++ /dev/null
@@ -1,359 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_EncryptInit, EVP_EncryptUpdate, EVP_EncryptFinal, EVP_DecryptInit,
-EVP_DecryptUpdate, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherUpdate,
-EVP_CipherFinal, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl,
-EVP_CIPHER_CTX_cleanup, EVP_get_cipherbyname, EVP_get_cipherbynid,
-EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size,
-EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags,
-EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid,
-EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length,
-EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type,
-EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1,
-EVP_CIPHER_asn1_to_param - EVP cipher routines
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
- unsigned char *key, unsigned char *iv);
- int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, unsigned char *in, int inl);
- int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl);
-
- int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
- unsigned char *key, unsigned char *iv);
- int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, unsigned char *in, int inl);
- int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
- int *outl);
-
- int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
- unsigned char *key, unsigned char *iv, int enc);
- int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, unsigned char *in, int inl);
- int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
- int *outl);
-
- int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
- int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
- int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
-
- const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
- #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
- #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
-
- #define EVP_CIPHER_nid(e) ((e)->nid)
- #define EVP_CIPHER_block_size(e) ((e)->block_size)
- #define EVP_CIPHER_key_length(e) ((e)->key_len)
- #define EVP_CIPHER_iv_length(e) ((e)->iv_len)
- #define EVP_CIPHER_flags(e) ((e)->flags)
- #define EVP_CIPHER_mode(e) ((e)->flags) & EVP_CIPH_MODE)
- int EVP_CIPHER_type(const EVP_CIPHER *ctx);
-
- #define EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
- #define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid)
- #define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
- #define EVP_CIPHER_CTX_key_length(e) ((e)->key_len)
- #define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
- #define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
- #define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
- #define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
- #define EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags)
- #define EVP_CIPHER_CTX_mode(e) ((e)->cipher->flags & EVP_CIPH_MODE)
-
- int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
- int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-
-=head1 DESCRIPTION
-
-The EVP cipher routines are a high level interface to certain
-symmetric ciphers.
-
-EVP_EncryptInit() initializes a cipher context B<ctx> for encryption
-with cipher B<type>. B<type> is normally supplied by a function such
-as EVP_des_cbc() . B<key> is the symmetric key to use and B<iv> is the
-IV to use (if necessary), the actual number of bytes used for the
-key and IV depends on the cipher. It is possible to set all parameters
-to NULL except B<type> in an initial call and supply the remaining
-parameters in subsequent calls, all of which have B<type> set to NULL.
-This is done when the default cipher parameters are not appropriate.
-
-EVP_EncryptUpdate() encrypts B<inl> bytes from the buffer B<in> and
-writes the encrypted version to B<out>. This function can be called
-multiple times to encrypt successive blocks of data. The amount
-of data written depends on the block alignment of the encrypted data:
-as a result the amount of data written may be anything from zero bytes
-to (inl + cipher_block_size - 1) so B<outl> should contain sufficient
-room. The actual number of bytes written is placed in B<outl>.
-
-EVP_EncryptFinal() encrypts the "final" data, that is any data that
-remains in a partial block. It uses L<standard block padding|/NOTES> (aka PKCS
-padding). The encrypted final data is written to B<out> which should
-have sufficient space for one cipher block. The number of bytes written
-is placed in B<outl>. After this function is called the encryption operation
-is finished and no further calls to EVP_EncryptUpdate() should be made.
-
-EVP_DecryptInit(), EVP_DecryptUpdate() and EVP_DecryptFinal() are the
-corresponding decryption operations. EVP_DecryptFinal() will return an
-error code if the final block is not correctly formatted. The parameters
-and restrictions are identical to the encryption operations except that
-the decrypted data buffer B<out> passed to EVP_DecryptUpdate() should
-have sufficient room for (B<inl> + cipher_block_size) bytes unless the
-cipher block size is 1 in which case B<inl> bytes is sufficient.
-
-EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal() are functions
-that can be used for decryption or encryption. The operation performed
-depends on the value of the B<enc> parameter. It should be set to 1 for
-encryption, 0 for decryption and -1 to leave the value unchanged (the
-actual value of 'enc' being supplied in a previous call).
-
-EVP_CIPHER_CTX_cleanup() clears all information from a cipher context.
-It should be called after all operations using a cipher are complete
-so sensitive information does not remain in memory.
-
-EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
-return an EVP_CIPHER structure when passed a cipher name, a NID or an
-ASN1_OBJECT structure.
-
-EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when
-passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX> structure. The actual NID
-value is an internal value which may not have a corresponding OBJECT
-IDENTIFIER.
-
-EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key
-length of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>
-structure. The constant B<EVP_MAX_KEY_LENGTH> is the maximum key length
-for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a
-given cipher, the value of EVP_CIPHER_CTX_key_length() may be different
-for variable key length ciphers.
-
-EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx.
-If the cipher is a fixed length cipher then attempting to set the key
-length to any value other than the fixed value is an error.
-
-EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
-length of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>.
-It will return zero if the cipher does not use an IV. The constant
-B<EVP_MAX_IV_LENGTH> is the maximum IV length for all ciphers.
-
-EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block
-size of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>
-structure. The constant B<EVP_MAX_IV_LENGTH> is also the maximum block
-length for all ciphers.
-
-EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed
-cipher or context. This "type" is the actual NID of the cipher OBJECT
-IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and
-128 bit RC2 have the same NID. If the cipher does not have an object
-identifier or does not have ASN1 support this function will return
-B<NID_undef>.
-
-EVP_CIPHER_CTX_cipher() returns the B<EVP_CIPHER> structure when passed
-an B<EVP_CIPHER_CTX> structure.
-
-EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode:
-EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE or
-EVP_CIPH_OFB_MODE. If the cipher is a stream cipher then
-EVP_CIPH_STREAM_CIPHER is returned.
-
-EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier "parameter" based
-on the passed cipher. This will typically include any parameters and an
-IV. The cipher IV (if any) must be set when this call is made. This call
-should be made before the cipher is actually "used" (before any
-EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function
-may fail if the cipher does not have any ASN1 support.
-
-EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1
-AlgorithmIdentifier "parameter". The precise effect depends on the cipher
-In the case of RC2, for example, it will set the IV and effective key length.
-This function should be called after the base cipher type is set but before
-the key is set. For example EVP_CipherInit() will be called with the IV and
-key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally
-EVP_CipherInit() again with all parameters except the key set to NULL. It is
-possible for this function to fail if the cipher does not have any ASN1 support
-or the parameters cannot be set (for example the RC2 effective key length
-is not supported.
-
-EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined
-and set. Currently only the RC2 effective key length and the number of rounds of
-RC5 can be set.
-
-=head1 RETURN VALUES
-
-EVP_EncryptInit(), EVP_EncryptUpdate() and EVP_EncryptFinal() return 1 for success
-and 0 for failure.
-
-EVP_DecryptInit() and EVP_DecryptUpdate() return 1 for success and 0 for failure.
-EVP_DecryptFinal() returns 0 if the decrypt failed or 1 for success.
-
-EVP_CipherInit() and EVP_CipherUpdate() return 1 for success and 0 for failure.
-EVP_CipherFinal() returns 1 for a decryption failure or 1 for success.
-
-EVP_CIPHER_CTX_cleanup() returns 1 for success and 0 for failure.
-
-EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
-return an B<EVP_CIPHER> structure or NULL on error.
-
-EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.
-
-EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block
-size.
-
-EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key
-length.
-
-EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
-length or zero if the cipher does not use an IV.
-
-EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher's
-OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.
-
-EVP_CIPHER_CTX_cipher() returns an B<EVP_CIPHER> structure.
-
-EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for
-success or zero for failure.
-
-=head1 CIPHER LISTING
-
-All algorithms have a fixed key length unless otherwise stated.
-
-=over 4
-
-=item EVP_enc_null()
-
-Null cipher: does nothing.
-
-=item EVP_des_cbc(void), EVP_des_ecb(void), EVP_des_cfb(void), EVP_des_ofb(void)
-
-DES in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_des_ede_cbc(void), EVP_des_ede(), EVP_des_ede_ofb(void), EVP_des_ede_cfb(void)
-
-Two key triple DES in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_des_ede3_cbc(void), EVP_des_ede3(), EVP_des_ede3_ofb(void), EVP_des_ede3_cfb(void)
-
-Three key triple DES in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_desx_cbc(void)
-
-DESX algorithm in CBC mode.
-
-=item EVP_rc4(void)
-
-RC4 stream cipher. This is a variable key length cipher with default key length 128 bits.
-
-=item EVP_rc4_40(void)
-
-RC4 stream cipher with 40 bit key length. This is obsolete and new code should use EVP_rc4()
-and the EVP_CIPHER_CTX_set_key_length() function.
-
-=item EVP_idea_cbc() EVP_idea_ecb(void), EVP_idea_cfb(void), EVP_idea_ofb(void), EVP_idea_cbc(void)
-
-IDEA encryption algorithm in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_rc2_cbc(void), EVP_rc2_ecb(void), EVP_rc2_cfb(void), EVP_rc2_ofb(void)
-
-RC2 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key
-length cipher with an additional parameter called "effective key bits" or "effective key length".
-By default both are set to 128 bits.
-
-=item EVP_rc2_40_cbc(void), EVP_rc2_64_cbc(void)
-
-RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits.
-These are obsolete and new code should use EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and
-EVP_CIPHER_CTX_ctrl() to set the key length and effective key length.
-
-=item EVP_bf_cbc(void), EVP_bf_ecb(void), EVP_bf_cfb(void), EVP_bf_ofb(void);
-
-Blowfish encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key
-length cipher.
-
-=item EVP_cast5_cbc(void), EVP_cast5_ecb(void), EVP_cast5_cfb(void), EVP_cast5_ofb(void)
-
-CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key
-length cipher.
-
-=item EVP_rc5_32_12_16_cbc(void), EVP_rc5_32_12_16_ecb(void), EVP_rc5_32_12_16_cfb(void), EVP_rc5_32_12_16_ofb(void)
-
-RC5 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key length
-cipher with an additional "number of rounds" parameter. By default the key length is set to 128
-bits and 12 rounds.
-
-=back
-
-=head1 NOTES
-
-Where possible the B<EVP> interface to symmetric ciphers should be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the cipher used and much more flexible.
-
-PKCS padding works by adding B<n> padding bytes of value B<n> to make the total
-length of the encrypted data a multiple of the block size. Padding is always
-added so if the data is already a multiple of the block size B<n> will equal
-the block size. For example if the block size is 8 and 11 bytes are to be
-encrypted then 5 padding bytes of value 5 will be added.
-
-When decrypting the final block is checked to see if it has the correct form.
-
-Although the decryption operation can produce an error, it is not a strong
-test that the input data or key is correct. A random block has better than
-1 in 256 chance of being of the correct format and problems with the
-input data earlier on will not produce a final decrypt error.
-
-The functions EVP_EncryptInit(), EVP_EncryptUpdate(), EVP_EncryptFinal(),
-EVP_DecryptInit(), EVP_DecryptUpdate(), EVP_CipherInit() and EVP_CipherUpdate()
-and EVP_CIPHER_CTX_cleanup() did not return errors in OpenSSL version 0.9.5a or
-earlier. Software only versions of encryption algorithms will never return
-error codes for these functions, unless there is a programming error (for example
-and attempt to set the key before the cipher is set in EVP_EncryptInit() ).
-
-=head1 BUGS
-
-For RC5 the number of rounds can currently only be set to 8, 12 or 16. This is
-a limitation of the current RC5 code rather than the EVP interface.
-
-It should be possible to disable PKCS padding: currently it isn't.
-
-EVP_MAX_KEY_LENGTH and EVP_MAX_IV_LENGTH only refer to the internal ciphers with
-default key lengths. If custom ciphers exceed these values the results are
-unpredictable. This is because it has become standard practice to define a
-generic key as a fixed unsigned char array containing EVP_MAX_KEY_LENGTH bytes.
-
-The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested
-for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.
-
-=head1 EXAMPLES
-
-Get the number of rounds used in RC5:
-
- int nrounds;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC5_ROUNDS, 0, &i);
-
-Get the RC2 effective key length:
-
- int key_bits;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
-
-Set the number of rounds used in RC5:
-
- int nrounds;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC5_ROUNDS, i, NULL);
-
-Set the number of rounds used in RC2:
-
- int nrounds;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, i, NULL);
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>
-
-=head1 HISTORY
-
-=cut
diff --git a/src/lib/libcrypto/doc/EVP_OpenInit.pod b/src/lib/libcrypto/doc/EVP_OpenInit.pod
deleted file mode 100644
index 2e710da945..0000000000
--- a/src/lib/libcrypto/doc/EVP_OpenInit.pod
+++ /dev/null
@@ -1,63 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
- int ekl,unsigned char *iv,EVP_PKEY *priv);
- int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, unsigned char *in, int inl);
- int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl);
-
-=head1 DESCRIPTION
-
-The EVP envelope routines are a high level interface to envelope
-decryption. They decrypt a public key encrypted symmetric key and
-then decrypt data using it.
-
-EVP_OpenInit() initializes a cipher context B<ctx> for decryption
-with cipher B<type>. It decrypts the encrypted symmetric key of length
-B<ekl> bytes passed in the B<ek> parameter using the private key B<priv>.
-The IV is supplied in the B<iv> parameter.
-
-EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties
-as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as
-documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
-page.
-
-=head1 NOTES
-
-It is possible to call EVP_OpenInit() twice in the same way as
-EVP_DecryptInit(). The first call should have B<priv> set to NULL
-and (after setting any cipher parameters) it should be called again
-with B<type> set to NULL.
-
-If the cipher passed in the B<type> parameter is a variable length
-cipher then the key length will be set to the value of the recovered
-key length. If the cipher is a fixed length cipher then the recovered
-key length must match the fixed cipher length.
-
-=head1 RETURN VALUES
-
-EVP_OpenInit() returns 0 on error or a non zero integer (actually the
-recovered secret key size) if successful.
-
-EVP_OpenUpdate() returns 1 for success or 0 for failure.
-
-EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_SealInit(3)|EVP_SealInit(3)>
-
-=head1 HISTORY
-
-=cut
diff --git a/src/lib/libcrypto/doc/EVP_SealInit.pod b/src/lib/libcrypto/doc/EVP_SealInit.pod
deleted file mode 100644
index 0451eb648a..0000000000
--- a/src/lib/libcrypto/doc/EVP_SealInit.pod
+++ /dev/null
@@ -1,76 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
- int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
- int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, unsigned char *in, int inl);
- int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl);
-
-=head1 DESCRIPTION
-
-The EVP envelope routines are a high level interface to envelope
-encryption. They generate a random key and then "envelope" it by
-using public key encryption. Data can then be encrypted using this
-key.
-
-EVP_SealInit() initializes a cipher context B<ctx> for encryption
-with cipher B<type> using a random secret key and IV supplied in
-the B<iv> parameter. B<type> is normally supplied by a function such
-as EVP_des_cbc(). The secret key is encrypted using one or more public
-keys, this allows the same encrypted data to be decrypted using any
-of the corresponding private keys. B<ek> is an array of buffers where
-the public key encrypted secret key will be written, each buffer must
-contain enough room for the corresponding encrypted key: that is
-B<ek[i]> must have room for B<EVP_PKEY_size(pubk[i])> bytes. The actual
-size of each encrypted secret key is written to the array B<ekl>. B<pubk> is
-an array of B<npubk> public keys.
-
-EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties
-as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as
-documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
-page.
-
-=head1 RETURN VALUES
-
-EVP_SealInit() returns 0 on error or B<npubk> if successful.
-
-EVP_SealUpdate() and EVP_SealFinal() return 1 for success and 0 for
-failure.
-
-=head1 NOTES
-
-Because a random secret key is generated the random number generator
-must be seeded before calling EVP_SealInit().
-
-The public key must be RSA because it is the only OpenSSL public key
-algorithm that supports key transport.
-
-Envelope encryption is the usual method of using public key encryption
-on large amounts of data, this is because public key encryption is slow
-but symmetric encryption is fast. So symmetric encryption is used for
-bulk encryption and the small random symmetric key used is transferred
-using public key encryption.
-
-It is possible to call EVP_SealInit() twice in the same way as
-EVP_EncryptInit(). The first call should have B<npubk> set to 0
-and (after setting any cipher parameters) it should be called again
-with B<type> set to NULL.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_OpenInit(3)|EVP_OpenInit(3)>
-
-=head1 HISTORY
-
-=cut
diff --git a/src/lib/libcrypto/doc/EVP_SignInit.pod b/src/lib/libcrypto/doc/EVP_SignInit.pod
deleted file mode 100644
index d5ce245ecd..0000000000
--- a/src/lib/libcrypto/doc/EVP_SignInit.pod
+++ /dev/null
@@ -1,85 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_SignInit, EVP_SignUpdate, EVP_SignFinal - EVP signing functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
- void EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *sig,unsigned int *s, EVP_PKEY *pkey);
-
- int EVP_PKEY_size(EVP_PKEY *pkey);
-
-=head1 DESCRIPTION
-
-The EVP signature routines are a high level interface to digital
-signatures.
-
-EVP_SignInit() initializes a signing context B<ctx> to using digest
-B<type>: this will typically be supplied by a function such as
-EVP_sha1().
-
-EVP_SignUpdate() hashes B<cnt> bytes of data at B<d> into the
-signature context B<ctx>. This function can be called several times on the
-same B<ctx> to include additional data.
-
-EVP_SignFinal() signs the data in B<ctx> using the private key B<pkey>
-and places the signature in B<sig>. If the B<s> parameter is not NULL
-then the number of bytes of data written (i.e. the length of the signature)
-will be written to the integer at B<s>, at most EVP_PKEY_size(pkey) bytes
-will be written. After calling EVP_SignFinal() no additional calls to
-EVP_SignUpdate() can be made, but EVP_SignInit() can be called to initialize
-a new signature operation.
-
-EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual
-signature returned by EVP_SignFinal() may be smaller.
-
-=head1 RETURN VALUES
-
-EVP_SignInit() and EVP_SignUpdate() do not return values.
-
-EVP_SignFinal() returns 1 for success and 0 for failure.
-
-EVP_PKEY_size() returns the maximum size of a signature in bytes.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTES
-
-The B<EVP> interface to digital signatures should almost always be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the algorithm used and much more flexible.
-
-Due to the link between message digests and public key algorithms the correct
-digest algorithm must be used with the correct public key type. A list of
-algorithms and associated public key algorithms appears in
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
-
-When signing with DSA private keys the random number generator must be seeded
-or the operation will fail. The random number generator does not need to be
-seeded for RSA signatures.
-
-=head1 BUGS
-
-Several of the functions do not return values: maybe they should. Although the
-internal digest operations will never fail some future hardware based operations
-might.
-
-=head1 SEE ALSO
-
-L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<evp(3)|evp(3)>, L<HMAC(3)|HMAC(3)>, L<MD2(3)|MD2(3)>,
-L<MD5(3)|MD5(3)>, L<MDC2(3)|MDC2(3)>, L<RIPEMD(3)|RIPEMD(3)>,
-L<SHA1(3)|SHA1(3)>, L<digest(1)|digest(1)>
-
-=head1 HISTORY
-
-EVP_SignInit(), EVP_SignUpdate() and EVP_SignFinal() are
-available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/EVP_VerifyInit.pod b/src/lib/libcrypto/doc/EVP_VerifyInit.pod
deleted file mode 100644
index 736a0f4a82..0000000000
--- a/src/lib/libcrypto/doc/EVP_VerifyInit.pod
+++ /dev/null
@@ -1,72 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal - EVP signature verification functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- void EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);
- void EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey);
-
-=head1 DESCRIPTION
-
-The EVP signature verification routines are a high level interface to digital
-signatures.
-
-EVP_VerifyInit() initializes a verification context B<ctx> to using digest
-B<type>: this will typically be supplied by a function such as EVP_sha1().
-
-EVP_VerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
-verification context B<ctx>. This function can be called several times on the
-same B<ctx> to include additional data.
-
-EVP_VerifyFinal() verifies the data in B<ctx> using the public key B<pkey>
-and against the B<siglen> bytes at B<sigbuf>. After calling EVP_VerifyFinal()
-no additional calls to EVP_VerifyUpdate() can be made, but EVP_VerifyInit()
-can be called to initialize a new verification operation.
-
-=head1 RETURN VALUES
-
-EVP_VerifyInit() and EVP_VerifyUpdate() do not return values.
-
-EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some
-other error occurred.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTES
-
-The B<EVP> interface to digital signatures should almost always be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the algorithm used and much more flexible.
-
-Due to the link between message digests and public key algorithms the correct
-digest algorithm must be used with the correct public key type. A list of
-algorithms and associated public key algorithms appears in
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
-
-=head1 BUGS
-
-Several of the functions do not return values: maybe they should. Although the
-internal digest operations will never fail some future hardware based operations
-might.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>,
-L<EVP_SignInit(3)|EVP_SignInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<digest(1)|digest(1)>
-
-=head1 HISTORY
-
-EVP_VerifyInit(), EVP_VerifyUpdate() and EVP_VerifyFinal() are
-available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod b/src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod
deleted file mode 100644
index 68ea723259..0000000000
--- a/src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod
+++ /dev/null
@@ -1,88 +0,0 @@
-=pod
-
-=head1 NAME
-
-OPENSSL_VERSION_NUMBER, SSLeay SSLeay_version - get OpenSSL version number
-
-=head1 SYNOPSIS
-
- #include <openssl/opensslv.h>
- #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
-
- #include <openssl/crypto.h>
- long SSLeay(void);
- char *SSLeay_version(int t);
-
-=head1 DESCRIPTION
-
-OPENSSL_VERSION_NUMBER is a numeric release version identifier:
-
- MMNNFFPPS: major minor fix patch status
-
-The status nibble has one of the values 0 for development, 1 to e for betas
-1 to 14, and f for release.
-
-for example
-
- 0x000906000 == 0.9.6 dev
- 0x000906023 == 0.9.6b beta 3
- 0x00090605f == 0.9.6e release
-
-Versions prior to 0.9.3 have identifiers E<lt> 0x0930.
-Versions between 0.9.3 and 0.9.5 had a version identifier with this
-interpretation:
-
- MMNNFFRBB major minor fix final beta/patch
-
-for example
-
- 0x000904100 == 0.9.4 release
- 0x000905000 == 0.9.5 dev
-
-Version 0.9.5a had an interim interpretation that is like the current one,
-except the patch level got the highest bit set, to keep continuity. The
-number was therefore 0x0090581f.
-
-
-For backward compatibility, SSLEAY_VERSION_NUMBER is also defined.
-
-SSLeay() returns this number. The return value can be compared to the
-macro to make sure that the correct version of the library has been
-loaded, especially when using DLLs on Windows systems.
-
-SSLeay_version() returns different strings depending on B<t>:
-
-=over 4
-
-=item SSLEAY_VERSION
-The text variant of the version number and the release date. For example,
-"OpenSSL 0.9.5a 1 Apr 2000".
-
-=item SSLEAY_CFLAGS
-The flags given to the C compiler when compiling OpenSSL are returned in a
-string.
-
-=item SSLEAY_PLATFORM
-The platform name used when OpenSSL was configured is returned.
-
-=back
-
-If the data request isn't available, a text saying that the information is
-not available is returned.
-
-For an unknown B<t>, the text "not available" is returned.
-
-=head1 RETURN VALUE
-
-The version number.
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>
-
-=head1 HISTORY
-
-SSLeay() and SSLEAY_VERSION_NUMBER are available in all versions of SSLeay and OpenSSL.
-OPENSSL_VERSION_NUMBER is available in all versions of OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/OpenSSL_add_all_algorithms.pod b/src/lib/libcrypto/doc/OpenSSL_add_all_algorithms.pod
deleted file mode 100644
index e63411b5bb..0000000000
--- a/src/lib/libcrypto/doc/OpenSSL_add_all_algorithms.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-OpenSSL_add_all_algorithms, OpenSSL_add_all_ciphers, OpenSSL_add_all_digests -
-add algorithms to internal table
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- void OpenSSL_add_all_algorithms(void);
- void OpenSSL_add_all_ciphers(void);
- void OpenSSL_add_all_digests(void);
-
- void EVP_cleanup(void);
-
-=head1 DESCRIPTION
-
-OpenSSL keeps an internal table of digest algorithms and ciphers. It uses
-this table to lookup ciphers via functions such as EVP_get_cipher_byname().
-
-OpenSSL_add_all_digests() adds all digest algorithms to the table.
-
-OpenSSL_add_all_algorithms() adds all algorithms to the table (digests and
-ciphers).
-
-OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including
-password based encryption algorithms.
-
-EVP_cleanup() removes all ciphers and digests from the table.
-
-=head1 RETURN VALUES
-
-None of the functions return a value.
-
-=head1 NOTES
-
-A typical application will call OpenSSL_add_all_algorithms() initially and
-EVP_cleanup() before exiting.
-
-An application does not need to add algorithms to use them explicitly, for example
-by EVP_sha1(). It just needs to add them if it (or any of the functions it calls)
-needs to lookup algorithms.
-
-The cipher and digest lookup functions are used in many parts of the library. If
-the table is not initialized several functions will misbehave and complain they
-cannot find algorithms. This includes the PEM, PKCS#12, SSL and S/MIME libraries.
-This is a common query in the OpenSSL mailing lists.
-
-Calling OpenSSL_add_all_algorithms() links in all algorithms: as a result a
-statically linked executable can be quite large. If this is important it is possible
-to just add the required ciphers and digests.
-
-=head1 BUGS
-
-Although the functions do not return error codes it is possible for them to fail.
-This will only happen as a result of a memory allocation failure so this is not
-too much of a problem in practice.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
-
-=cut
diff --git a/src/lib/libcrypto/doc/RAND_add.pod b/src/lib/libcrypto/doc/RAND_add.pod
deleted file mode 100644
index 67c66f3e0c..0000000000
--- a/src/lib/libcrypto/doc/RAND_add.pod
+++ /dev/null
@@ -1,77 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_add, RAND_seed, RAND_status, RAND_event, RAND_screen - add
-entropy to the PRNG
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- void RAND_seed(const void *buf, int num);
-
- void RAND_add(const void *buf, int num, double entropy);
-
- int RAND_status(void);
-
- int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam);
- void RAND_screen(void);
-
-=head1 DESCRIPTION
-
-RAND_add() mixes the B<num> bytes at B<buf> into the PRNG state. Thus,
-if the data at B<buf> are unpredictable to an adversary, this
-increases the uncertainty about the state and makes the PRNG output
-less predictable. Suitable input comes from user interaction (random
-key presses, mouse movements) and certain hardware events. The
-B<entropy> argument is (the lower bound of) an estimate of how much
-randomness is contained in B<buf>, measured in bytes. Details about
-sources of randomness and how to estimate their entropy can be found
-in the literature, e.g. RFC 1750.
-
-RAND_add() may be called with sensitive data such as user entered
-passwords. The seed values cannot be recovered from the PRNG output.
-
-OpenSSL makes sure that the PRNG state is unique for each thread. On
-systems that provide C</dev/urandom>, the randomness device is used
-to seed the PRNG transparently. However, on all other systems, the
-application is responsible for seeding the PRNG by calling RAND_add(),
-L<RAND_egd(3)|RAND_egd(3)>
-or L<RAND_load_file(3)|RAND_load_file(3)>.
-
-RAND_seed() is equivalent to RAND_add() when B<num == entropy>.
-
-RAND_event() collects the entropy from Windows events such as mouse
-movements and other user interaction. It should be called with the
-B<iMsg>, B<wParam> and B<lParam> arguments of I<all> messages sent to
-the window procedure. It will estimate the entropy contained in the
-event message (if any), and add it to the PRNG. The program can then
-process the messages as usual.
-
-The RAND_screen() function is available for the convenience of Windows
-programmers. It adds the current contents of the screen to the PRNG.
-For applications that can catch Windows events, seeding the PRNG by
-calling RAND_event() is a significantly better source of
-randomness. It should be noted that both methods cannot be used on
-servers that run without user interaction.
-
-=head1 RETURN VALUES
-
-RAND_status() and RAND_event() return 1 if the PRNG has been seeded
-with enough data, 0 otherwise.
-
-The other functions do not return values.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
-L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
-
-=head1 HISTORY
-
-RAND_seed() and RAND_screen() are available in all versions of SSLeay
-and OpenSSL. RAND_add() and RAND_status() have been added in OpenSSL
-0.9.5, RAND_event() in OpenSSL 0.9.5a.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RAND_bytes.pod b/src/lib/libcrypto/doc/RAND_bytes.pod
deleted file mode 100644
index b03748b918..0000000000
--- a/src/lib/libcrypto/doc/RAND_bytes.pod
+++ /dev/null
@@ -1,46 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_bytes, RAND_pseudo_bytes - generate random data
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- int RAND_bytes(unsigned char *buf, int num);
-
- int RAND_pseudo_bytes(unsigned char *buf, int num);
-
-=head1 DESCRIPTION
-
-RAND_bytes() puts B<num> cryptographically strong pseudo-random bytes
-into B<buf>. An error occurs if the PRNG has not been seeded with
-enough randomness to ensure an unpredictable byte sequence.
-
-RAND_pseudo_bytes() puts B<num> pseudo-random bytes into B<buf>.
-Pseudo-random byte sequences generated by RAND_pseudo_bytes() will be
-unique if they are of sufficient length, but are not necessarily
-unpredictable. They can be used for non-cryptographic purposes and for
-certain purposes in cryptographic protocols, but usually not for key
-generation etc.
-
-=head1 RETURN VALUES
-
-RAND_bytes() returns 1 on success, 0 otherwise. The error code can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>. RAND_pseudo_bytes() returns 1 if the
-bytes generated are cryptographically strong, 0 otherwise. Both
-functions return -1 if they are not supported by the current RAND
-method.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<RAND_add(3)|RAND_add(3)>
-
-=head1 HISTORY
-
-RAND_bytes() is available in all versions of SSLeay and OpenSSL. It
-has a return value since OpenSSL 0.9.5. RAND_pseudo_bytes() was added
-in OpenSSL 0.9.5.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RAND_cleanup.pod b/src/lib/libcrypto/doc/RAND_cleanup.pod
deleted file mode 100644
index 3a8f0749a8..0000000000
--- a/src/lib/libcrypto/doc/RAND_cleanup.pod
+++ /dev/null
@@ -1,29 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_cleanup - erase the PRNG state
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- void RAND_cleanup(void);
-
-=head1 DESCRIPTION
-
-RAND_cleanup() erases the memory used by the PRNG.
-
-=head1 RETURN VALUE
-
-RAND_cleanup() returns no value.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>
-
-=head1 HISTORY
-
-RAND_cleanup() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RAND_load_file.pod b/src/lib/libcrypto/doc/RAND_load_file.pod
deleted file mode 100644
index d8c134e621..0000000000
--- a/src/lib/libcrypto/doc/RAND_load_file.pod
+++ /dev/null
@@ -1,53 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- const char *RAND_file_name(char *buf, size_t num);
-
- int RAND_load_file(const char *filename, long max_bytes);
-
- int RAND_write_file(const char *filename);
-
-=head1 DESCRIPTION
-
-RAND_file_name() generates a default path for the random seed
-file. B<buf> points to a buffer of size B<num> in which to store the
-filename. The seed file is $RANDFILE if that environment variable is
-set, $HOME/.rnd otherwise. If $HOME is not set either, or B<num> is
-too small for the path name, an error occurs.
-
-RAND_load_file() reads a number of bytes from file B<filename> and
-adds them to the PRNG. If B<max_bytes> is non-negative,
-up to to B<max_bytes> are read; starting with OpenSSL 0.9.5,
-if B<max_bytes> is -1, the complete file is read.
-
-RAND_write_file() writes a number of random bytes (currently 1024) to
-file B<filename> which can be used to initialize the PRNG by calling
-RAND_load_file() in a later session.
-
-=head1 RETURN VALUES
-
-RAND_load_file() returns the number of bytes read.
-
-RAND_write_file() returns the number of bytes written, and -1 if the
-bytes written were generated without appropriate seed.
-
-RAND_file_name() returns a pointer to B<buf> on success, and NULL on
-error.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
-
-=head1 HISTORY
-
-RAND_load_file(), RAND_write_file() and RAND_file_name() are available in
-all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RAND_set_rand_method.pod b/src/lib/libcrypto/doc/RAND_set_rand_method.pod
deleted file mode 100644
index 464eba416d..0000000000
--- a/src/lib/libcrypto/doc/RAND_set_rand_method.pod
+++ /dev/null
@@ -1,59 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay - select RAND method
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- void RAND_set_rand_method(RAND_METHOD *meth);
-
- RAND_METHOD *RAND_get_rand_method(void);
-
- RAND_METHOD *RAND_SSLeay(void);
-
-=head1 DESCRIPTION
-
-A B<RAND_METHOD> specifies the functions that OpenSSL uses for random
-number generation. By modifying the method, alternative
-implementations such as hardware RNGs may be used. Initially, the
-default is to use the OpenSSL internal implementation. RAND_SSLeay()
-returns a pointer to that method.
-
-RAND_set_rand_method() sets the RAND method to B<meth>.
-RAND_get_rand_method() returns a pointer to the current method.
-
-=head1 THE RAND_METHOD STRUCTURE
-
- typedef struct rand_meth_st
- {
- void (*seed)(const void *buf, int num);
- int (*bytes)(unsigned char *buf, int num);
- void (*cleanup)(void);
- void (*add)(const void *buf, int num, int entropy);
- int (*pseudorand)(unsigned char *buf, int num);
- int (*status)(void);
- } RAND_METHOD;
-
-The components point to the implementation of RAND_seed(),
-RAND_bytes(), RAND_cleanup(), RAND_add(), RAND_pseudo_rand()
-and RAND_status().
-Each component may be NULL if the function is not implemented.
-
-=head1 RETURN VALUES
-
-RAND_set_rand_method() returns no value. RAND_get_rand_method() and
-RAND_SSLeay() return pointers to the respective methods.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>
-
-=head1 HISTORY
-
-RAND_set_rand_method(), RAND_get_rand_method() and RAND_SSLeay() are
-available in all versions of OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_blinding_on.pod b/src/lib/libcrypto/doc/RSA_blinding_on.pod
deleted file mode 100644
index fd2c69abd8..0000000000
--- a/src/lib/libcrypto/doc/RSA_blinding_on.pod
+++ /dev/null
@@ -1,43 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_blinding_on, RSA_blinding_off - protect the RSA operation from timing attacks
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
-
- void RSA_blinding_off(RSA *rsa);
-
-=head1 DESCRIPTION
-
-RSA is vulnerable to timing attacks. In a setup where attackers can
-measure the time of RSA decryption or signature operations, blinding
-must be used to protect the RSA operation from that attack.
-
-RSA_blinding_on() turns blinding on for key B<rsa> and generates a
-random blinding factor. B<ctx> is B<NULL> or a pre-allocated and
-initialized B<BN_CTX>. The random number generator must be seeded
-prior to calling RSA_blinding_on().
-
-RSA_blinding_off() turns blinding off and frees the memory used for
-the blinding factor.
-
-=head1 RETURN VALUES
-
-RSA_blinding_on() returns 1 on success, and 0 if an error occurred.
-
-RSA_blinding_off() returns no value.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<rand(3)|rand(3)>
-
-=head1 HISTORY
-
-RSA_blinding_on() and RSA_blinding_off() appeared in SSLeay 0.9.0.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_check_key.pod b/src/lib/libcrypto/doc/RSA_check_key.pod
deleted file mode 100644
index 1db6d736ab..0000000000
--- a/src/lib/libcrypto/doc/RSA_check_key.pod
+++ /dev/null
@@ -1,39 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_check_key - validate private RSA keys
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_check_key(RSA *rsa);
-
-=head1 DESCRIPTION
-
-This function validates RSA keys. It checks that B<p> and B<q> are
-in fact prime, and that B<n = p*q>.
-
-It also checks that B<d*e = 1 mod (p-1*q-1)>,
-and that B<dmp1>, B<dmq1> and B<iqmp> are set correctly or are B<NULL>.
-
-The key's public components may not be B<NULL>.
-
-=head1 RETURN VALUE
-
-RSA_check_key() returns 1 if B<rsa> is a valid RSA key, and 0 otherwise.
--1 is returned if an error occurs while checking the key.
-
-If the key is invalid or an error occurred, the reason code can be
-obtained using L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-RSA_check() appeared in OpenSSL 0.9.4.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_generate_key.pod b/src/lib/libcrypto/doc/RSA_generate_key.pod
deleted file mode 100644
index 0e0f0a764c..0000000000
--- a/src/lib/libcrypto/doc/RSA_generate_key.pod
+++ /dev/null
@@ -1,68 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_generate_key - generate RSA key pair
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- RSA *RSA_generate_key(int num, unsigned long e,
- void (*callback)(int,int,void *), void *cb_arg);
-
-=head1 DESCRIPTION
-
-RSA_generate_key() generates a key pair and returns it in a newly
-allocated B<RSA> structure. The pseudo-random number generator must
-be seeded prior to calling RSA_generate_key().
-
-The modulus size will be B<num> bits, and the public exponent will be
-B<e>. Key sizes with B<num> E<lt> 1024 should be considered insecure.
-The exponent is an odd number, typically 3 or 65535.
-
-A callback function may be used to provide feedback about the
-progress of the key generation. If B<callback> is not B<NULL>, it
-will be called as follows:
-
-=over 4
-
-=item *
-
-While a random prime number is generated, it is called as
-described in L<BN_generate_prime(3)|BN_generate_prime(3)>.
-
-=item *
-
-When the n-th randomly generated prime is rejected as not
-suitable for the key, B<callback(2, n, cb_arg)> is called.
-
-=item *
-
-When a random p has been found with p-1 relatively prime to B<e>,
-it is called as B<callback(3, 0, cb_arg)>.
-
-=back
-
-The process is then repeated for prime q with B<callback(3, 1, cb_arg)>.
-
-=head1 RETURN VALUE
-
-If key generation fails, RSA_generate_key() returns B<NULL>; the
-error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-B<callback(2, x, cb_arg)> is used with two different meanings.
-
-RSA_generate_key() goes into an infinite loop for illegal input values.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_free(3)|RSA_free(3)>
-
-=head1 HISTORY
-
-The B<cb_arg> argument was added in SSLeay 0.9.0.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod b/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod
deleted file mode 100644
index 46cc8f5359..0000000000
--- a/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod
+++ /dev/null
@@ -1,120 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - add application specific data to RSA structures
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-
- int RSA_set_ex_data(RSA *r, int idx, void *arg);
-
- void *RSA_get_ex_data(RSA *r, int idx);
-
- typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp);
- typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp);
- typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
- int idx, long argl, void *argp);
-
-=head1 DESCRIPTION
-
-Several OpenSSL structures can have application specific data attached to them.
-This has several potential uses, it can be used to cache data associated with
-a structure (for example the hash of some part of the structure) or some
-additional data (for example a handle to the data in an external library).
-
-Since the application data can be anything at all it is passed and retrieved
-as a B<void *> type.
-
-The B<RSA_get_ex_new_index()> function is initially called to "register" some
-new application specific data. It takes three optional function pointers which
-are called when the parent structure (in this case an RSA structure) is
-initially created, when it is copied and when it is freed up. If any or all of
-these function pointer arguments are not used they should be set to NULL. The
-precise manner in which these function pointers are called is described in more
-detail below. B<RSA_get_ex_new_index()> also takes additional long and pointer
-parameters which will be passed to the supplied functions but which otherwise
-have no special meaning. It returns an B<index> which should be stored
-(typically in a static variable) and passed used in the B<idx> parameter in
-the remaining functions. Each successful call to B<RSA_get_ex_new_index()>
-will return an index greater than any previously returned, this is important
-because the optional functions are called in order of increasing index value.
-
-B<RSA_set_ex_data()> is used to set application specific data, the data is
-supplied in the B<arg> parameter and its precise meaning is up to the
-application.
-
-B<RSA_get_ex_data()> is used to retrieve application specific data. The data
-is returned to the application, this will be the same value as supplied to
-a previous B<RSA_set_ex_data()> call.
-
-B<new_func()> is called when a structure is initially allocated (for example
-with B<RSA_new()>. The parent structure members will not have any meaningful
-values at this point. This function will typically be used to allocate any
-application specific structure.
-
-B<free_func()> is called when a structure is being freed up. The dynamic parent
-structure members should not be accessed because they will be freed up when
-this function is called.
-
-B<new_func()> and B<free_func()> take the same parameters. B<parent> is a
-pointer to the parent RSA structure. B<ptr> is a the application specific data
-(this wont be of much use in B<new_func()>. B<ad> is a pointer to the
-B<CRYPTO_EX_DATA> structure from the parent RSA structure: the functions
-B<CRYPTO_get_ex_data()> and B<CRYPTO_set_ex_data()> can be called to manipulate
-it. The B<idx> parameter is the index: this will be the same value returned by
-B<RSA_get_ex_new_index()> when the functions were initially registered. Finally
-the B<argl> and B<argp> parameters are the values originally passed to the same
-corresponding parameters when B<RSA_get_ex_new_index()> was called.
-
-B<dup_func()> is called when a structure is being copied. Pointers to the
-destination and source B<CRYPTO_EX_DATA> structures are passed in the B<to> and
-B<from> parameters respectively. The B<from_d> parameter is passed a pointer to
-the source application data when the function is called, when the function returns
-the value is copied to the destination: the application can thus modify the data
-pointed to by B<from_d> and have different values in the source and destination.
-The B<idx>, B<argl> and B<argp> parameters are the same as those in B<new_func()>
-and B<free_func()>.
-
-=head1 RETURN VALUES
-
-B<RSA_get_ex_new_index()> returns a new index or -1 on failure (note 0 is a valid
-index value).
-
-B<RSA_set_ex_data()> returns 1 on success or 0 on failure.
-
-B<RSA_get_ex_data()> returns the application data or 0 on failure. 0 may also
-be valid application data but currently it can only fail if given an invalid B<idx>
-parameter.
-
-B<new_func()> and B<dup_func()> should return 0 for failure and 1 for success.
-
-On failure an error code can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-B<dup_func()> is currently never called.
-
-The return value of B<new_func()> is ignored.
-
-The B<new_func()> function isn't very useful because no meaningful values are
-present in the parent RSA structure when it is called.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
-
-=head1 HISTORY
-
-RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data() are
-available since SSLeay 0.9.0.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_new.pod b/src/lib/libcrypto/doc/RSA_new.pod
deleted file mode 100644
index 299047f31f..0000000000
--- a/src/lib/libcrypto/doc/RSA_new.pod
+++ /dev/null
@@ -1,39 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_new, RSA_free - allocate and free RSA objects
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- RSA * RSA_new(void);
-
- void RSA_free(RSA *rsa);
-
-=head1 DESCRIPTION
-
-RSA_new() allocates and initializes an B<RSA> structure.
-
-RSA_free() frees the B<RSA> structure and its components. The key is
-erased before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-If the allocation fails, RSA_new() returns B<NULL> and sets an error
-code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns
-a pointer to the newly allocated structure.
-
-RSA_free() returns no value.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_generate_key(3)|RSA_generate_key(3)>
-
-=head1 HISTORY
-
-RSA_new() and RSA_free() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod b/src/lib/libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod
deleted file mode 100644
index b8f678fe72..0000000000
--- a/src/lib/libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod
+++ /dev/null
@@ -1,124 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1,
-RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2,
-RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP,
-RSA_padding_add_SSLv23, RSA_padding_check_SSLv23,
-RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption
-padding
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
- unsigned char *f, int fl);
-
- int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
- unsigned char *f, int fl, int rsa_len);
-
- int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
- unsigned char *f, int fl);
-
- int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
- unsigned char *f, int fl, int rsa_len);
-
- int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
- unsigned char *f, int fl, unsigned char *p, int pl);
-
- int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
- unsigned char *f, int fl, int rsa_len, unsigned char *p, int pl);
-
- int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
- unsigned char *f, int fl);
-
- int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
- unsigned char *f, int fl, int rsa_len);
-
- int RSA_padding_add_none(unsigned char *to, int tlen,
- unsigned char *f, int fl);
-
- int RSA_padding_check_none(unsigned char *to, int tlen,
- unsigned char *f, int fl, int rsa_len);
-
-=head1 DESCRIPTION
-
-The RSA_padding_xxx_xxx() functions are called from the RSA encrypt,
-decrypt, sign and verify functions. Normally they should not be called
-from application programs.
-
-However, they can also be called directly to implement padding for other
-asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and
-RSA_padding_check_PKCS1_OAEP() may be used in an application combined
-with B<RSA_NO_PADDING> in order to implement OAEP with an encoding
-parameter.
-
-RSA_padding_add_xxx() encodes B<fl> bytes from B<f> so as to fit into
-B<tlen> bytes and stores the result at B<to>. An error occurs if B<fl>
-does not meet the size requirements of the encoding method.
-
-The following encoding methods are implemented:
-
-=over 4
-
-=item PKCS1_type_1
-
-PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures
-
-=item PKCS1_type_2
-
-PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)
-
-=item PKCS1_OAEP
-
-PKCS #1 v2.0 EME-OAEP
-
-=item SSLv23
-
-PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification
-
-=item none
-
-simply copy the data
-
-=back
-
-The random number generator must be seeded prior to calling
-RSA_padding_add_xxx().
-
-RSA_padding_check_xxx() verifies that the B<fl> bytes at B<f> contain
-a valid encoding for a B<rsa_len> byte RSA key in the respective
-encoding method and stores the recovered data of at most B<tlen> bytes
-(for B<RSA_NO_PADDING>: of size B<tlen>)
-at B<to>.
-
-For RSA_padding_xxx_OAEP(), B<p> points to the encoding parameter
-of length B<pl>. B<p> may be B<NULL> if B<pl> is 0.
-
-=head1 RETURN VALUES
-
-The RSA_padding_add_xxx() functions return 1 on success, 0 on error.
-The RSA_padding_check_xxx() functions return the length of the
-recovered data, -1 on error. Error codes can be obtained by calling
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
-L<RSA_private_decrypt(3)|RSA_private_decrypt(3)>,
-L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)>
-
-=head1 HISTORY
-
-RSA_padding_add_PKCS1_type_1(), RSA_padding_check_PKCS1_type_1(),
-RSA_padding_add_PKCS1_type_2(), RSA_padding_check_PKCS1_type_2(),
-RSA_padding_add_SSLv23(), RSA_padding_check_SSLv23(),
-RSA_padding_add_none() and RSA_padding_check_none() appeared in
-SSLeay 0.9.0.
-
-RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() were
-added in OpenSSL 0.9.2b.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_print.pod b/src/lib/libcrypto/doc/RSA_print.pod
deleted file mode 100644
index 67876facc5..0000000000
--- a/src/lib/libcrypto/doc/RSA_print.pod
+++ /dev/null
@@ -1,49 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_print, RSA_print_fp, DHparams_print, DHparams_print_fp, DSA_print,
-DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic
-parameters
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_print(BIO *bp, RSA *x, int offset);
- int RSA_print_fp(FILE *fp, RSA *x, int offset);
-
- #include <openssl/dsa.h>
-
- int DSAparams_print(BIO *bp, DSA *x);
- int DSAparams_print_fp(FILE *fp, DSA *x);
- int DSA_print(BIO *bp, DSA *x, int offset);
- int DSA_print_fp(FILE *fp, DSA *x, int offset);
-
- #include <openssl/dh.h>
-
- int DHparams_print(BIO *bp, DH *x);
- int DHparams_print_fp(FILE *fp, DH *x);
-
-=head1 DESCRIPTION
-
-A human-readable hexadecimal output of the components of the RSA
-key, DSA parameters or key or DH parameters is printed to B<bp> or B<fp>.
-
-The output lines are indented by B<offset> spaces.
-
-=head1 RETURN VALUES
-
-These functions return 1 on success, 0 on error.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<rsa(3)|rsa(3)>, L<BN_bn2bin(3)|BN_bn2bin(3)>
-
-=head1 HISTORY
-
-RSA_print(), RSA_print_fp(), DSA_print(), DSA_print_fp(), DH_print(),
-DH_print_fp() are available in all versions of SSLeay and OpenSSL.
-DSAparams_print() and DSAparams_print_pf() were added in SSLeay 0.8.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_private_encrypt.pod b/src/lib/libcrypto/doc/RSA_private_encrypt.pod
deleted file mode 100644
index 0d1b2bd541..0000000000
--- a/src/lib/libcrypto/doc/RSA_private_encrypt.pod
+++ /dev/null
@@ -1,70 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_private_encrypt, RSA_public_decrypt - low level signature operations
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_private_encrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-
- int RSA_public_decrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-
-=head1 DESCRIPTION
-
-These functions handle RSA signatures at a low level.
-
-RSA_private_encrypt() signs the B<flen> bytes at B<from> (usually a
-message digest with an algorithm identifier) using the private key
-B<rsa> and stores the signature in B<to>. B<to> must point to
-B<RSA_size(rsa)> bytes of memory.
-
-B<padding> denotes one of the following modes:
-
-=over 4
-
-=item RSA_PKCS1_PADDING
-
-PKCS #1 v1.5 padding. This function does not handle the
-B<algorithmIdentifier> specified in PKCS #1. When generating or
-verifying PKCS #1 signatures, L<RSA_sign(3)|RSA_sign(3)> and L<RSA_verify(3)|RSA_verify(3)> should be
-used.
-
-=item RSA_NO_PADDING
-
-Raw RSA signature. This mode should I<only> be used to implement
-cryptographically sound padding modes in the application code.
-Signing user data directly with RSA is insecure.
-
-=back
-
-RSA_public_decrypt() recovers the message digest from the B<flen>
-bytes long signature at B<from> using the signer's public key
-B<rsa>. B<to> must point to a memory section large enough to hold the
-message digest (which is smaller than B<RSA_size(rsa) -
-11>). B<padding> is the padding mode that was used to sign the data.
-
-=head1 RETURN VALUES
-
-RSA_private_encrypt() returns the size of the signature (i.e.,
-RSA_size(rsa)). RSA_public_decrypt() returns the size of the
-recovered message digest.
-
-On error, -1 is returned; the error codes can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
-L<RSA_verify(3)|RSA_verify(3)>
-
-=head1 HISTORY
-
-The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
-available since SSLeay 0.9.0.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_public_encrypt.pod b/src/lib/libcrypto/doc/RSA_public_encrypt.pod
deleted file mode 100644
index 23861c0004..0000000000
--- a/src/lib/libcrypto/doc/RSA_public_encrypt.pod
+++ /dev/null
@@ -1,86 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_public_encrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-
- int RSA_private_decrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-
-=head1 DESCRIPTION
-
-RSA_public_encrypt() encrypts the B<flen> bytes at B<from> (usually a
-session key) using the public key B<rsa> and stores the ciphertext in
-B<to>. B<to> must point to RSA_size(B<rsa>) bytes of memory.
-
-B<padding> denotes one of the following modes:
-
-=over 4
-
-=item RSA_PKCS1_PADDING
-
-PKCS #1 v1.5 padding. This currently is the most widely used mode.
-
-=item RSA_PKCS1_OAEP_PADDING
-
-EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty
-encoding parameter. This mode is recommended for all new applications.
-
-=item RSA_SSLV23_PADDING
-
-PKCS #1 v1.5 padding with an SSL-specific modification that denotes
-that the server is SSL3 capable.
-
-=item RSA_NO_PADDING
-
-Raw RSA encryption. This mode should I<only> be used to implement
-cryptographically sound padding modes in the application code.
-Encrypting user data directly with RSA is insecure.
-
-=back
-
-B<flen> must be less than RSA_size(B<rsa>) - 11 for the PKCS #1 v1.5
-based padding modes, and less than RSA_size(B<rsa>) - 41 for
-RSA_PKCS1_OAEP_PADDING. The random number generator must be seeded
-prior to calling RSA_public_encrypt().
-
-RSA_private_decrypt() decrypts the B<flen> bytes at B<from> using the
-private key B<rsa> and stores the plaintext in B<to>. B<to> must point
-to a memory section large enough to hold the decrypted data (which is
-smaller than RSA_size(B<rsa>)). B<padding> is the padding mode that
-was used to encrypt the data.
-
-=head1 RETURN VALUES
-
-RSA_public_encrypt() returns the size of the encrypted data (i.e.,
-RSA_size(B<rsa>)). RSA_private_decrypt() returns the size of the
-recovered plaintext.
-
-On error, -1 is returned; the error codes can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 CONFORMING TO
-
-SSL, PKCS #1 v2.0
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_size(3)|RSA_size(3)>
-
-=head1 NOTES
-
-The L<RSA_PKCS1_RSAref(3)|RSA_PKCS1_RSAref(3)> method supports only the RSA_PKCS1_PADDING mode.
-
-=head1 HISTORY
-
-The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
-available since SSLeay 0.9.0, OAEP was added in OpenSSL 0.9.2b.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_set_method.pod b/src/lib/libcrypto/doc/RSA_set_method.pod
deleted file mode 100644
index b672712292..0000000000
--- a/src/lib/libcrypto/doc/RSA_set_method.pod
+++ /dev/null
@@ -1,168 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_set_default_method, RSA_get_default_method, RSA_set_method,
-RSA_get_method, RSA_PKCS1_SSLeay, RSA_PKCS1_RSAref,
-RSA_null_method, RSA_flags, RSA_new_method - select RSA method
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
- #include <openssl/engine.h>
-
- void RSA_set_default_openssl_method(RSA_METHOD *meth);
-
- RSA_METHOD *RSA_get_default_openssl_method(void);
-
- RSA_METHOD *RSA_set_method(RSA *rsa, ENGINE *engine);
-
- RSA_METHOD *RSA_get_method(RSA *rsa);
-
- RSA_METHOD *RSA_PKCS1_SSLeay(void);
-
- RSA_METHOD *RSA_PKCS1_RSAref(void);
-
- RSA_METHOD *RSA_null_method(void);
-
- int RSA_flags(RSA *rsa);
-
- RSA *RSA_new_method(ENGINE *engine);
-
-=head1 DESCRIPTION
-
-An B<RSA_METHOD> specifies the functions that OpenSSL uses for RSA
-operations. By modifying the method, alternative implementations
-such as hardware accelerators may be used.
-
-Initially, the default is to use the OpenSSL internal implementation,
-unless OpenSSL was configured with the C<rsaref> or C<-DRSA_NULL>
-options. RSA_PKCS1_SSLeay() returns a pointer to that method.
-
-RSA_PKCS1_RSAref() returns a pointer to a method that uses the RSAref
-library. This is the default method in the C<rsaref> configuration;
-the function is not available in other configurations.
-RSA_null_method() returns a pointer to a method that does not support
-the RSA transformation. It is the default if OpenSSL is compiled with
-C<-DRSA_NULL>. These methods may be useful in the USA because of a
-patent on the RSA cryptosystem.
-
-RSA_set_default_openssl_method() makes B<meth> the default method for all B<RSA>
-structures created later. B<NB:> This is true only whilst the default engine
-for RSA operations remains as "openssl". ENGINEs provide an
-encapsulation for implementations of one or more algorithms at a time, and all
-the RSA functions mentioned here operate within the scope of the default
-"openssl" engine.
-
-RSA_get_default_openssl_method() returns a pointer to the current default
-method for the "openssl" engine.
-
-RSA_set_method() selects B<engine> for all operations using the key
-B<rsa>.
-
-RSA_get_method() returns a pointer to the RSA_METHOD from the currently
-selected ENGINE for B<rsa>.
-
-RSA_flags() returns the B<flags> that are set for B<rsa>'s current method.
-
-RSA_new_method() allocates and initializes an RSA structure so that
-B<engine> will be used for the RSA operations. If B<engine> is NULL,
-the default engine for RSA operations is used.
-
-=head1 THE RSA_METHOD STRUCTURE
-
- typedef struct rsa_meth_st
- {
- /* name of the implementation */
- const char *name;
-
- /* encrypt */
- int (*rsa_pub_enc)(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-
- /* verify arbitrary data */
- int (*rsa_pub_dec)(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-
- /* sign arbitrary data */
- int (*rsa_priv_enc)(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-
- /* decrypt */
- int (*rsa_priv_dec)(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-
- /* compute r0 = r0 ^ I mod rsa->n (May be NULL for some
- implementations) */
- int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
-
- /* compute r = a ^ p mod m (May be NULL for some implementations) */
- int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
- /* called at RSA_new */
- int (*init)(RSA *rsa);
-
- /* called at RSA_free */
- int (*finish)(RSA *rsa);
-
- /* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key
- * operations, even if p,q,dmp1,dmq1,iqmp
- * are NULL
- * RSA_FLAG_SIGN_VER - enable rsa_sign and rsa_verify
- * RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
- */
- int flags;
-
- char *app_data; /* ?? */
-
- /* sign. For backward compatibility, this is used only
- * if (flags & RSA_FLAG_SIGN_VER)
- */
- int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-
- /* verify. For backward compatibility, this is used only
- * if (flags & RSA_FLAG_SIGN_VER)
- */
- int (*rsa_verify)(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
- } RSA_METHOD;
-
-=head1 RETURN VALUES
-
-RSA_PKCS1_SSLeay(), RSA_PKCS1_RSAref(), RSA_PKCS1_null_method(),
-RSA_get_default_openssl_method() and RSA_get_method() return pointers to
-the respective RSA_METHODs.
-
-RSA_set_default_openssl_method() returns no value.
-
-RSA_set_method() selects B<engine> as the engine that will be responsible for
-all operations using the structure B<rsa>. If this function completes successfully,
-then the B<rsa> structure will have its own functional reference of B<engine>, so
-the caller should remember to free their own reference to B<engine> when they are
-finished with it. NB: An ENGINE's RSA_METHOD can be retrieved (or set) by
-ENGINE_get_RSA() or ENGINE_set_RSA().
-
-RSA_new_method() returns NULL and sets an error code that can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise
-it returns a pointer to the newly allocated structure.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<RSA_new(3)|RSA_new(3)>
-
-=head1 HISTORY
-
-RSA_new_method() and RSA_set_default_method() appeared in SSLeay 0.8.
-RSA_get_default_method(), RSA_set_method() and RSA_get_method() as
-well as the rsa_sign and rsa_verify components of RSA_METHOD were
-added in OpenSSL 0.9.4.
-
-RSA_set_default_openssl_method() and RSA_get_default_openssl_method()
-replaced RSA_set_default_method() and RSA_get_default_method() respectively,
-and RSA_set_method() and RSA_new_method() were altered to use B<ENGINE>s
-rather than B<DH_METHOD>s during development of OpenSSL 0.9.6.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_sign.pod b/src/lib/libcrypto/doc/RSA_sign.pod
deleted file mode 100644
index 71688a665e..0000000000
--- a/src/lib/libcrypto/doc/RSA_sign.pod
+++ /dev/null
@@ -1,62 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_sign, RSA_verify - RSA signatures
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_sign(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-
- int RSA_verify(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
-=head1 DESCRIPTION
-
-RSA_sign() signs the message digest B<m> of size B<m_len> using the
-private key B<rsa> as specified in PKCS #1 v2.0. It stores the
-signature in B<sigret> and the signature size in B<siglen>. B<sigret>
-must point to RSA_size(B<rsa>) bytes of memory.
-
-B<type> denotes the message digest algorithm that was used to generate
-B<m>. It usually is one of B<NID_sha1>, B<NID_ripemd160> and B<NID_md5>;
-see L<objects(3)|objects(3)> for details. If B<type> is B<NID_md5_sha1>,
-an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
-and no algorithm identifier) is created.
-
-RSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
-matches a given message digest B<m> of size B<m_len>. B<type> denotes
-the message digest algorithm that was used to generate the signature.
-B<rsa> is the signer's public key.
-
-=head1 RETURN VALUES
-
-RSA_sign() returns 1 on success, 0 otherwise. RSA_verify() returns 1
-on successful verification, 0 otherwise.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-Certain signatures with an improper algorithm identifier are accepted
-for compatibility with SSLeay 0.4.5 :-)
-
-=head1 CONFORMING TO
-
-SSL, PKCS #1 v2.0
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
-L<rsa(3)|rsa(3)>, L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
-L<RSA_public_decrypt(3)|RSA_public_decrypt(3)>
-
-=head1 HISTORY
-
-RSA_sign() and RSA_verify() are available in all versions of SSLeay
-and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod b/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod
deleted file mode 100644
index b8c7bbb7e3..0000000000
--- a/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod
+++ /dev/null
@@ -1,59 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_sign_ASN1_OCTET_STRING, RSA_verify_ASN1_OCTET_STRING - RSA signatures
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
- unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
- RSA *rsa);
-
- int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
- unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
- RSA *rsa);
-
-=head1 DESCRIPTION
-
-RSA_sign_ASN1_OCTET_STRING() signs the octet string B<m> of size
-B<m_len> using the private key B<rsa> represented in DER using PKCS #1
-padding. It stores the signature in B<sigret> and the signature size
-in B<siglen>. B<sigret> must point to B<RSA_size(rsa)> bytes of
-memory.
-
-B<dummy> is ignored.
-
-The random number generator must be seeded prior to calling RSA_sign_ASN1_OCTET_STRING().
-
-RSA_verify_ASN1_OCTET_STRING() verifies that the signature B<sigbuf>
-of size B<siglen> is the DER representation of a given octet string
-B<m> of size B<m_len>. B<dummy> is ignored. B<rsa> is the signer's
-public key.
-
-=head1 RETURN VALUES
-
-RSA_sign_ASN1_OCTET_STRING() returns 1 on success, 0 otherwise.
-RSA_verify_ASN1_OCTET_STRING() returns 1 on successful verification, 0
-otherwise.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-These functions serve no recognizable purpose.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>, L<rand(3)|rand(3)>,
-L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
-L<RSA_verify(3)|RSA_verify(3)>
-
-=head1 HISTORY
-
-RSA_sign_ASN1_OCTET_STRING() and RSA_verify_ASN1_OCTET_STRING() were
-added in SSLeay 0.8.
-
-=cut
diff --git a/src/lib/libcrypto/doc/RSA_size.pod b/src/lib/libcrypto/doc/RSA_size.pod
deleted file mode 100644
index b36b4d58d5..0000000000
--- a/src/lib/libcrypto/doc/RSA_size.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_size - get RSA modulus size
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_size(RSA *rsa);
-
-=head1 DESCRIPTION
-
-This function returns the RSA modulus size in bytes. It can be used to
-determine how much memory must be allocated for an RSA encrypted
-value.
-
-B<rsa-E<gt>n> must not be B<NULL>.
-
-=head1 RETURN VALUE
-
-The size in bytes.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>
-
-=head1 HISTORY
-
-RSA_size() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libcrypto/doc/bn.pod b/src/lib/libcrypto/doc/bn.pod
deleted file mode 100644
index d183028d61..0000000000
--- a/src/lib/libcrypto/doc/bn.pod
+++ /dev/null
@@ -1,149 +0,0 @@
-=pod
-
-=head1 NAME
-
-bn - multiprecision integer arithmetics
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- BIGNUM *BN_new(void);
- void BN_free(BIGNUM *a);
- void BN_init(BIGNUM *);
- void BN_clear(BIGNUM *a);
- void BN_clear_free(BIGNUM *a);
-
- BN_CTX *BN_CTX_new(void);
- void BN_CTX_init(BN_CTX *c);
- void BN_CTX_free(BN_CTX *c);
-
- BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
- BIGNUM *BN_dup(const BIGNUM *a);
-
- int BN_num_bytes(const BIGNUM *a);
- int BN_num_bits(const BIGNUM *a);
- int BN_num_bits_word(BN_ULONG w);
-
- int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b);
- int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
- int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
- int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
- BN_CTX *ctx);
- int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
- int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
- int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
- BN_CTX *ctx);
- int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
- int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
- int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
-
- int BN_add_word(BIGNUM *a, BN_ULONG w);
- int BN_sub_word(BIGNUM *a, BN_ULONG w);
- int BN_mul_word(BIGNUM *a, BN_ULONG w);
- BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
- BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
-
- int BN_cmp(BIGNUM *a, BIGNUM *b);
- int BN_ucmp(BIGNUM *a, BIGNUM *b);
- int BN_is_zero(BIGNUM *a);
- int BN_is_one(BIGNUM *a);
- int BN_is_word(BIGNUM *a, BN_ULONG w);
- int BN_is_odd(BIGNUM *a);
-
- int BN_zero(BIGNUM *a);
- int BN_one(BIGNUM *a);
- BIGNUM *BN_value_one(void);
- int BN_set_word(BIGNUM *a, unsigned long w);
- unsigned long BN_get_word(BIGNUM *a);
-
- int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
- int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
- int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
-
- BIGNUM *BN_generate_prime(BIGNUM *ret, int bits,int safe, BIGNUM *add,
- BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
- int BN_is_prime(const BIGNUM *p, int nchecks,
- void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
-
- int BN_set_bit(BIGNUM *a, int n);
- int BN_clear_bit(BIGNUM *a, int n);
- int BN_is_bit_set(const BIGNUM *a, int n);
- int BN_mask_bits(BIGNUM *a, int n);
- int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
- int BN_lshift1(BIGNUM *r, BIGNUM *a);
- int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
- int BN_rshift1(BIGNUM *r, BIGNUM *a);
-
- int BN_bn2bin(const BIGNUM *a, unsigned char *to);
- BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
- char *BN_bn2hex(const BIGNUM *a);
- char *BN_bn2dec(const BIGNUM *a);
- int BN_hex2bn(BIGNUM **a, const char *str);
- int BN_dec2bn(BIGNUM **a, const char *str);
- int BN_print(BIO *fp, const BIGNUM *a);
- int BN_print_fp(FILE *fp, const BIGNUM *a);
- int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
- BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);
-
- BIGNUM *BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n,
- BN_CTX *ctx);
-
- BN_RECP_CTX *BN_RECP_CTX_new(void);
- void BN_RECP_CTX_init(BN_RECP_CTX *recp);
- void BN_RECP_CTX_free(BN_RECP_CTX *recp);
- int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
- int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
- BN_RECP_CTX *recp, BN_CTX *ctx);
-
- BN_MONT_CTX *BN_MONT_CTX_new(void);
- void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
- void BN_MONT_CTX_free(BN_MONT_CTX *mont);
- int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
- BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
- int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
- BN_MONT_CTX *mont, BN_CTX *ctx);
- int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
- BN_CTX *ctx);
- int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
- BN_CTX *ctx);
-
-
-=head1 DESCRIPTION
-
-This library performs arithmetic operations on integers of arbitrary
-size. It was written for use in public key cryptography, such as RSA
-and Diffie-Hellman.
-
-It uses dynamic memory allocation for storing its data structures.
-That means that there is no limit on the size of the numbers
-manipulated by these functions, but return values must always be
-checked in case a memory allocation error has occurred.
-
-The basic object in this library is a B<BIGNUM>. It is used to hold a
-single large integer. This type should be considered opaque and fields
-should not be modified or accessed directly.
-
-The creation of B<BIGNUM> objects is described in L<BN_new(3)|BN_new(3)>;
-L<BN_add(3)|BN_add(3)> describes most of the arithmetic operations.
-Comparison is described in L<BN_cmp(3)|BN_cmp(3)>; L<BN_zero(3)|BN_zero(3)>
-describes certain assignments, L<BN_rand(3)|BN_rand(3)> the generation of
-random numbers, L<BN_generate_prime(3)|BN_generate_prime(3)> deals with prime
-numbers and L<BN_set_bit(3)|BN_set_bit(3)> with bit operations. The conversion
-of B<BIGNUM>s to external formats is described in L<BN_bn2bin(3)|BN_bn2bin(3)>.
-
-=head1 SEE ALSO
-
-L<bn_internal(3)|bn_internal(3)>,
-L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-L<BN_new(3)|BN_new(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
-L<BN_copy(3)|BN_copy(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>,
-L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>,
-L<BN_cmp(3)|BN_cmp(3)>, L<BN_zero(3)|BN_zero(3)>, L<BN_rand(3)|BN_rand(3)>,
-L<BN_generate_prime(3)|BN_generate_prime(3)>, L<BN_set_bit(3)|BN_set_bit(3)>,
-L<BN_bn2bin(3)|BN_bn2bin(3)>, L<BN_mod_inverse(3)|BN_mod_inverse(3)>,
-L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>,
-L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>
-
-=cut
diff --git a/src/lib/libcrypto/doc/d2i_DHparams.pod b/src/lib/libcrypto/doc/d2i_DHparams.pod
deleted file mode 100644
index a6d1743d39..0000000000
--- a/src/lib/libcrypto/doc/d2i_DHparams.pod
+++ /dev/null
@@ -1,30 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_DHparams, i2d_DHparams - ...
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- DH *d2i_DHparams(DH **a, unsigned char **pp, long length);
- int i2d_DHparams(DH *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-...
-
-=head1 RETURN VALUES
-
-...
-
-=head1 SEE ALSO
-
-...
-
-=head1 HISTORY
-
-...
-
-=cut
diff --git a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod
deleted file mode 100644
index ff4d0d57db..0000000000
--- a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod
+++ /dev/null
@@ -1,39 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Netscape_RSA, d2i_Netscape_RSA - ...
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
-
- int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
-
- RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
-
- int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
-
- int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
-
- RSA * d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
-
-=head1 DESCRIPTION
-
-...
-
-=head1 RETURN VALUES
-
-...
-
-=head1 SEE ALSO
-
-...
-
-=head1 HISTORY
-
-...
-
-=cut
diff --git a/src/lib/libcrypto/doc/dh.pod b/src/lib/libcrypto/doc/dh.pod
deleted file mode 100644
index b4be4be405..0000000000
--- a/src/lib/libcrypto/doc/dh.pod
+++ /dev/null
@@ -1,69 +0,0 @@
-=pod
-
-=head1 NAME
-
-dh - Diffie-Hellman key agreement
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
- #include <openssl/engine.h>
-
- DH * DH_new(void);
- void DH_free(DH *dh);
-
- int DH_size(DH *dh);
-
- DH * DH_generate_parameters(int prime_len, int generator,
- void (*callback)(int, int, void *), void *cb_arg);
- int DH_check(DH *dh, int *codes);
-
- int DH_generate_key(DH *dh);
- int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
-
- void DH_set_default_openssl_method(DH_METHOD *meth);
- DH_METHOD *DH_get_default_openssl_method(void);
- int DH_set_method(DH *dh, ENGINE *engine);
- DH *DH_new_method(ENGINE *engine);
- DH_METHOD *DH_OpenSSL(void);
-
- int DH_get_ex_new_index(long argl, char *argp, int (*new_func)(),
- int (*dup_func)(), void (*free_func)());
- int DH_set_ex_data(DH *d, int idx, char *arg);
- char *DH_get_ex_data(DH *d, int idx);
-
- DH * d2i_DHparams(DH **a, unsigned char **pp, long length);
- int i2d_DHparams(DH *a, unsigned char **pp);
-
- int DHparams_print_fp(FILE *fp, DH *x);
- int DHparams_print(BIO *bp, DH *x);
-
-=head1 DESCRIPTION
-
-These functions implement the Diffie-Hellman key agreement protocol.
-The generation of shared DH parameters is described in
-L<DH_generate_parameters(3)|DH_generate_parameters(3)>; L<DH_generate_key(3)|DH_generate_key(3)> describes how
-to perform a key agreement.
-
-The B<DH> structure consists of several BIGNUM components.
-
- struct
- {
- BIGNUM *p; // prime number (shared)
- BIGNUM *g; // generator of Z_p (shared)
- BIGNUM *priv_key; // private DH value x
- BIGNUM *pub_key; // public DH value g^x
- // ...
- };
- DH
-
-=head1 SEE ALSO
-
-L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>,
-L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<DH_set_method(3)|DH_set_method(3)>,
-L<DH_new(3)|DH_new(3)>, L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>,
-L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
-L<DH_compute_key(3)|DH_compute_key(3)>, L<d2i_DHparams(3)|d2i_DHparams(3)>,
-L<RSA_print(3)|RSA_print(3)>
-
-=cut
diff --git a/src/lib/libcrypto/doc/dsa.pod b/src/lib/libcrypto/doc/dsa.pod
deleted file mode 100644
index 573500204b..0000000000
--- a/src/lib/libcrypto/doc/dsa.pod
+++ /dev/null
@@ -1,105 +0,0 @@
-=pod
-
-=head1 NAME
-
-dsa - Digital Signature Algorithm
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
- #include <openssl/engine.h>
-
- DSA * DSA_new(void);
- void DSA_free(DSA *dsa);
-
- int DSA_size(DSA *dsa);
-
- DSA * DSA_generate_parameters(int bits, unsigned char *seed,
- int seed_len, int *counter_ret, unsigned long *h_ret,
- void (*callback)(int, int, void *), void *cb_arg);
-
- DH * DSA_dup_DH(DSA *r);
-
- int DSA_generate_key(DSA *dsa);
-
- int DSA_sign(int dummy, const unsigned char *dgst, int len,
- unsigned char *sigret, unsigned int *siglen, DSA *dsa);
- int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
- BIGNUM **rp);
- int DSA_verify(int dummy, const unsigned char *dgst, int len,
- unsigned char *sigbuf, int siglen, DSA *dsa);
-
- void DSA_set_default_openssl_method(DSA_METHOD *meth);
- DSA_METHOD *DSA_get_default_openssl_method(void);
- int DSA_set_method(DSA *dsa, ENGINE *engine);
- DSA *DSA_new_method(ENGINE *engine);
- DSA_METHOD *DSA_OpenSSL(void);
-
- int DSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
- int (*dup_func)(), void (*free_func)());
- int DSA_set_ex_data(DSA *d, int idx, char *arg);
- char *DSA_get_ex_data(DSA *d, int idx);
-
- DSA_SIG *DSA_SIG_new(void);
- void DSA_SIG_free(DSA_SIG *a);
- int i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp);
- DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
-
- DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
- int DSA_do_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
-
- DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
- DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
- DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length);
- int i2d_DSAPublicKey(DSA *a, unsigned char **pp);
- int i2d_DSAPrivateKey(DSA *a, unsigned char **pp);
- int i2d_DSAparams(DSA *a,unsigned char **pp);
-
- int DSAparams_print(BIO *bp, DSA *x);
- int DSAparams_print_fp(FILE *fp, DSA *x);
- int DSA_print(BIO *bp, DSA *x, int off);
- int DSA_print_fp(FILE *bp, DSA *x, int off);
-
-=head1 DESCRIPTION
-
-These functions implement the Digital Signature Algorithm (DSA). The
-generation of shared DSA parameters is described in
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>;
-L<DSA_generate_key(3)|DSA_generate_key(3)> describes how to
-generate a signature key. Signature generation and verification are
-described in L<DSA_sign(3)|DSA_sign(3)>.
-
-The B<DSA> structure consists of several BIGNUM components.
-
- struct
- {
- BIGNUM *p; // prime number (public)
- BIGNUM *q; // 160-bit subprime, q | p-1 (public)
- BIGNUM *g; // generator of subgroup (public)
- BIGNUM *priv_key; // private key x
- BIGNUM *pub_key; // public key y = g^x
- // ...
- }
- DSA;
-
-In public keys, B<priv_key> is NULL.
-
-=head1 CONFORMING TO
-
-US Federal Information Processing Standard FIPS 186 (Digital Signature
-Standard, DSS), ANSI X9.30
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
-L<rsa(3)|rsa(3)>, L<SHA1(3)|SHA1(3)>, L<DSA_new(3)|DSA_new(3)>,
-L<DSA_size(3)|DSA_size(3)>,
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
-L<DSA_dup_DH(3)|DSA_dup_DH(3)>,
-L<DSA_generate_key(3)|DSA_generate_key(3)>,
-L<DSA_sign(3)|DSA_sign(3)>, L<DSA_set_method(3)|DSA_set_method(3)>,
-L<DSA_get_ex_new_index(3)|DSA_get_ex_new_index(3)>,
-L<RSA_print(3)|RSA_print(3)>
-
-=cut
diff --git a/src/lib/libcrypto/doc/evp.pod b/src/lib/libcrypto/doc/evp.pod
deleted file mode 100644
index edf47dbde6..0000000000
--- a/src/lib/libcrypto/doc/evp.pod
+++ /dev/null
@@ -1,37 +0,0 @@
-=pod
-
-=head1 NAME
-
-evp - high-level cryptographic functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
-=head1 DESCRIPTION
-
-The EVP library provides a high-level interface to cryptographic
-functions.
-
-B<EVP_Seal>I<...> and B<EVP_Open>I<...> provide public key encryption
-and decryption to implement digital "envelopes".
-
-The B<EVP_Sign>I<...> and B<EVP_Verify>I<...> functions implement
-digital signatures.
-
-Symmetric encryption is available with the B<EVP_Encrypt>I<...>
-functions. The B<EVP_Digest>I<...> functions provide message digests.
-
-Algorithms are loaded with OpenSSL_add_all_algorithms(3).
-
-=head1 SEE ALSO
-
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_OpenInit(3)|EVP_OpenInit(3)>,
-L<EVP_SealInit(3)|EVP_SealInit(3)>,
-L<EVP_SignInit(3)|EVP_SignInit(3)>,
-L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
-L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>
-
-=cut
diff --git a/src/lib/libcrypto/doc/lh_stats.pod b/src/lib/libcrypto/doc/lh_stats.pod
deleted file mode 100644
index 3eeaa72e52..0000000000
--- a/src/lib/libcrypto/doc/lh_stats.pod
+++ /dev/null
@@ -1,60 +0,0 @@
-=pod
-
-=head1 NAME
-
-lh_stats, lh_node_stats, lh_node_usage_stats, lh_stats_bio,
-lh_node_stats_bio, lh_node_usage_stats_bio - LHASH statistics
-
-=head1 SYNOPSIS
-
- #include <openssl/lhash.h>
-
- void lh_stats(LHASH *table, FILE *out);
- void lh_node_stats(LHASH *table, FILE *out);
- void lh_node_usage_stats(LHASH *table, FILE *out);
-
- void lh_stats_bio(LHASH *table, BIO *out);
- void lh_node_stats_bio(LHASH *table, BIO *out);
- void lh_node_usage_stats_bio(LHASH *table, BIO *out);
-
-=head1 DESCRIPTION
-
-The B<LHASH> structure records statistics about most aspects of
-accessing the hash table. This is mostly a legacy of Eric Young
-writing this library for the reasons of implementing what looked like
-a nice algorithm rather than for a particular software product.
-
-lh_stats() prints out statistics on the size of the hash table, how
-many entries are in it, and the number and result of calls to the
-routines in this library.
-
-lh_node_stats() prints the number of entries for each 'bucket' in the
-hash table.
-
-lh_node_usage_stats() prints out a short summary of the state of the
-hash table. It prints the 'load' and the 'actual load'. The load is
-the average number of data items per 'bucket' in the hash table. The
-'actual load' is the average number of items per 'bucket', but only
-for buckets which contain entries. So the 'actual load' is the
-average number of searches that will need to find an item in the hash
-table, while the 'load' is the average number that will be done to
-record a miss.
-
-lh_stats_bio(), lh_node_stats_bio() and lh_node_usage_stats_bio()
-are the same as the above, except that the output goes to a B<BIO>.
-
-=head1 RETURN VALUES
-
-These functions do not return values.
-
-=head1 SEE ALSO
-
-L<bio(3)|bio(3)>, L<lhash(3)|lhash(3)>
-
-=head1 HISTORY
-
-These functions are available in all versions of SSLeay and OpenSSL.
-
-This manpage is derived from the SSLeay documentation.
-
-=cut
diff --git a/src/lib/libcrypto/doc/rsa.pod b/src/lib/libcrypto/doc/rsa.pod
deleted file mode 100644
index ef0d4df205..0000000000
--- a/src/lib/libcrypto/doc/rsa.pod
+++ /dev/null
@@ -1,117 +0,0 @@
-=pod
-
-=head1 NAME
-
-rsa - RSA public key cryptosystem
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
- #include <openssl/engine.h>
-
- RSA * RSA_new(void);
- void RSA_free(RSA *rsa);
-
- int RSA_public_encrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
- int RSA_private_decrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-
- int RSA_sign(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigret, unsigned int *siglen, RSA *rsa);
- int RSA_verify(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
- int RSA_size(RSA *rsa);
-
- RSA *RSA_generate_key(int num, unsigned long e,
- void (*callback)(int,int,void *), void *cb_arg);
-
- int RSA_check_key(RSA *rsa);
-
- int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
- void RSA_blinding_off(RSA *rsa);
-
- void RSA_set_default_openssl_method(RSA_METHOD *meth);
- RSA_METHOD *RSA_get_default_openssl_method(void);
- int RSA_set_method(RSA *rsa, ENGINE *engine);
- RSA_METHOD *RSA_get_method(RSA *rsa);
- RSA_METHOD *RSA_PKCS1_SSLeay(void);
- RSA_METHOD *RSA_PKCS1_RSAref(void);
- RSA_METHOD *RSA_null_method(void);
- int RSA_flags(RSA *rsa);
- RSA *RSA_new_method(ENGINE *engine);
-
- int RSA_print(BIO *bp, RSA *x, int offset);
- int RSA_print_fp(FILE *fp, RSA *x, int offset);
-
- int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
- int (*dup_func)(), void (*free_func)());
- int RSA_set_ex_data(RSA *r,int idx,char *arg);
- char *RSA_get_ex_data(RSA *r, int idx);
-
- int RSA_private_encrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
- int RSA_public_decrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-
- int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
- unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
- RSA *rsa);
- int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
- unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
- RSA *rsa);
-
-=head1 DESCRIPTION
-
-These functions implement RSA public key encryption and signatures
-as defined in PKCS #1 v2.0 [RFC 2437].
-
-The B<RSA> structure consists of several BIGNUM components. It can
-contain public as well as private RSA keys:
-
- struct
- {
- BIGNUM *n; // public modulus
- BIGNUM *e; // public exponent
- BIGNUM *d; // private exponent
- BIGNUM *p; // secret prime factor
- BIGNUM *q; // secret prime factor
- BIGNUM *dmp1; // d mod (p-1)
- BIGNUM *dmq1; // d mod (q-1)
- BIGNUM *iqmp; // q^-1 mod p
- // ...
- };
- RSA
-
-In public keys, the private exponent and the related secret values are
-B<NULL>.
-
-B<p>, B<q>, B<dmp1>, B<dmq1> and B<iqmp> may be B<NULL> in private
-keys, but the RSA operations are much faster when these values are
-available.
-
-=head1 CONFORMING TO
-
-SSL, PKCS #1 v2.0
-
-=head1 PATENTS
-
-RSA was covered by a US patent which expired in September 2000.
-
-=head1 SEE ALSO
-
-L<rsa(1)|rsa(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>,
-L<rand(3)|rand(3)>, L<RSA_new(3)|RSA_new(3)>,
-L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
-L<RSA_sign(3)|RSA_sign(3)>, L<RSA_size(3)|RSA_size(3)>,
-L<RSA_generate_key(3)|RSA_generate_key(3)>,
-L<RSA_check_key(3)|RSA_check_key(3)>,
-L<RSA_blinding_on(3)|RSA_blinding_on(3)>,
-L<RSA_set_method(3)|RSA_set_method(3)>, L<RSA_print(3)|RSA_print(3)>,
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
-L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
-L<RSA_sign_ASN_OCTET_STRING(3)|RSA_sign_ASN_OCTET_STRING(3)>,
-L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)>
-
-=cut
diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h
deleted file mode 100644
index 12b60a8faa..0000000000
--- a/src/lib/libcrypto/dsa/dsa.h
+++ /dev/null
@@ -1,257 +0,0 @@
-/* crypto/dsa/dsa.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * The DSS routines are based on patches supplied by
- * Steven Schoch <schoch@sheba.arc.nasa.gov>. He basically did the
- * work and I have just tweaked them a little to fit into my
- * stylistic vision for SSLeay :-) */
-
-#ifndef HEADER_DSA_H
-#define HEADER_DSA_H
-
-#ifdef NO_DSA
-#error DSA is disabled.
-#endif
-
-#ifndef NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/bn.h>
-#include <openssl/crypto.h>
-#ifndef NO_DH
-# include <openssl/dh.h>
-#endif
-
-#define DSA_FLAG_CACHE_MONT_P 0x01
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct dsa_st DSA;
-
-typedef struct DSA_SIG_st
- {
- BIGNUM *r;
- BIGNUM *s;
- } DSA_SIG;
-
-typedef struct dsa_method {
- const char *name;
- DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
- int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
- BIGNUM **rp);
- int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
- int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
- BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont);
- int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx); /* Can be null */
- int (*init)(DSA *dsa);
- int (*finish)(DSA *dsa);
- int flags;
- char *app_data;
-} DSA_METHOD;
-
-struct dsa_st
- {
- /* This first variable is used to pick up errors where
- * a DSA is passed instead of of a EVP_PKEY */
- int pad;
- int version;
- int write_params;
- BIGNUM *p;
- BIGNUM *q; /* == 20 */
- BIGNUM *g;
-
- BIGNUM *pub_key; /* y public key */
- BIGNUM *priv_key; /* x private key */
-
- BIGNUM *kinv; /* Signing pre-calc */
- BIGNUM *r; /* Signing pre-calc */
-
- int flags;
- /* Normally used to cache montgomery values */
- char *method_mont_p;
- int references;
- CRYPTO_EX_DATA ex_data;
-#if 0
- DSA_METHOD *meth;
-#else
- struct engine_st *engine;
-#endif
- };
-
-#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
- (char *(*)())d2i_DSAparams,(char *)(x))
-#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
- (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
-#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
- (unsigned char *)(x))
-#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \
- (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x))
-#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
- (unsigned char *)(x))
-
-
-DSA_SIG * DSA_SIG_new(void);
-void DSA_SIG_free(DSA_SIG *a);
-int i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp);
-DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
-
-DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa);
-int DSA_do_verify(const unsigned char *dgst,int dgst_len,
- DSA_SIG *sig,DSA *dsa);
-
-DSA_METHOD *DSA_OpenSSL(void);
-
-void DSA_set_default_openssl_method(DSA_METHOD *);
-DSA_METHOD *DSA_get_default_openssl_method(void);
-#if 0
-DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *);
-#else
-int DSA_set_method(DSA *dsa, struct engine_st *engine);
-#endif
-
-DSA * DSA_new(void);
-#if 0
-DSA * DSA_new_method(DSA_METHOD *meth);
-#else
-DSA * DSA_new_method(struct engine_st *engine);
-#endif
-int DSA_size(DSA *);
- /* next 4 return -1 on error */
-int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
-int DSA_sign(int type,const unsigned char *dgst,int dlen,
- unsigned char *sig, unsigned int *siglen, DSA *dsa);
-int DSA_verify(int type,const unsigned char *dgst,int dgst_len,
- unsigned char *sigbuf, int siglen, DSA *dsa);
-void DSA_free (DSA *r);
-int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DSA_set_ex_data(DSA *d, int idx, void *arg);
-void *DSA_get_ex_data(DSA *d, int idx);
-
-void ERR_load_DSA_strings(void );
-
-DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
-DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
-DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length);
-DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len,
- int *counter_ret, unsigned long *h_ret,void
- (*callback)(int, int, void *),void *cb_arg);
-int DSA_generate_key(DSA *a);
-int i2d_DSAPublicKey(DSA *a, unsigned char **pp);
-int i2d_DSAPrivateKey(DSA *a, unsigned char **pp);
-int i2d_DSAparams(DSA *a,unsigned char **pp);
-
-#ifndef NO_BIO
-int DSAparams_print(BIO *bp, DSA *x);
-int DSA_print(BIO *bp, DSA *x, int off);
-#endif
-#ifndef NO_FP_API
-int DSAparams_print_fp(FILE *fp, DSA *x);
-int DSA_print_fp(FILE *bp, DSA *x, int off);
-#endif
-
-#define DSS_prime_checks 50
-/* Primality test according to FIPS PUB 186[-1], Appendix 2.1:
- * 50 rounds of Rabin-Miller */
-#define DSA_is_prime(n, callback, cb_arg) \
- BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
-
-#ifndef NO_DH
-/* Convert DSA structure (key or just parameters) into DH structure
- * (be careful to avoid small subgroup attacks when using this!) */
-DH *DSA_dup_DH(DSA *r);
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the DSA functions. */
-
-/* Function codes. */
-#define DSA_F_D2I_DSA_SIG 110
-#define DSA_F_DSAPARAMS_PRINT 100
-#define DSA_F_DSAPARAMS_PRINT_FP 101
-#define DSA_F_DSA_DO_SIGN 112
-#define DSA_F_DSA_DO_VERIFY 113
-#define DSA_F_DSA_NEW 103
-#define DSA_F_DSA_PRINT 104
-#define DSA_F_DSA_PRINT_FP 105
-#define DSA_F_DSA_SIGN 106
-#define DSA_F_DSA_SIGN_SETUP 107
-#define DSA_F_DSA_SIG_NEW 109
-#define DSA_F_DSA_VERIFY 108
-#define DSA_F_I2D_DSA_SIG 111
-
-/* Reason codes. */
-#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
-#define DSA_R_MISSING_PARAMETERS 101
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c
deleted file mode 100644
index a76c8f7c7e..0000000000
--- a/src/lib/libcrypto/dsa/dsa_asn1.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/dsa/dsa_asn1.c */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dsa.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-
-DSA_SIG *DSA_SIG_new(void)
-{
- DSA_SIG *ret;
-
- ret = OPENSSL_malloc(sizeof(DSA_SIG));
- if (ret == NULL)
- {
- DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- ret->r = NULL;
- ret->s = NULL;
- return(ret);
-}
-
-void DSA_SIG_free(DSA_SIG *r)
-{
- if (r == NULL) return;
- if (r->r) BN_clear_free(r->r);
- if (r->s) BN_clear_free(r->s);
- OPENSSL_free(r);
-}
-
-int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp)
-{
- int t=0,len;
- ASN1_INTEGER rbs,sbs;
- unsigned char *p;
-
- rbs.data=OPENSSL_malloc(BN_num_bits(v->r)/8+1);
- if (rbs.data == NULL)
- {
- DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE);
- return(0);
- }
- rbs.type=V_ASN1_INTEGER;
- rbs.length=BN_bn2bin(v->r,rbs.data);
- sbs.data=OPENSSL_malloc(BN_num_bits(v->s)/8+1);
- if (sbs.data == NULL)
- {
- OPENSSL_free(rbs.data);
- DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE);
- return(0);
- }
- sbs.type=V_ASN1_INTEGER;
- sbs.length=BN_bn2bin(v->s,sbs.data);
-
- len=i2d_ASN1_INTEGER(&rbs,NULL);
- len+=i2d_ASN1_INTEGER(&sbs,NULL);
-
- if (pp)
- {
- p=*pp;
- ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
- i2d_ASN1_INTEGER(&rbs,&p);
- i2d_ASN1_INTEGER(&sbs,&p);
- }
- t=ASN1_object_size(1,len,V_ASN1_SEQUENCE);
- OPENSSL_free(rbs.data);
- OPENSSL_free(sbs.data);
- return(t);
-}
-
-DSA_SIG *d2i_DSA_SIG(DSA_SIG **a, unsigned char **pp, long length)
-{
- int i=ERR_R_NESTED_ASN1_ERROR;
- ASN1_INTEGER *bs=NULL;
- M_ASN1_D2I_vars(a,DSA_SIG *,DSA_SIG_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->r=BN_bin2bn(bs->data,bs->length,ret->r)) == NULL)
- goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->s=BN_bin2bn(bs->data,bs->length,ret->s)) == NULL)
- goto err_bn;
- M_ASN1_BIT_STRING_free(bs);
- M_ASN1_D2I_Finish_2(a);
-
-err_bn:
- i=ERR_R_BN_LIB;
-err:
- DSAerr(DSA_F_D2I_DSA_SIG,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_SIG_free(ret);
- if (bs != NULL) M_ASN1_BIT_STRING_free(bs);
- return(NULL);
-}
diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c
deleted file mode 100644
index 736aeef7c4..0000000000
--- a/src/lib/libcrypto/dsa/dsa_err.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/dsa/dsa_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/dsa.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA DSA_str_functs[]=
- {
-{ERR_PACK(0,DSA_F_D2I_DSA_SIG,0), "d2i_DSA_SIG"},
-{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0), "DSAparams_print"},
-{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0), "DSAparams_print_fp"},
-{ERR_PACK(0,DSA_F_DSA_DO_SIGN,0), "DSA_do_sign"},
-{ERR_PACK(0,DSA_F_DSA_DO_VERIFY,0), "DSA_do_verify"},
-{ERR_PACK(0,DSA_F_DSA_NEW,0), "DSA_new"},
-{ERR_PACK(0,DSA_F_DSA_PRINT,0), "DSA_print"},
-{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0), "DSA_print_fp"},
-{ERR_PACK(0,DSA_F_DSA_SIGN,0), "DSA_sign"},
-{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0), "DSA_sign_setup"},
-{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0), "DSA_SIG_new"},
-{ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"},
-{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0), "i2d_DSA_SIG"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA DSA_str_reasons[]=
- {
-{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
-{DSA_R_MISSING_PARAMETERS ,"missing parameters"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_DSA_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
- ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c
deleted file mode 100644
index 2294a362d9..0000000000
--- a/src/lib/libcrypto/dsa/dsa_gen.c
+++ /dev/null
@@ -1,294 +0,0 @@
-/* crypto/dsa/dsa_gen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#undef GENUINE_DSA
-
-#ifdef GENUINE_DSA
-/* Parameter generation follows the original release of FIPS PUB 186,
- * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) */
-#define HASH SHA
-#else
-/* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
- * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in
- * FIPS PUB 180-1) */
-#define HASH SHA1
-#endif
-
-#ifndef NO_SHA
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/sha.h>
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-
-DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len,
- int *counter_ret, unsigned long *h_ret,
- void (*callback)(int, int, void *),
- void *cb_arg)
- {
- int ok=0;
- unsigned char seed[SHA_DIGEST_LENGTH];
- unsigned char md[SHA_DIGEST_LENGTH];
- unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH];
- BIGNUM *r0,*W,*X,*c,*test;
- BIGNUM *g=NULL,*q=NULL,*p=NULL;
- BN_MONT_CTX *mont=NULL;
- int k,n=0,i,b,m=0;
- int counter=0;
- int r=0;
- BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL;
- unsigned int h=2;
- DSA *ret=NULL;
-
- if (bits < 512) bits=512;
- bits=(bits+63)/64*64;
-
- if (seed_len < 20)
- seed_in = NULL; /* seed buffer too small -- ignore */
- if (seed_len > 20)
- seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED,
- * but our internal buffers are restricted to 160 bits*/
- if ((seed_in != NULL) && (seed_len == 20))
- memcpy(seed,seed_in,seed_len);
-
- if ((ctx=BN_CTX_new()) == NULL) goto err;
- if ((ctx2=BN_CTX_new()) == NULL) goto err;
- if ((ctx3=BN_CTX_new()) == NULL) goto err;
- if ((ret=DSA_new()) == NULL) goto err;
-
- if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
-
- BN_CTX_start(ctx2);
- r0 = BN_CTX_get(ctx2);
- g = BN_CTX_get(ctx2);
- W = BN_CTX_get(ctx2);
- q = BN_CTX_get(ctx2);
- X = BN_CTX_get(ctx2);
- c = BN_CTX_get(ctx2);
- p = BN_CTX_get(ctx2);
- test = BN_CTX_get(ctx2);
-
- BN_lshift(test,BN_value_one(),bits-1);
-
- for (;;)
- {
- for (;;) /* find q */
- {
- int seed_is_random;
-
- /* step 1 */
- if (callback != NULL) callback(0,m++,cb_arg);
-
- if (!seed_len)
- {
- RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH);
- seed_is_random = 1;
- }
- else
- {
- seed_is_random = 0;
- seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/
- }
- memcpy(buf,seed,SHA_DIGEST_LENGTH);
- memcpy(buf2,seed,SHA_DIGEST_LENGTH);
- /* precompute "SEED + 1" for step 7: */
- for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
- {
- buf[i]++;
- if (buf[i] != 0) break;
- }
-
- /* step 2 */
- HASH(seed,SHA_DIGEST_LENGTH,md);
- HASH(buf,SHA_DIGEST_LENGTH,buf2);
- for (i=0; i<SHA_DIGEST_LENGTH; i++)
- md[i]^=buf2[i];
-
- /* step 3 */
- md[0]|=0x80;
- md[SHA_DIGEST_LENGTH-1]|=0x01;
- if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err;
-
- /* step 4 */
- r = BN_is_prime_fasttest(q, DSS_prime_checks, callback, ctx3, cb_arg, seed_is_random);
- if (r > 0)
- break;
- if (r != 0)
- goto err;
-
- /* do a callback call */
- /* step 5 */
- }
-
- if (callback != NULL) callback(2,0,cb_arg);
- if (callback != NULL) callback(3,0,cb_arg);
-
- /* step 6 */
- counter=0;
- /* "offset = 2" */
-
- n=(bits-1)/160;
- b=(bits-1)-n*160;
-
- for (;;)
- {
- if (callback != NULL && counter != 0)
- callback(0,counter,cb_arg);
-
- /* step 7 */
- BN_zero(W);
- /* now 'buf' contains "SEED + offset - 1" */
- for (k=0; k<=n; k++)
- {
- /* obtain "SEED + offset + k" by incrementing: */
- for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
- {
- buf[i]++;
- if (buf[i] != 0) break;
- }
-
- HASH(buf,SHA_DIGEST_LENGTH,md);
-
- /* step 8 */
- if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0))
- goto err;
- BN_lshift(r0,r0,160*k);
- BN_add(W,W,r0);
- }
-
- /* more of step 8 */
- BN_mask_bits(W,bits-1);
- BN_copy(X,W); /* this should be ok */
- BN_add(X,X,test); /* this should be ok */
-
- /* step 9 */
- BN_lshift1(r0,q);
- BN_mod(c,X,r0,ctx);
- BN_sub(r0,c,BN_value_one());
- BN_sub(p,X,r0);
-
- /* step 10 */
- if (BN_cmp(p,test) >= 0)
- {
- /* step 11 */
- r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1);
- if (r > 0)
- goto end; /* found it */
- if (r != 0)
- goto err;
- }
-
- /* step 13 */
- counter++;
- /* "offset = offset + n + 1" */
-
- /* step 14 */
- if (counter >= 4096) break;
- }
- }
-end:
- if (callback != NULL) callback(2,1,cb_arg);
-
- /* We now need to generate g */
- /* Set r0=(p-1)/q */
- BN_sub(test,p,BN_value_one());
- BN_div(r0,NULL,test,q,ctx);
-
- BN_set_word(test,h);
- BN_MONT_CTX_set(mont,p,ctx);
-
- for (;;)
- {
- /* g=test^r0%p */
- BN_mod_exp_mont(g,test,r0,p,ctx,mont);
- if (!BN_is_one(g)) break;
- BN_add(test,test,BN_value_one());
- h++;
- }
-
- if (callback != NULL) callback(3,1,cb_arg);
-
- ok=1;
-err:
- if (!ok)
- {
- if (ret != NULL) DSA_free(ret);
- }
- else
- {
- ret->p=BN_dup(p);
- ret->q=BN_dup(q);
- ret->g=BN_dup(g);
- if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20);
- if (counter_ret != NULL) *counter_ret=counter;
- if (h_ret != NULL) *h_ret=h;
- }
- if (ctx != NULL) BN_CTX_free(ctx);
- if (ctx2 != NULL)
- {
- BN_CTX_end(ctx2);
- BN_CTX_free(ctx2);
- }
- if (ctx3 != NULL) BN_CTX_free(ctx3);
- if (mont != NULL) BN_MONT_CTX_free(mont);
- return(ok?ret:NULL);
- }
-#endif
diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c
deleted file mode 100644
index a68d236e05..0000000000
--- a/src/lib/libcrypto/dsa/dsa_key.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/* crypto/dsa/dsa_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_SHA
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/sha.h>
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-
-extern int __BN_rand_range(BIGNUM *r, BIGNUM *range);
-
-int DSA_generate_key(DSA *dsa)
- {
- int ok=0;
- BN_CTX *ctx=NULL;
- BIGNUM *pub_key=NULL,*priv_key=NULL;
-
- if ((ctx=BN_CTX_new()) == NULL) goto err;
-
- if (dsa->priv_key == NULL)
- {
- if ((priv_key=BN_new()) == NULL) goto err;
- }
- else
- priv_key=dsa->priv_key;
-
- do
- if (!__BN_rand_range(priv_key,dsa->q)) goto err;
- while (BN_is_zero(priv_key));
-
- if (dsa->pub_key == NULL)
- {
- if ((pub_key=BN_new()) == NULL) goto err;
- }
- else
- pub_key=dsa->pub_key;
-
- if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
-
- dsa->priv_key=priv_key;
- dsa->pub_key=pub_key;
- ok=1;
-
-err:
- if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key);
- if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key);
- if (ctx != NULL) BN_CTX_free(ctx);
- return(ok);
- }
-#endif
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c
deleted file mode 100644
index 15f667a203..0000000000
--- a/src/lib/libcrypto/dsa/dsa_lib.c
+++ /dev/null
@@ -1,296 +0,0 @@
-/* crypto/dsa/dsa_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/asn1.h>
-#include <openssl/engine.h>
-
-const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
-
-static DSA_METHOD *default_DSA_method;
-static int dsa_meth_num = 0;
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dsa_meth = NULL;
-
-void DSA_set_default_openssl_method(DSA_METHOD *meth)
-{
- ENGINE *e;
- /* We'll need to notify the "openssl" ENGINE of this
- * change too. We won't bother locking things down at
- * our end as there was never any locking in these
- * functions! */
- if(default_DSA_method != meth)
- {
- default_DSA_method = meth;
- e = ENGINE_by_id("openssl");
- if(e)
- {
- ENGINE_set_DSA(e, meth);
- ENGINE_free(e);
- }
- }
-}
-
-DSA_METHOD *DSA_get_default_openssl_method(void)
-{
- if(!default_DSA_method) default_DSA_method = DSA_OpenSSL();
- return default_DSA_method;
-}
-
-DSA *DSA_new(void)
-{
- return DSA_new_method(NULL);
-}
-
-#if 0
-DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *meth)
-{
- DSA_METHOD *mtmp;
- mtmp = dsa->meth;
- if (mtmp->finish) mtmp->finish(dsa);
- dsa->meth = meth;
- if (meth->init) meth->init(dsa);
- return mtmp;
-}
-#else
-int DSA_set_method(DSA *dsa, ENGINE *engine)
- {
- ENGINE *mtmp;
- DSA_METHOD *meth;
- mtmp = dsa->engine;
- meth = ENGINE_get_DSA(mtmp);
- if (!ENGINE_init(engine))
- return 0;
- if (meth->finish) meth->finish(dsa);
- dsa->engine = engine;
- meth = ENGINE_get_DSA(engine);
- if (meth->init) meth->init(dsa);
- /* SHOULD ERROR CHECK THIS!!! */
- ENGINE_finish(mtmp);
- return 1;
- }
-#endif
-
-
-#if 0
-DSA *DSA_new_method(DSA_METHOD *meth)
-#else
-DSA *DSA_new_method(ENGINE *engine)
-#endif
- {
- DSA_METHOD *meth;
- DSA *ret;
-
- ret=(DSA *)OPENSSL_malloc(sizeof(DSA));
- if (ret == NULL)
- {
- DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- if(engine)
- ret->engine = engine;
- else
- {
- if((ret->engine=ENGINE_get_default_DSA()) == NULL)
- {
- OPENSSL_free(ret);
- return NULL;
- }
- }
- meth = ENGINE_get_DSA(ret->engine);
- ret->pad=0;
- ret->version=0;
- ret->write_params=1;
- ret->p=NULL;
- ret->q=NULL;
- ret->g=NULL;
-
- ret->pub_key=NULL;
- ret->priv_key=NULL;
-
- ret->kinv=NULL;
- ret->r=NULL;
- ret->method_mont_p=NULL;
-
- ret->references=1;
- ret->flags=meth->flags;
- CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data);
- if ((meth->init != NULL) && !meth->init(ret))
- {
- CRYPTO_free_ex_data(dsa_meth,ret,&ret->ex_data);
- OPENSSL_free(ret);
- ret=NULL;
- }
-
- return(ret);
- }
-
-void DSA_free(DSA *r)
- {
- DSA_METHOD *meth;
- int i;
-
- if (r == NULL) return;
-
- i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA);
-#ifdef REF_PRINT
- REF_PRINT("DSA",r);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"DSA_free, bad reference count\n");
- abort();
- }
-#endif
-
- meth = ENGINE_get_DSA(r->engine);
- if(meth->finish) meth->finish(r);
- ENGINE_finish(r->engine);
-
- CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data);
-
- if (r->p != NULL) BN_clear_free(r->p);
- if (r->q != NULL) BN_clear_free(r->q);
- if (r->g != NULL) BN_clear_free(r->g);
- if (r->pub_key != NULL) BN_clear_free(r->pub_key);
- if (r->priv_key != NULL) BN_clear_free(r->priv_key);
- if (r->kinv != NULL) BN_clear_free(r->kinv);
- if (r->r != NULL) BN_clear_free(r->r);
- OPENSSL_free(r);
- }
-
-int DSA_size(DSA *r)
- {
- int ret,i;
- ASN1_INTEGER bs;
- unsigned char buf[4];
-
- i=BN_num_bits(r->q);
- bs.length=(i+7)/8;
- bs.data=buf;
- bs.type=V_ASN1_INTEGER;
- /* If the top bit is set the asn1 encoding is 1 larger. */
- buf[0]=0xff;
-
- i=i2d_ASN1_INTEGER(&bs,NULL);
- i+=i; /* r and s */
- ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
- return(ret);
- }
-
-int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
- {
- dsa_meth_num++;
- return(CRYPTO_get_ex_new_index(dsa_meth_num-1,
- &dsa_meth,argl,argp,new_func,dup_func,free_func));
- }
-
-int DSA_set_ex_data(DSA *d, int idx, void *arg)
- {
- return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
- }
-
-void *DSA_get_ex_data(DSA *d, int idx)
- {
- return(CRYPTO_get_ex_data(&d->ex_data,idx));
- }
-
-#ifndef NO_DH
-DH *DSA_dup_DH(DSA *r)
- {
- /* DSA has p, q, g, optional pub_key, optional priv_key.
- * DH has p, optional length, g, optional pub_key, optional priv_key.
- */
-
- DH *ret = NULL;
-
- if (r == NULL)
- goto err;
- ret = DH_new();
- if (ret == NULL)
- goto err;
- if (r->p != NULL)
- if ((ret->p = BN_dup(r->p)) == NULL)
- goto err;
- if (r->q != NULL)
- ret->length = BN_num_bits(r->q);
- if (r->g != NULL)
- if ((ret->g = BN_dup(r->g)) == NULL)
- goto err;
- if (r->pub_key != NULL)
- if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
- goto err;
- if (r->priv_key != NULL)
- if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
- goto err;
-
- return ret;
-
- err:
- if (ret != NULL)
- DH_free(ret);
- return NULL;
- }
-#endif
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
deleted file mode 100644
index 34c6e9a141..0000000000
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ /dev/null
@@ -1,393 +0,0 @@
-/* crypto/dsa/dsa_ossl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-#include <openssl/asn1.h>
-#include <openssl/engine.h>
-
-int __BN_rand_range(BIGNUM *r, BIGNUM *range);
-
-static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
-static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
- DSA *dsa);
-static int dsa_init(DSA *dsa);
-static int dsa_finish(DSA *dsa);
-static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
- BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont);
-static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-
-static DSA_METHOD openssl_dsa_meth = {
-"OpenSSL DSA method",
-dsa_do_sign,
-dsa_sign_setup,
-dsa_do_verify,
-dsa_mod_exp,
-dsa_bn_mod_exp,
-dsa_init,
-dsa_finish,
-0,
-NULL
-};
-
-DSA_METHOD *DSA_OpenSSL(void)
-{
- return &openssl_dsa_meth;
-}
-
-static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
- {
- BIGNUM *kinv=NULL,*r=NULL,*s=NULL;
- BIGNUM m;
- BIGNUM xr;
- BN_CTX *ctx=NULL;
- int i,reason=ERR_R_BN_LIB;
- DSA_SIG *ret=NULL;
-
- if (!dsa->p || !dsa->q || !dsa->g)
- {
- reason=DSA_R_MISSING_PARAMETERS;
- goto err;
- }
- BN_init(&m);
- BN_init(&xr);
- s=BN_new();
- if (s == NULL) goto err;
-
- i=BN_num_bytes(dsa->q); /* should be 20 */
- if ((dlen > i) || (dlen > 50))
- {
- reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
- goto err;
- }
-
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
-
- if ((dsa->kinv == NULL) || (dsa->r == NULL))
- {
- if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
- }
- else
- {
- kinv=dsa->kinv;
- dsa->kinv=NULL;
- r=dsa->r;
- dsa->r=NULL;
- }
-
- if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err;
-
- /* Compute s = inv(k) (m + xr) mod q */
- if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
- if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */
- if (BN_cmp(s,dsa->q) > 0)
- BN_sub(s,s,dsa->q);
- if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
-
- ret=DSA_SIG_new();
- if (ret == NULL) goto err;
- ret->r = r;
- ret->s = s;
-
-err:
- if (!ret)
- {
- DSAerr(DSA_F_DSA_DO_SIGN,reason);
- BN_free(r);
- BN_free(s);
- }
- if (ctx != NULL) BN_CTX_free(ctx);
- BN_clear_free(&m);
- BN_clear_free(&xr);
- if (kinv != NULL) /* dsa->kinv is NULL now if we used it */
- BN_clear_free(kinv);
- return(ret);
- }
-
-static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
- {
- BN_CTX *ctx;
- BIGNUM k,*kinv=NULL,*r=NULL;
- int ret=0;
-
- if (!dsa->p || !dsa->q || !dsa->g)
- {
- DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
- return 0;
- }
- if (ctx_in == NULL)
- {
- if ((ctx=BN_CTX_new()) == NULL) goto err;
- }
- else
- ctx=ctx_in;
-
- BN_init(&k);
- if ((r=BN_new()) == NULL) goto err;
- kinv=NULL;
-
- /* Get random k */
- do
- if (!__BN_rand_range(&k, dsa->q)) goto err;
- while (BN_is_zero(&k));
-
- if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
- {
- if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
- if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
- dsa->p,ctx)) goto err;
- }
-
- /* Compute r = (g^k mod p) mod q */
- if (!ENGINE_get_DSA(dsa->engine)->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
- (BN_MONT_CTX *)dsa->method_mont_p)) goto err;
- if (!BN_mod(r,r,dsa->q,ctx)) goto err;
-
- /* Compute part of 's = inv(k) (m + xr) mod q' */
- if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err;
-
- if (*kinvp != NULL) BN_clear_free(*kinvp);
- *kinvp=kinv;
- kinv=NULL;
- if (*rp != NULL) BN_clear_free(*rp);
- *rp=r;
- ret=1;
-err:
- if (!ret)
- {
- DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
- if (kinv != NULL) BN_clear_free(kinv);
- if (r != NULL) BN_clear_free(r);
- }
- if (ctx_in == NULL) BN_CTX_free(ctx);
- if (kinv != NULL) BN_clear_free(kinv);
- BN_clear_free(&k);
- return(ret);
- }
-
-static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
- DSA *dsa)
- {
- BN_CTX *ctx;
- BIGNUM u1,u2,t1;
- BN_MONT_CTX *mont=NULL;
- int ret = -1;
-
- if ((ctx=BN_CTX_new()) == NULL) goto err;
- BN_init(&u1);
- BN_init(&u2);
- BN_init(&t1);
-
- if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
- {
- ret = 0;
- goto err;
- }
- if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
- {
- ret = 0;
- goto err;
- }
-
- /* Calculate W = inv(S) mod Q
- * save W in u2 */
- if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;
-
- /* save M in u1 */
- if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err;
-
- /* u1 = M * w mod q */
- if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err;
-
- /* u2 = r * w mod q */
- if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
-
- if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
- {
- if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
- if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
- dsa->p,ctx)) goto err;
- }
- mont=(BN_MONT_CTX *)dsa->method_mont_p;
-
-#if 0
- {
- BIGNUM t2;
-
- BN_init(&t2);
- /* v = ( g^u1 * y^u2 mod p ) mod q */
- /* let t1 = g ^ u1 mod p */
- if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err;
- /* let t2 = y ^ u2 mod p */
- if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err;
- /* let u1 = t1 * t2 mod p */
- if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn;
- BN_free(&t2);
- }
- /* let u1 = u1 mod q */
- if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
-#else
- {
- if (!ENGINE_get_DSA(dsa->engine)->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
- dsa->p,ctx,mont)) goto err;
- /* BN_copy(&u1,&t1); */
- /* let u1 = u1 mod q */
- if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err;
- }
-#endif
- /* V is now in u1. If the signature is correct, it will be
- * equal to R. */
- ret=(BN_ucmp(&u1, sig->r) == 0);
-
- err:
- if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB);
- if (ctx != NULL) BN_CTX_free(ctx);
- BN_free(&u1);
- BN_free(&u2);
- BN_free(&t1);
- return(ret);
- }
-
-static int dsa_init(DSA *dsa)
-{
- dsa->flags|=DSA_FLAG_CACHE_MONT_P;
- return(1);
-}
-
-static int dsa_finish(DSA *dsa)
-{
- if(dsa->method_mont_p)
- BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p);
- return(1);
-}
-
-static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
- BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont)
-{
- return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont);
-}
-
-static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
-}
-
-
-/* random number r: 0 <= r < range */
-int __BN_rand_range(BIGNUM *r, BIGNUM *range)
- {
- int n;
-
- if (range->neg || BN_is_zero(range))
- {
- /* BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE); */
- return 0;
- }
-
- n = BN_num_bits(range); /* n > 0 */
-
- if (n == 1)
- {
- if (!BN_zero(r)) return 0;
- }
- else if (BN_is_bit_set(range, n - 2))
- {
- do
- {
- /* range = 11..._2, so each iteration succeeds with probability >= .75 */
- if (!BN_rand(r, n, -1, 0)) return 0;
- }
- while (BN_cmp(r, range) >= 0);
- }
- else
- {
- /* range = 10..._2,
- * so 3*range (= 11..._2) is exactly one bit longer than range */
- do
- {
- if (!BN_rand(r, n + 1, -1, 0)) return 0;
- /* If r < 3*range, use r := r MOD range
- * (which is either r, r - range, or r - 2*range).
- * Otherwise, iterate once more.
- * Since 3*range = 11..._2, each iteration succeeds with
- * probability >= .75. */
- if (BN_cmp(r ,range) >= 0)
- {
- if (!BN_sub(r, r, range)) return 0;
- if (BN_cmp(r, range) >= 0)
- if (!BN_sub(r, r, range)) return 0;
- }
- }
- while (BN_cmp(r, range) >= 0);
- }
-
- return 1;
- }
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c
deleted file mode 100644
index dfe27bae47..0000000000
--- a/src/lib/libcrypto/dsa/dsa_sign.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/* crypto/dsa/dsa_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-#include <openssl/asn1.h>
-#include <openssl/engine.h>
-
-DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
- {
- return ENGINE_get_DSA(dsa->engine)->dsa_do_sign(dgst, dlen, dsa);
- }
-
-int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
- unsigned int *siglen, DSA *dsa)
- {
- DSA_SIG *s;
- s=DSA_do_sign(dgst,dlen,dsa);
- if (s == NULL)
- {
- *siglen=0;
- return(0);
- }
- *siglen=i2d_DSA_SIG(s,&sig);
- DSA_SIG_free(s);
- return(1);
- }
-
-int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
- {
- return ENGINE_get_DSA(dsa->engine)->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
- }
-
diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c
deleted file mode 100644
index 2e891ae491..0000000000
--- a/src/lib/libcrypto/dsa/dsa_vrf.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/dsa/dsa_vrf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/engine.h>
-
-int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
- DSA *dsa)
- {
- return ENGINE_get_DSA(dsa->engine)->dsa_do_verify(dgst, dgst_len, sig, dsa);
- }
-
-/* data has already been hashed (probably with SHA or SHA-1). */
-/* returns
- * 1: correct signature
- * 0: incorrect signature
- * -1: error
- */
-int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
- unsigned char *sigbuf, int siglen, DSA *dsa)
- {
- DSA_SIG *s;
- int ret=-1;
-
- s = DSA_SIG_new();
- if (s == NULL) return(ret);
- if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
- ret=DSA_do_verify(dgst,dgst_len,s,dsa);
-err:
- DSA_SIG_free(s);
- return(ret);
- }
diff --git a/src/lib/libcrypto/dso/dso.h b/src/lib/libcrypto/dso/dso.h
deleted file mode 100644
index bed7c464a6..0000000000
--- a/src/lib/libcrypto/dso/dso.h
+++ /dev/null
@@ -1,250 +0,0 @@
-/* dso.h */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DSO_H
-#define HEADER_DSO_H
-
-#include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* These values are used as commands to DSO_ctrl() */
-#define DSO_CTRL_GET_FLAGS 1
-#define DSO_CTRL_SET_FLAGS 2
-#define DSO_CTRL_OR_FLAGS 3
-
-/* These flags control the translation of file-names from canonical to
- * native. Eg. in the CryptoSwift support, the "dl" and "dlfcn"
- * methods will translate "swift" -> "libswift.so" whereas the "win32"
- * method will translate "swift" -> "swift.dll". NB: Until I can figure
- * out how to be more "conventional" with this, the methods will only
- * honour this flag if it looks like it was passed a file without any
- * path and if the filename is small enough.
- */
-#define DSO_FLAG_NAME_TRANSLATION 0x01
-
-/* The following flag controls the translation of symbol names to upper
- * case. This is currently only being implemented for OpenVMS.
- */
-#define DSO_FLAG_UPCASE_SYMBOL 0x02
-
-
-typedef void (*DSO_FUNC_TYPE)(void);
-
-typedef struct dso_st DSO;
-
-typedef struct dso_meth_st
- {
- const char *name;
- /* Loads a shared library */
- int (*dso_load)(DSO *dso, const char *filename);
- /* Unloads a shared library */
- int (*dso_unload)(DSO *dso);
- /* Binds a variable */
- void *(*dso_bind_var)(DSO *dso, const char *symname);
- /* Binds a function - assumes a return type of DSO_FUNC_TYPE.
- * This should be cast to the real function prototype by the
- * caller. Platforms that don't have compatible representations
- * for different prototypes (this is possible within ANSI C)
- * are highly unlikely to have shared libraries at all, let
- * alone a DSO_METHOD implemented for them. */
- DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname);
-
-/* I don't think this would actually be used in any circumstances. */
-#if 0
- /* Unbinds a variable */
- int (*dso_unbind_var)(DSO *dso, char *symname, void *symptr);
- /* Unbinds a function */
- int (*dso_unbind_func)(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-#endif
- /* The generic (yuck) "ctrl()" function. NB: Negative return
- * values (rather than zero) indicate errors. */
- long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg);
-
- /* [De]Initialisation handlers. */
- int (*init)(DSO *dso);
- int (*finish)(DSO *dso);
- } DSO_METHOD;
-
-/**********************************************************************/
-/* The low-level handle type used to refer to a loaded shared library */
-
-struct dso_st
- {
- DSO_METHOD *meth;
- /* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS
- * doesn't use anything but will need to cache the filename
- * for use in the dso_bind handler. All in all, let each
- * method control its own destiny. "Handles" and such go in
- * a STACK. */
- STACK *meth_data;
- int references;
- int flags;
- /* For use by applications etc ... use this for your bits'n'pieces,
- * don't touch meth_data! */
- CRYPTO_EX_DATA ex_data;
- };
-
-
-DSO * DSO_new(void);
-DSO * DSO_new_method(DSO_METHOD *method);
-int DSO_free(DSO *dso);
-int DSO_flags(DSO *dso);
-int DSO_up(DSO *dso);
-long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
-
-void DSO_set_default_method(DSO_METHOD *meth);
-DSO_METHOD *DSO_get_default_method(void);
-DSO_METHOD *DSO_get_method(DSO *dso);
-DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
-
-/* The all-singing all-dancing load function, you normally pass NULL
- * for the first and third parameters. Use DSO_up and DSO_free for
- * subsequent reference count handling. Any flags passed in will be set
- * in the constructed DSO after its init() function but before the
- * load operation. This will be done with;
- * DSO_ctrl(dso, DSO_CTRL_SET_FLAGS, flags, NULL); */
-DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
-
-/* This function binds to a variable inside a shared library. */
-void *DSO_bind_var(DSO *dso, const char *symname);
-
-/* This function binds to a function inside a shared library. */
-DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
-
-/* This method is the default, but will beg, borrow, or steal whatever
- * method should be the default on any particular platform (including
- * DSO_METH_null() if necessary). */
-DSO_METHOD *DSO_METHOD_openssl(void);
-
-/* This method is defined for all platforms - if a platform has no
- * DSO support then this will be the only method! */
-DSO_METHOD *DSO_METHOD_null(void);
-
-/* If DSO_DLFCN is defined, the standard dlfcn.h-style functions
- * (dlopen, dlclose, dlsym, etc) will be used and incorporated into
- * this method. If not, this method will return NULL. */
-DSO_METHOD *DSO_METHOD_dlfcn(void);
-
-/* If DSO_DL is defined, the standard dl.h-style functions (shl_load,
- * shl_unload, shl_findsym, etc) will be used and incorporated into
- * this method. If not, this method will return NULL. */
-DSO_METHOD *DSO_METHOD_dl(void);
-
-/* If WIN32 is defined, use DLLs. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_win32(void);
-
-/* If VMS is defined, use shared images. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_vms(void);
-
-void ERR_load_DSO_strings(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the DSO functions. */
-
-/* Function codes. */
-#define DSO_F_DLFCN_BIND_FUNC 100
-#define DSO_F_DLFCN_BIND_VAR 101
-#define DSO_F_DLFCN_CTRL 102
-#define DSO_F_DLFCN_LOAD 103
-#define DSO_F_DLFCN_UNLOAD 104
-#define DSO_F_DL_BIND_FUNC 105
-#define DSO_F_DL_BIND_VAR 106
-#define DSO_F_DL_CTRL 107
-#define DSO_F_DL_LOAD 108
-#define DSO_F_DL_UNLOAD 109
-#define DSO_F_DSO_BIND_FUNC 110
-#define DSO_F_DSO_BIND_VAR 111
-#define DSO_F_DSO_CTRL 112
-#define DSO_F_DSO_FREE 113
-#define DSO_F_DSO_LOAD 114
-#define DSO_F_DSO_NEW_METHOD 115
-#define DSO_F_DSO_UP 116
-#define DSO_F_VMS_BIND_VAR 122
-#define DSO_F_VMS_CTRL 123
-#define DSO_F_VMS_LOAD 124
-#define DSO_F_VMS_UNLOAD 125
-#define DSO_F_WIN32_BIND_FUNC 117
-#define DSO_F_WIN32_BIND_VAR 118
-#define DSO_F_WIN32_CTRL 119
-#define DSO_F_WIN32_LOAD 120
-#define DSO_F_WIN32_UNLOAD 121
-
-/* Reason codes. */
-#define DSO_R_CTRL_FAILED 100
-#define DSO_R_FILENAME_TOO_BIG 109
-#define DSO_R_FINISH_FAILED 101
-#define DSO_R_LOAD_FAILED 102
-#define DSO_R_NULL_HANDLE 103
-#define DSO_R_STACK_ERROR 104
-#define DSO_R_SYM_FAILURE 105
-#define DSO_R_UNKNOWN_COMMAND 106
-#define DSO_R_UNLOAD_FAILED 107
-#define DSO_R_UNSUPPORTED 108
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/dso/dso_dlfcn.c b/src/lib/libcrypto/dso/dso_dlfcn.c
deleted file mode 100644
index e709c721cc..0000000000
--- a/src/lib/libcrypto/dso/dso_dlfcn.c
+++ /dev/null
@@ -1,276 +0,0 @@
-/* dso_dlfcn.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-#ifndef DSO_DLFCN
-DSO_METHOD *DSO_METHOD_dlfcn(void)
- {
- return NULL;
- }
-#else
-
-#ifdef HAVE_DLFCN_H
-#include <dlfcn.h>
-#endif
-
-/* Part of the hack in "dlfcn_load" ... */
-#define DSO_MAX_TRANSLATED_SIZE 256
-
-static int dlfcn_load(DSO *dso, const char *filename);
-static int dlfcn_unload(DSO *dso);
-static void *dlfcn_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname);
-#if 0
-static int dlfcn_unbind(DSO *dso, char *symname, void *symptr);
-static int dlfcn_init(DSO *dso);
-static int dlfcn_finish(DSO *dso);
-#endif
-static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg);
-
-static DSO_METHOD dso_meth_dlfcn = {
- "OpenSSL 'dlfcn' shared library method",
- dlfcn_load,
- dlfcn_unload,
- dlfcn_bind_var,
- dlfcn_bind_func,
-/* For now, "unbind" doesn't exist */
-#if 0
- NULL, /* unbind_var */
- NULL, /* unbind_func */
-#endif
- dlfcn_ctrl,
- NULL, /* init */
- NULL /* finish */
- };
-
-DSO_METHOD *DSO_METHOD_dlfcn(void)
- {
- return(&dso_meth_dlfcn);
- }
-
-/* Prior to using the dlopen() function, we should decide on the flag
- * we send. There's a few different ways of doing this and it's a
- * messy venn-diagram to match up which platforms support what. So
- * as we don't have autoconf yet, I'm implementing a hack that could
- * be hacked further relatively easily to deal with cases as we find
- * them. Initially this is to cope with OpenBSD. */
-#ifdef __OpenBSD__
-# ifdef DL_LAZY
-# define DLOPEN_FLAG DL_LAZY
-# else
-# ifdef RTLD_NOW
-# define DLOPEN_FLAG RTLD_NOW
-# else
-# define DLOPEN_FLAG 0
-# endif
-# endif
-#else
-# define DLOPEN_FLAG RTLD_NOW /* Hope this works everywhere else */
-#endif
-
-/* For this DSO_METHOD, our meth_data STACK will contain;
- * (i) the handle (void*) returned from dlopen().
- */
-
-static int dlfcn_load(DSO *dso, const char *filename)
- {
- void *ptr;
- char translated[DSO_MAX_TRANSLATED_SIZE];
- int len;
-
- /* NB: This is a hideous hack, but I'm not yet sure what
- * to replace it with. This attempts to convert any filename,
- * that looks like it has no path information, into a
- * translated form, e. "blah" -> "libblah.so" */
- len = strlen(filename);
- if((dso->flags & DSO_FLAG_NAME_TRANSLATION) &&
- (len + 6 < DSO_MAX_TRANSLATED_SIZE) &&
- (strstr(filename, "/") == NULL))
- {
- sprintf(translated, "lib%s.so", filename);
- ptr = dlopen(translated, DLOPEN_FLAG);
- }
- else
- {
- ptr = dlopen(filename, DLOPEN_FLAG);
- }
- if(ptr == NULL)
- {
- DSOerr(DSO_F_DLFCN_LOAD,DSO_R_LOAD_FAILED);
- return(0);
- }
- if(!sk_push(dso->meth_data, (char *)ptr))
- {
- DSOerr(DSO_F_DLFCN_LOAD,DSO_R_STACK_ERROR);
- dlclose(ptr);
- return(0);
- }
- return(1);
- }
-
-static int dlfcn_unload(DSO *dso)
- {
- void *ptr;
- if(dso == NULL)
- {
- DSOerr(DSO_F_DLFCN_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
- if(sk_num(dso->meth_data) < 1)
- return(1);
- ptr = (void *)sk_pop(dso->meth_data);
- if(ptr == NULL)
- {
- DSOerr(DSO_F_DLFCN_UNLOAD,DSO_R_NULL_HANDLE);
- /* Should push the value back onto the stack in
- * case of a retry. */
- sk_push(dso->meth_data, (char *)ptr);
- return(0);
- }
- /* For now I'm not aware of any errors associated with dlclose() */
- dlclose(ptr);
- return(1);
- }
-
-static void *dlfcn_bind_var(DSO *dso, const char *symname)
- {
- void *ptr, *sym;
-
- if((dso == NULL) || (symname == NULL))
- {
- DSOerr(DSO_F_DLFCN_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
- return(NULL);
- }
- if(sk_num(dso->meth_data) < 1)
- {
- DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_STACK_ERROR);
- return(NULL);
- }
- ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
- if(ptr == NULL)
- {
- DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_NULL_HANDLE);
- return(NULL);
- }
- sym = dlsym(ptr, symname);
- if(sym == NULL)
- {
- DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_SYM_FAILURE);
- return(NULL);
- }
- return(sym);
- }
-
-static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
- {
- void *ptr;
- DSO_FUNC_TYPE sym;
-
- if((dso == NULL) || (symname == NULL))
- {
- DSOerr(DSO_F_DLFCN_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
- return(NULL);
- }
- if(sk_num(dso->meth_data) < 1)
- {
- DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_STACK_ERROR);
- return(NULL);
- }
- ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
- if(ptr == NULL)
- {
- DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE);
- return(NULL);
- }
- sym = (DSO_FUNC_TYPE)dlsym(ptr, symname);
- if(sym == NULL)
- {
- DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE);
- return(NULL);
- }
- return(sym);
- }
-
-static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg)
- {
- if(dso == NULL)
- {
- DSOerr(DSO_F_DLFCN_CTRL,ERR_R_PASSED_NULL_PARAMETER);
- return(-1);
- }
- switch(cmd)
- {
- case DSO_CTRL_GET_FLAGS:
- return dso->flags;
- case DSO_CTRL_SET_FLAGS:
- dso->flags = (int)larg;
- return(0);
- case DSO_CTRL_OR_FLAGS:
- dso->flags |= (int)larg;
- return(0);
- default:
- break;
- }
- DSOerr(DSO_F_DLFCN_CTRL,DSO_R_UNKNOWN_COMMAND);
- return(-1);
- }
-
-#endif /* DSO_DLFCN */
diff --git a/src/lib/libcrypto/dso/dso_err.c b/src/lib/libcrypto/dso/dso_err.c
deleted file mode 100644
index a3d7321c9b..0000000000
--- a/src/lib/libcrypto/dso/dso_err.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/* crypto/dso/dso_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/dso.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA DSO_str_functs[]=
- {
-{ERR_PACK(0,DSO_F_DLFCN_BIND_FUNC,0), "DLFCN_BIND_FUNC"},
-{ERR_PACK(0,DSO_F_DLFCN_BIND_VAR,0), "DLFCN_BIND_VAR"},
-{ERR_PACK(0,DSO_F_DLFCN_CTRL,0), "DLFCN_CTRL"},
-{ERR_PACK(0,DSO_F_DLFCN_LOAD,0), "DLFCN_LOAD"},
-{ERR_PACK(0,DSO_F_DLFCN_UNLOAD,0), "DLFCN_UNLOAD"},
-{ERR_PACK(0,DSO_F_DL_BIND_FUNC,0), "DL_BIND_FUNC"},
-{ERR_PACK(0,DSO_F_DL_BIND_VAR,0), "DL_BIND_VAR"},
-{ERR_PACK(0,DSO_F_DL_CTRL,0), "DL_CTRL"},
-{ERR_PACK(0,DSO_F_DL_LOAD,0), "DL_LOAD"},
-{ERR_PACK(0,DSO_F_DL_UNLOAD,0), "DL_UNLOAD"},
-{ERR_PACK(0,DSO_F_DSO_BIND_FUNC,0), "DSO_bind_func"},
-{ERR_PACK(0,DSO_F_DSO_BIND_VAR,0), "DSO_bind_var"},
-{ERR_PACK(0,DSO_F_DSO_CTRL,0), "DSO_ctrl"},
-{ERR_PACK(0,DSO_F_DSO_FREE,0), "DSO_free"},
-{ERR_PACK(0,DSO_F_DSO_LOAD,0), "DSO_load"},
-{ERR_PACK(0,DSO_F_DSO_NEW_METHOD,0), "DSO_new_method"},
-{ERR_PACK(0,DSO_F_DSO_UP,0), "DSO_up"},
-{ERR_PACK(0,DSO_F_VMS_BIND_VAR,0), "VMS_BIND_VAR"},
-{ERR_PACK(0,DSO_F_VMS_CTRL,0), "VMS_CTRL"},
-{ERR_PACK(0,DSO_F_VMS_LOAD,0), "VMS_LOAD"},
-{ERR_PACK(0,DSO_F_VMS_UNLOAD,0), "VMS_UNLOAD"},
-{ERR_PACK(0,DSO_F_WIN32_BIND_FUNC,0), "WIN32_BIND_FUNC"},
-{ERR_PACK(0,DSO_F_WIN32_BIND_VAR,0), "WIN32_BIND_VAR"},
-{ERR_PACK(0,DSO_F_WIN32_CTRL,0), "WIN32_CTRL"},
-{ERR_PACK(0,DSO_F_WIN32_LOAD,0), "WIN32_LOAD"},
-{ERR_PACK(0,DSO_F_WIN32_UNLOAD,0), "WIN32_UNLOAD"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA DSO_str_reasons[]=
- {
-{DSO_R_CTRL_FAILED ,"control command failed"},
-{DSO_R_FILENAME_TOO_BIG ,"filename too big"},
-{DSO_R_FINISH_FAILED ,"cleanup method function failed"},
-{DSO_R_LOAD_FAILED ,"could not load the shared library"},
-{DSO_R_NULL_HANDLE ,"a null shared library handle was used"},
-{DSO_R_STACK_ERROR ,"the meth_data stack is corrupt"},
-{DSO_R_SYM_FAILURE ,"could not bind to the requested symbol name"},
-{DSO_R_UNKNOWN_COMMAND ,"unknown control command"},
-{DSO_R_UNLOAD_FAILED ,"could not unload the shared library"},
-{DSO_R_UNSUPPORTED ,"functionality not supported"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_DSO_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_DSO,DSO_str_functs);
- ERR_load_strings(ERR_LIB_DSO,DSO_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/dso/dso_lib.c b/src/lib/libcrypto/dso/dso_lib.c
deleted file mode 100644
index acd166697e..0000000000
--- a/src/lib/libcrypto/dso/dso_lib.c
+++ /dev/null
@@ -1,306 +0,0 @@
-/* dso_lib.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-static DSO_METHOD *default_DSO_meth = NULL;
-
-DSO *DSO_new(void)
- {
- return(DSO_new_method(NULL));
- }
-
-void DSO_set_default_method(DSO_METHOD *meth)
- {
- default_DSO_meth = meth;
- }
-
-DSO_METHOD *DSO_get_default_method(void)
- {
- return(default_DSO_meth);
- }
-
-DSO_METHOD *DSO_get_method(DSO *dso)
- {
- return(dso->meth);
- }
-
-DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth)
- {
- DSO_METHOD *mtmp;
- mtmp = dso->meth;
- dso->meth = meth;
- return(mtmp);
- }
-
-DSO *DSO_new_method(DSO_METHOD *meth)
- {
- DSO *ret;
-
- if(default_DSO_meth == NULL)
- /* We default to DSO_METH_openssl() which in turn defaults
- * to stealing the "best available" method. Will fallback
- * to DSO_METH_null() in the worst case. */
- default_DSO_meth = DSO_METHOD_openssl();
- ret = (DSO *)OPENSSL_malloc(sizeof(DSO));
- if(ret == NULL)
- {
- DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- memset(ret, 0, sizeof(DSO));
- ret->meth_data = sk_new_null();
- if((ret->meth_data = sk_new_null()) == NULL)
- {
- /* sk_new doesn't generate any errors so we do */
- DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE);
- OPENSSL_free(ret);
- return(NULL);
- }
- if(meth == NULL)
- ret->meth = default_DSO_meth;
- else
- ret->meth = meth;
- ret->references = 1;
- if((ret->meth->init != NULL) && !ret->meth->init(ret))
- {
- OPENSSL_free(ret);
- ret=NULL;
- }
- return(ret);
- }
-
-int DSO_free(DSO *dso)
- {
- int i;
-
- if(dso == NULL)
- {
- DSOerr(DSO_F_DSO_FREE,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
-
- i=CRYPTO_add(&dso->references,-1,CRYPTO_LOCK_DSO);
-#ifdef REF_PRINT
- REF_PRINT("DSO",dso);
-#endif
- if(i > 0) return(1);
-#ifdef REF_CHECK
- if(i < 0)
- {
- fprintf(stderr,"DSO_free, bad reference count\n");
- abort();
- }
-#endif
-
- if((dso->meth->dso_unload != NULL) && !dso->meth->dso_unload(dso))
- {
- DSOerr(DSO_F_DSO_FREE,DSO_R_UNLOAD_FAILED);
- return(0);
- }
-
- if((dso->meth->finish != NULL) && !dso->meth->finish(dso))
- {
- DSOerr(DSO_F_DSO_FREE,DSO_R_FINISH_FAILED);
- return(0);
- }
-
- sk_free(dso->meth_data);
-
- OPENSSL_free(dso);
- return(1);
- }
-
-int DSO_flags(DSO *dso)
- {
- return((dso == NULL) ? 0 : dso->flags);
- }
-
-
-int DSO_up(DSO *dso)
- {
- if (dso == NULL)
- {
- DSOerr(DSO_F_DSO_UP,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
-
- CRYPTO_add(&dso->references,1,CRYPTO_LOCK_DSO);
- return(1);
- }
-
-DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags)
- {
- DSO *ret;
- int allocated = 0;
-
- if(filename == NULL)
- {
- DSOerr(DSO_F_DSO_LOAD,ERR_R_PASSED_NULL_PARAMETER);
- return(NULL);
- }
- if(dso == NULL)
- {
- ret = DSO_new_method(meth);
- if(ret == NULL)
- {
- DSOerr(DSO_F_DSO_LOAD,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- allocated = 1;
- }
- else
- ret = dso;
- /* Bleurgh ... have to check for negative return values for
- * errors. <grimace> */
- if(DSO_ctrl(ret, DSO_CTRL_SET_FLAGS, flags, NULL) < 0)
- {
- DSOerr(DSO_F_DSO_LOAD,DSO_R_CTRL_FAILED);
- if(allocated)
- DSO_free(ret);
- return(NULL);
- }
- if(ret->meth->dso_load == NULL)
- {
- DSOerr(DSO_F_DSO_LOAD,DSO_R_UNSUPPORTED);
- if(allocated)
- DSO_free(ret);
- return(NULL);
- }
- if(!ret->meth->dso_load(ret, filename))
- {
- DSOerr(DSO_F_DSO_LOAD,DSO_R_LOAD_FAILED);
- if(allocated)
- DSO_free(ret);
- return(NULL);
- }
- /* Load succeeded */
- return(ret);
- }
-
-void *DSO_bind_var(DSO *dso, const char *symname)
- {
- void *ret = NULL;
-
- if((dso == NULL) || (symname == NULL))
- {
- DSOerr(DSO_F_DSO_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
- return(NULL);
- }
- if(dso->meth->dso_bind_var == NULL)
- {
- DSOerr(DSO_F_DSO_BIND_VAR,DSO_R_UNSUPPORTED);
- return(NULL);
- }
- if((ret = dso->meth->dso_bind_var(dso, symname)) == NULL)
- {
- DSOerr(DSO_F_DSO_BIND_VAR,DSO_R_SYM_FAILURE);
- return(NULL);
- }
- /* Success */
- return(ret);
- }
-
-DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname)
- {
- DSO_FUNC_TYPE ret = NULL;
-
- if((dso == NULL) || (symname == NULL))
- {
- DSOerr(DSO_F_DSO_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
- return(NULL);
- }
- if(dso->meth->dso_bind_func == NULL)
- {
- DSOerr(DSO_F_DSO_BIND_FUNC,DSO_R_UNSUPPORTED);
- return(NULL);
- }
- if((ret = dso->meth->dso_bind_func(dso, symname)) == NULL)
- {
- DSOerr(DSO_F_DSO_BIND_FUNC,DSO_R_SYM_FAILURE);
- return(NULL);
- }
- /* Success */
- return(ret);
- }
-
-/* I don't really like these *_ctrl functions very much to be perfectly
- * honest. For one thing, I think I have to return a negative value for
- * any error because possible DSO_ctrl() commands may return values
- * such as "size"s that can legitimately be zero (making the standard
- * "if(DSO_cmd(...))" form that works almost everywhere else fail at
- * odd times. I'd prefer "output" values to be passed by reference and
- * the return value as success/failure like usual ... but we conform
- * when we must... :-) */
-long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg)
- {
- if(dso == NULL)
- {
- DSOerr(DSO_F_DSO_CTRL,ERR_R_PASSED_NULL_PARAMETER);
- return(-1);
- }
- if((dso->meth == NULL) || (dso->meth->dso_ctrl == NULL))
- {
- DSOerr(DSO_F_DSO_CTRL,DSO_R_UNSUPPORTED);
- return(-1);
- }
- return(dso->meth->dso_ctrl(dso,cmd,larg,parg));
- }
diff --git a/src/lib/libcrypto/dso/dso_null.c b/src/lib/libcrypto/dso/dso_null.c
deleted file mode 100644
index fa13a7cb0f..0000000000
--- a/src/lib/libcrypto/dso/dso_null.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* dso_null.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* This "NULL" method is provided as the fallback for systems that have
- * no appropriate support for "shared-libraries". */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-static DSO_METHOD dso_meth_null = {
- "NULL shared library method",
- NULL, /* load */
- NULL, /* unload */
- NULL, /* bind_var */
- NULL, /* bind_func */
-/* For now, "unbind" doesn't exist */
-#if 0
- NULL, /* unbind_var */
- NULL, /* unbind_func */
-#endif
- NULL, /* ctrl */
- NULL, /* init */
- NULL /* finish */
- };
-
-DSO_METHOD *DSO_METHOD_null(void)
- {
- return(&dso_meth_null);
- }
-
diff --git a/src/lib/libcrypto/dso/dso_openssl.c b/src/lib/libcrypto/dso/dso_openssl.c
deleted file mode 100644
index a4395ebffe..0000000000
--- a/src/lib/libcrypto/dso/dso_openssl.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* dso_openssl.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-/* We just pinch the method from an appropriate "default" method. */
-
-DSO_METHOD *DSO_METHOD_openssl(void)
- {
-#ifdef DEF_DSO_METHOD
- return(DEF_DSO_METHOD());
-#elif defined(DSO_DLFCN)
- return(DSO_METHOD_dlfcn());
-#elif defined(DSO_DL)
- return(DSO_METHOD_dl());
-#elif defined(DSO_WIN32)
- return(DSO_METHOD_win32());
-#elif defined(DSO_VMS)
- return(DSO_METHOD_vms());
-#else
- return(DSO_METHOD_null());
-#endif
- }
-
diff --git a/src/lib/libcrypto/engine/README b/src/lib/libcrypto/engine/README
deleted file mode 100644
index 96595e6f35..0000000000
--- a/src/lib/libcrypto/engine/README
+++ /dev/null
@@ -1,278 +0,0 @@
-NOTES, THOUGHTS, and EVERYTHING
--------------------------------
-
-(1) Concurrency and locking ... I made a change to the ENGINE_free code
- because I spotted a potential hold-up in proceedings (doing too
- much inside a lock including calling a callback), there may be
- other bits like this. What do the speed/optimisation freaks think
- of this aspect of the code and design? There's lots of locking for
- manipulation functions and I need that to keep things nice and
- solid, but this manipulation is mostly (de)initialisation, I would
- think that most run-time locking is purely in the ENGINE_init and
- ENGINE_finish calls that might be made when getting handles for
- RSA (and friends') structures. These would be mostly reference
- count operations as the functional references should always be 1
- or greater at run-time to prevent init/deinit thrashing.
-
-(2) nCipher support, via the HWCryptoHook API, is now in the code.
- Apparently this hasn't been tested too much yet, but it looks
- good. :-) Atalla support has been added too, but shares a lot in
- common with Ben's original hooks in bn_exp.c (although it has been
- ENGINE-ified, and error handling wrapped around it) and it's also
- had some low-volume testing, so it should be usable.
-
-(3) Of more concern, we need to work out (a) how to put together usable
- RAND_METHODs for units that just have one "get n or less random
- bytes" function, (b) we also need to determine how to hook the code
- in crypto/rand/ to use the ENGINE defaults in a way similar to what
- has been done in crypto/rsa/, crypto/dsa/, etc.
-
-(4) ENGINE should really grow to encompass more than 3 public key
- algorithms and randomness gathering. The structure/data level of
- the engine code is hidden from code outside the crypto/engine/
- directory so change shouldn't be too viral. More important though
- is how things should evolve ... this needs thought and discussion.
-
-
------------------------------------==*==-----------------------------------
-
-More notes 2000-08-01
----------------------
-
-Geoff Thorpe, who designed the engine part, wrote a pretty good description
-of the thoughts he had when he built it, good enough to include verbatim here
-(with his permission) -- Richard Levitte
-
-
-Date: Tue, 1 Aug 2000 16:54:08 +0100 (BST)
-From: Geoff Thorpe
-Subject: Re: The thoughts to merge BRANCH_engine into the main trunk are
- emerging
-
-Hi there,
-
-I'm going to try and do some justice to this, but I'm a little short on
-time and the there is an endless amount that could be discussed on this
-subject. sigh ... please bear with me :-)
-
-> The changes in BRANCH_engine dig deep into the core of OpenSSL, for example
-> into the RSA and RAND routines, adding a level of indirection which is needed
-> to keep the abstraction, as far as I understand. It would be a good thing if
-> those who do play with those things took a look at the changes that have been
-> done in the branch and say out loud how much (or hopefully little) we've made
-> fools of ourselves.
-
-The point here is that the code that has emerged in the BRANCH_engine
-branch was based on some initial requirements of mine that I went in and
-addressed, and Richard has picked up the ball and run with it too. It
-would be really useful to get some review of the approach we've taken, but
-first I think I need to describe as best I can the reasons behind what has
-been done so far, in particular what issues we have tried to address when
-doing this, and what issues we have intentionally (or necessarily) tried
-to avoid.
-
-methods, engines, and evps
---------------------------
-
-There has been some dicussion, particularly with Steve, about where this
-ENGINE stuff might fit into the conceptual picture as/when we start to
-abstract algorithms a little bit to make the library more extensible. In
-particular, it would desirable to have algorithms (symmetric, hash, pkc,
-etc) abstracted in some way that allows them to be just objects sitting in
-a list (or database) ... it'll just happen that the "DSA" object doesn't
-support encryption whereas the "RSA" object does. This requires a lot of
-consideration to begin to know how to tackle it; in particular how
-encapsulated should these things be? If the objects also understand their
-own ASN1 encodings and what-not, then it would for example be possible to
-add support for elliptic-curve DSA in as a new algorithm and automatically
-have ECC-DSA certificates supported in SSL applications. Possible, but not
-easy. :-)
-
-Whatever, it seems that the way to go (if I've grok'd Steve's comments on
-this in the past) is to amalgamate these things in EVP as is already done
-(I think) for ciphers or hashes (Steve, please correct/elaborate). I
-certainly think something should be done in this direction because right
-now we have different source directories, types, functions, and methods
-for each algorithm - even when conceptually they are very much different
-feathers of the same bird. (This is certainly all true for the public-key
-stuff, and may be partially true for the other parts.)
-
-ENGINE was *not* conceived as a way of solving this, far from it. Nor was
-it conceived as a way of replacing the various "***_METHOD"s. It was
-conceived as an abstraction of a sort of "virtual crypto device". If we
-lived in a world where "EVP_ALGO"s (or something like them) encapsulated
-particular algorithms like RSA,DSA,MD5,RC4,etc, and "***_METHOD"s
-encapsulated interfaces to algorithms (eg. some algo's might support a
-PKC_METHOD, a HASH_METHOD, or a CIPHER_METHOD, who knows?), then I would
-think that ENGINE would encapsulate an implementation of arbitrarily many
-of those algorithms - perhaps as alternatives to existing algorithms
-and/or perhaps as new previously unimplemented algorithms. An ENGINE could
-be used to contain an alternative software implementation, a wrapper for a
-hardware acceleration and/or key-management unit, a comms-wrapper for
-distributing cryptographic operations to remote machines, or any other
-"devices" your imagination can dream up.
-
-However, what has been done in the ENGINE branch so far is nothing more
-than starting to get our toes wet. I had a couple of self-imposed
-requirements when putting the initial abstraction together, and I may have
-already posed these in one form or another on the list, but briefly;
-
- (i) only bother with public key algorithms for now, and maybe RAND too
- (motivated by the need to get hardware support going and the fact
- this was a comparitively easy subset to address to begin with).
-
- (ii) don't change (if at all possible) the existing crypto code, ie. the
- implementations, the way the ***_METHODs work, etc.
-
- (iii) ensure that if no function from the ENGINE code is ever called then
- things work the way they always did, and there is no memory
- allocation (otherwise the failure to cleanup would be a problem -
- this is part of the reason no STACKs were used, the other part of
- the reason being I found them inappropriate).
-
- (iv) ensure that all the built-in crypto was encapsulated by one of
- these "ENGINE"s and that this engine was automatically selected as
- the default.
-
- (v) provide the minimum hooking possible in the existing crypto code
- so that global functions (eg. RSA_public_encrypt) do not need any
- extra parameter, yet will use whatever the current default ENGINE
- for that RSA key is, and that the default can be set "per-key"
- and globally (new keys will assume the global default, and keys
- without their own default will be operated on using the global
- default). NB: Try and make (v) conflict as little as possible with
- (ii). :-)
-
- (vi) wrap the ENGINE code up in duct tape so you can't even see the
- corners. Ie. expose no structures at all, just black-box pointers.
-
- (v) maintain internally a list of ENGINEs on which a calling
- application can iterate, interrogate, etc. Allow a calling
- application to hook in new ENGINEs, remove ENGINEs from the list,
- and enforce uniqueness within the global list of each ENGINE's
- "unique id".
-
- (vi) keep reference counts for everything - eg. this includes storing a
- reference inside each RSA structure to the ENGINE that it uses.
- This is freed when the RSA structure is destroyed, or has its
- ENGINE explicitly changed. The net effect needs to be that at any
- time, it is deterministic to know whether an ENGINE is in use or
- can be safely removed (or unloaded in the case of the other type
- of reference) without invalidating function pointers that may or
- may not be used indavertently in the future. This was actually
- one of the biggest problems to overcome in the existing OpenSSL
- code - implementations had always been assumed to be ever-present,
- so there was no trivial way to get round this.
-
- (vii) distinguish between structural references and functional
- references.
-
-A *little* detail
------------------
-
-While my mind is on it; I'll illustrate the bit in item (vii). This idea
-turned out to be very handy - the ENGINEs themselves need to be operated
-on and manipulated simply as objects without necessarily trying to
-"enable" them for use. Eg. most host machines will not have the necessary
-hardware or software to support all the engines one might compile into
-OpenSSL, yet it needs to be possible to iterate across the ENGINEs,
-querying their names, properties, etc - all happening in a thread-safe
-manner that uses reference counts (if you imagine two threads iterating
-through a list and one thread removing the ENGINE the other is currently
-looking at - you can see the gotcha waiting to happen). For all of this,
-*structural references* are used and operate much like the other reference
-counts in OpenSSL.
-
-The other kind of reference count is for *functional* references - these
-indicate a reference on which the caller can actually assume the
-particular ENGINE to be initialised and usable to perform the operations
-it implements. Any increment or decrement of the functional reference
-count automatically invokes a corresponding change in the structural
-reference count, as it is fairly obvious that a functional reference is a
-restricted case of a structural reference. So struct_ref >= funct_ref at
-all times. NB: functional references are usually obtained by a call to
-ENGINE_init(), but can also be created implicitly by calls that require a
-new functional reference to be created, eg. ENGINE_set_default(). Either
-way the only time the underlying ENGINE's "init" function is really called
-is when the (functional) reference count increases to 1, similarly the
-underlying "finish" handler is only called as the count goes down to 0.
-The effect of this, for example, is that if you set the default ENGINE for
-RSA operations to be "cswift", then its functional reference count will
-already be at least 1 so the CryptoSwift shared-library and the card will
-stay loaded and initialised until such time as all RSA keys using the
-cswift ENGINE are changed or destroyed and the default ENGINE for RSA
-operations has been changed. This prevents repeated thrashing of init and
-finish handling if the count keeps getting down as far as zero.
-
-Otherwise, the way the ENGINE code has been put together I think pretty
-much reflects the above points. The reason for the ENGINE structure having
-individual RSA_METHOD, DSA_METHOD, etc pointers is simply that it was the
-easiest way to go about things for now, to hook it all into the raw
-RSA,DSA,etc code, and I was trying to the keep the structure invisible
-anyway so that the way this is internally managed could be easily changed
-later on when we start to work out what's to be done about these other
-abstractions.
-
-Down the line, if some EVP-based technique emerges for adequately
-encapsulating algorithms and all their various bits and pieces, then I can
-imagine that "ENGINE" would turn into a reference-counting database of
-these EVP things, of which the default "openssl" ENGINE would be the
-library's own object database of pre-built software implemented algorithms
-(and such). It would also be cool to see the idea of "METHOD"s detached
-from the algorithms themselves ... so RSA, DSA, ElGamal, etc can all
-expose essentially the same METHOD (aka interface), which would include
-any querying/flagging stuff to identify what the algorithm can/can't do,
-its name, and other stuff like max/min block sizes, key sizes, etc. This
-would result in ENGINE similarly detaching its internal database of
-algorithm implementations from the function definitions that return
-interfaces to them. I think ...
-
-As for DSOs etc. Well the DSO code is pretty handy (but could be made much
-more so) for loading vendor's driver-libraries and talking to them in some
-generic way, but right now there's still big problems associated with
-actually putting OpenSSL code (ie. new ENGINEs, or anything else for that
-matter) in dynamically loadable libraries. These problems won't go away in
-a hurry so I don't think we should expect to have any kind of
-shared-library extensions any time soon - but solving the problems is a
-good thing to aim for, and would as a side-effect probably help make
-OpenSSL more usable as a shared-library itself (looking at the things
-needed to do this will show you why).
-
-One of the problems is that if you look at any of the ENGINE
-implementations, eg. hw_cswift.c or hw_ncipher.c, you'll see how it needs
-a variety of functionality and definitions from various areas of OpenSSL,
-including crypto/bn/, crypto/err/, crypto/ itself (locking for example),
-crypto/dso/, crypto/engine/, crypto/rsa, etc etc etc. So if similar code
-were to be suctioned off into shared libraries, the shared libraries would
-either have to duplicate all the definitions and code and avoid loader
-conflicts, or OpenSSL would have to somehow expose all that functionality
-to the shared-library. If this isn't a big enough problem, the issue of
-binary compatibility will be - anyone writing Apache modules can tell you
-that (Ralf? Ben? :-). However, I don't think OpenSSL would need to be
-quite so forgiving as Apache should be, so OpenSSL could simply tell its
-version to the DSO and leave the DSO with the problem of deciding whether
-to proceed or bail out for fear of binary incompatibilities.
-
-Certainly one thing that would go a long way to addressing this is to
-embark on a bit of an opaqueness mission. I've set the ENGINE code up with
-this in mind - it's so draconian that even to declare your own ENGINE, you
-have to get the engine code to create the underlying ENGINE structure, and
-then feed in the new ENGINE's function/method pointers through various
-"set" functions. The more of the code that takes on such a black-box
-approach, the more of the code that will be (a) easy to expose to shared
-libraries that need it, and (b) easy to expose to applications wanting to
-use OpenSSL itself as a shared-library. From my own explorations in
-OpenSSL, the biggest leviathan I've seen that is a problem in this respect
-is the BIGNUM code. Trying to "expose" the bignum code through any kind of
-organised "METHODs", let alone do all the necessary bignum operations
-solely through functions rather than direct access to the structures and
-macros, will be a massive pain in the "r"s.
-
-Anyway, I'm done for now - hope it was readable. Thoughts?
-
-Cheers,
-Geoff
-
-
------------------------------------==*==-----------------------------------
-
diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h
deleted file mode 100644
index 2983f47034..0000000000
--- a/src/lib/libcrypto/engine/engine.h
+++ /dev/null
@@ -1,398 +0,0 @@
-/* openssl/engine.h */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ENGINE_H
-#define HEADER_ENGINE_H
-
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
-#include <openssl/dh.h>
-#include <openssl/rand.h>
-#include <openssl/evp.h>
-#include <openssl/symhacks.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* These flags are used to control combinations of algorithm (methods)
- * by bitwise "OR"ing. */
-#define ENGINE_METHOD_RSA (unsigned int)0x0001
-#define ENGINE_METHOD_DSA (unsigned int)0x0002
-#define ENGINE_METHOD_DH (unsigned int)0x0004
-#define ENGINE_METHOD_RAND (unsigned int)0x0008
-#define ENGINE_METHOD_BN_MOD_EXP (unsigned int)0x0010
-#define ENGINE_METHOD_BN_MOD_EXP_CRT (unsigned int)0x0020
-/* Obvious all-or-nothing cases. */
-#define ENGINE_METHOD_ALL (unsigned int)0xFFFF
-#define ENGINE_METHOD_NONE (unsigned int)0x0000
-
-/* These flags are used to tell the ctrl function what should be done.
- * All command numbers are shared between all engines, even if some don't
- * make sense to some engines. In such a case, they do nothing but return
- * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */
-#define ENGINE_CTRL_SET_LOGSTREAM 1
-#define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
-/* Flags specific to the nCipher "chil" engine */
-#define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
- /* Depending on the value of the (long)i argument, this sets or
- * unsets the SimpleForkCheck flag in the CHIL API to enable or
- * disable checking and workarounds for applications that fork().
- */
-#define ENGINE_CTRL_CHIL_NO_LOCKING 101
- /* This prevents the initialisation function from providing mutex
- * callbacks to the nCipher library. */
-
-/* As we're missing a BIGNUM_METHOD, we need a couple of locally
- * defined function types that engines can implement. */
-
-#ifndef HEADER_ENGINE_INT_H
-/* mod_exp operation, calculates; r = a ^ p mod m
- * NB: ctx can be NULL, but if supplied, the implementation may use
- * it if it wishes. */
-typedef int (*BN_MOD_EXP)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-/* private key operation for RSA, provided seperately in case other
- * RSA implementations wish to use it. */
-typedef int (*BN_MOD_EXP_CRT)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
- const BIGNUM *iqmp, BN_CTX *ctx);
-
-/* Generic function pointer */
-typedef void (*ENGINE_GEN_FUNC_PTR)();
-/* Generic function pointer taking no arguments */
-typedef void (*ENGINE_GEN_INT_FUNC_PTR)(void);
-/* Specific control function pointer */
-typedef int (*ENGINE_CTRL_FUNC_PTR)(int cmd, long i, void *p, void (*f)());
-
-/* The list of "engine" types is a static array of (const ENGINE*)
- * pointers (not dynamic because static is fine for now and we otherwise
- * have to hook an appropriate load/unload function in to initialise and
- * cleanup). */
-typedef struct engine_st ENGINE;
-#endif
-
-/* STRUCTURE functions ... all of these functions deal with pointers to
- * ENGINE structures where the pointers have a "structural reference".
- * This means that their reference is to allow access to the structure
- * but it does not imply that the structure is functional. To simply
- * increment or decrement the structural reference count, use ENGINE_new
- * and ENGINE_free. NB: This is not required when iterating using
- * ENGINE_get_next as it will automatically decrement the structural
- * reference count of the "current" ENGINE and increment the structural
- * reference count of the ENGINE it returns (unless it is NULL). */
-
-/* Get the first/last "ENGINE" type available. */
-ENGINE *ENGINE_get_first(void);
-ENGINE *ENGINE_get_last(void);
-/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
-ENGINE *ENGINE_get_next(ENGINE *e);
-ENGINE *ENGINE_get_prev(ENGINE *e);
-/* Add another "ENGINE" type into the array. */
-int ENGINE_add(ENGINE *e);
-/* Remove an existing "ENGINE" type from the array. */
-int ENGINE_remove(ENGINE *e);
-/* Retrieve an engine from the list by its unique "id" value. */
-ENGINE *ENGINE_by_id(const char *id);
-
-/* These functions are useful for manufacturing new ENGINE
- * structures. They don't address reference counting at all -
- * one uses them to populate an ENGINE structure with personalised
- * implementations of things prior to using it directly or adding
- * it to the builtin ENGINE list in OpenSSL. These are also here
- * so that the ENGINE structure doesn't have to be exposed and
- * break binary compatibility!
- *
- * NB: I'm changing ENGINE_new to force the ENGINE structure to
- * be allocated from within OpenSSL. See the comment for
- * ENGINE_get_struct_size().
- */
-#if 0
-ENGINE *ENGINE_new(ENGINE *e);
-#else
-ENGINE *ENGINE_new(void);
-#endif
-int ENGINE_free(ENGINE *e);
-int ENGINE_set_id(ENGINE *e, const char *id);
-int ENGINE_set_name(ENGINE *e, const char *name);
-int ENGINE_set_RSA(ENGINE *e, RSA_METHOD *rsa_meth);
-int ENGINE_set_DSA(ENGINE *e, DSA_METHOD *dsa_meth);
-int ENGINE_set_DH(ENGINE *e, DH_METHOD *dh_meth);
-int ENGINE_set_RAND(ENGINE *e, RAND_METHOD *rand_meth);
-int ENGINE_set_BN_mod_exp(ENGINE *e, BN_MOD_EXP bn_mod_exp);
-int ENGINE_set_BN_mod_exp_crt(ENGINE *e, BN_MOD_EXP_CRT bn_mod_exp_crt);
-int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
-int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
-int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
-
-/* These return values from within the ENGINE structure. These can
- * be useful with functional references as well as structural
- * references - it depends which you obtained. Using the result
- * for functional purposes if you only obtained a structural
- * reference may be problematic! */
-const char *ENGINE_get_id(ENGINE *e);
-const char *ENGINE_get_name(ENGINE *e);
-RSA_METHOD *ENGINE_get_RSA(ENGINE *e);
-DSA_METHOD *ENGINE_get_DSA(ENGINE *e);
-DH_METHOD *ENGINE_get_DH(ENGINE *e);
-RAND_METHOD *ENGINE_get_RAND(ENGINE *e);
-BN_MOD_EXP ENGINE_get_BN_mod_exp(ENGINE *e);
-BN_MOD_EXP_CRT ENGINE_get_BN_mod_exp_crt(ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(ENGINE *e);
-ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(ENGINE *e);
-
-/* ENGINE_new is normally passed a NULL in the first parameter because
- * the calling code doesn't have access to the definition of the ENGINE
- * structure (for good reason). However, if the caller wishes to use
- * its own memory allocation or use a static array, the following call
- * should be used to check the amount of memory the ENGINE structure
- * will occupy. This will make the code more future-proof.
- *
- * NB: I'm "#if 0"-ing this out because it's better to force the use of
- * internally allocated memory. See similar change in ENGINE_new().
- */
-#if 0
-int ENGINE_get_struct_size(void);
-#endif
-
-/* FUNCTIONAL functions. These functions deal with ENGINE structures
- * that have (or will) be initialised for use. Broadly speaking, the
- * structural functions are useful for iterating the list of available
- * engine types, creating new engine types, and other "list" operations.
- * These functions actually deal with ENGINEs that are to be used. As
- * such these functions can fail (if applicable) when particular
- * engines are unavailable - eg. if a hardware accelerator is not
- * attached or not functioning correctly. Each ENGINE has 2 reference
- * counts; structural and functional. Every time a functional reference
- * is obtained or released, a corresponding structural reference is
- * automatically obtained or released too. */
-
-/* Initialise a engine type for use (or up its reference count if it's
- * already in use). This will fail if the engine is not currently
- * operational and cannot initialise. */
-int ENGINE_init(ENGINE *e);
-/* Free a functional reference to a engine type. This does not require
- * a corresponding call to ENGINE_free as it also releases a structural
- * reference. */
-int ENGINE_finish(ENGINE *e);
-/* Send control parametrised commands to the engine. The possibilities
- * to send down an integer, a pointer to data or a function pointer are
- * provided. Any of the parameters may or may not be NULL, depending
- * on the command number */
-/* WARNING: This is currently experimental and may change radically! */
-int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-
-/* The following functions handle keys that are stored in some secondary
- * location, handled by the engine. The storage may be on a card or
- * whatever. */
-EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
- const char *passphrase);
-EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
- const char *passphrase);
-
-/* This returns a pointer for the current ENGINE structure that
- * is (by default) performing any RSA operations. The value returned
- * is an incremented reference, so it should be free'd (ENGINE_finish)
- * before it is discarded. */
-ENGINE *ENGINE_get_default_RSA(void);
-/* Same for the other "methods" */
-ENGINE *ENGINE_get_default_DSA(void);
-ENGINE *ENGINE_get_default_DH(void);
-ENGINE *ENGINE_get_default_RAND(void);
-ENGINE *ENGINE_get_default_BN_mod_exp(void);
-ENGINE *ENGINE_get_default_BN_mod_exp_crt(void);
-
-/* This sets a new default ENGINE structure for performing RSA
- * operations. If the result is non-zero (success) then the ENGINE
- * structure will have had its reference count up'd so the caller
- * should still free their own reference 'e'. */
-int ENGINE_set_default_RSA(ENGINE *e);
-/* Same for the other "methods" */
-int ENGINE_set_default_DSA(ENGINE *e);
-int ENGINE_set_default_DH(ENGINE *e);
-int ENGINE_set_default_RAND(ENGINE *e);
-int ENGINE_set_default_BN_mod_exp(ENGINE *e);
-int ENGINE_set_default_BN_mod_exp_crt(ENGINE *e);
-
-/* The combination "set" - the flags are bitwise "OR"d from the
- * ENGINE_METHOD_*** defines above. */
-int ENGINE_set_default(ENGINE *e, unsigned int flags);
-
-/* Obligatory error function. */
-void ERR_load_ENGINE_strings(void);
-
-/*
- * Error codes for all engine functions. NB: We use "generic"
- * function names instead of per-implementation ones because this
- * levels the playing field for externally implemented bootstrapped
- * support code. As the filename and line number is included, it's
- * more important to indicate the type of function, so that
- * bootstrapped code (that can't easily add its own errors in) can
- * use the same error codes too.
- */
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the ENGINE functions. */
-
-/* Function codes. */
-#define ENGINE_F_ATALLA_FINISH 135
-#define ENGINE_F_ATALLA_INIT 136
-#define ENGINE_F_ATALLA_MOD_EXP 137
-#define ENGINE_F_ATALLA_RSA_MOD_EXP 138
-#define ENGINE_F_CSWIFT_DSA_SIGN 133
-#define ENGINE_F_CSWIFT_DSA_VERIFY 134
-#define ENGINE_F_CSWIFT_FINISH 100
-#define ENGINE_F_CSWIFT_INIT 101
-#define ENGINE_F_CSWIFT_MOD_EXP 102
-#define ENGINE_F_CSWIFT_MOD_EXP_CRT 103
-#define ENGINE_F_CSWIFT_RSA_MOD_EXP 104
-#define ENGINE_F_ENGINE_ADD 105
-#define ENGINE_F_ENGINE_BY_ID 106
-#define ENGINE_F_ENGINE_CTRL 142
-#define ENGINE_F_ENGINE_FINISH 107
-#define ENGINE_F_ENGINE_FREE 108
-#define ENGINE_F_ENGINE_GET_BN_MOD_EXP 109
-#define ENGINE_F_ENGINE_GET_BN_MOD_EXP_CRT 110
-#define ENGINE_F_ENGINE_GET_CTRL_FUNCTION 144
-#define ENGINE_F_ENGINE_GET_DH 111
-#define ENGINE_F_ENGINE_GET_DSA 112
-#define ENGINE_F_ENGINE_GET_FINISH_FUNCTION 145
-#define ENGINE_F_ENGINE_GET_ID 113
-#define ENGINE_F_ENGINE_GET_INIT_FUNCTION 146
-#define ENGINE_F_ENGINE_GET_NAME 114
-#define ENGINE_F_ENGINE_GET_NEXT 115
-#define ENGINE_F_ENGINE_GET_PREV 116
-#define ENGINE_F_ENGINE_GET_RAND 117
-#define ENGINE_F_ENGINE_GET_RSA 118
-#define ENGINE_F_ENGINE_INIT 119
-#define ENGINE_F_ENGINE_LIST_ADD 120
-#define ENGINE_F_ENGINE_LIST_REMOVE 121
-#define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
-#define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
-#define ENGINE_F_ENGINE_NEW 122
-#define ENGINE_F_ENGINE_REMOVE 123
-#define ENGINE_F_ENGINE_SET_BN_MOD_EXP 124
-#define ENGINE_F_ENGINE_SET_BN_MOD_EXP_CRT 125
-#define ENGINE_F_ENGINE_SET_CTRL_FUNCTION 147
-#define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126
-#define ENGINE_F_ENGINE_SET_DH 127
-#define ENGINE_F_ENGINE_SET_DSA 128
-#define ENGINE_F_ENGINE_SET_FINISH_FUNCTION 148
-#define ENGINE_F_ENGINE_SET_ID 129
-#define ENGINE_F_ENGINE_SET_INIT_FUNCTION 149
-#define ENGINE_F_ENGINE_SET_NAME 130
-#define ENGINE_F_ENGINE_SET_RAND 131
-#define ENGINE_F_ENGINE_SET_RSA 132
-#define ENGINE_F_ENGINE_UNLOAD_KEY 152
-#define ENGINE_F_HWCRHK_CTRL 143
-#define ENGINE_F_HWCRHK_FINISH 135
-#define ENGINE_F_HWCRHK_GET_PASS 155
-#define ENGINE_F_HWCRHK_INIT 136
-#define ENGINE_F_HWCRHK_LOAD_PRIVKEY 153
-#define ENGINE_F_HWCRHK_LOAD_PUBKEY 154
-#define ENGINE_F_HWCRHK_MOD_EXP 137
-#define ENGINE_F_HWCRHK_MOD_EXP_CRT 138
-#define ENGINE_F_HWCRHK_RAND_BYTES 139
-#define ENGINE_F_HWCRHK_RSA_MOD_EXP 140
-#define ENGINE_F_LOG_MESSAGE 141
-
-/* Reason codes. */
-#define ENGINE_R_ALREADY_LOADED 100
-#define ENGINE_R_BIO_WAS_FREED 121
-#define ENGINE_R_BN_CTX_FULL 101
-#define ENGINE_R_BN_EXPAND_FAIL 102
-#define ENGINE_R_CHIL_ERROR 123
-#define ENGINE_R_CONFLICTING_ENGINE_ID 103
-#define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
-#define ENGINE_R_DSO_FAILURE 104
-#define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
-#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
-#define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
-#define ENGINE_R_FINISH_FAILED 106
-#define ENGINE_R_GET_HANDLE_FAILED 107
-#define ENGINE_R_ID_OR_NAME_MISSING 108
-#define ENGINE_R_INIT_FAILED 109
-#define ENGINE_R_INTERNAL_LIST_ERROR 110
-#define ENGINE_R_MISSING_KEY_COMPONENTS 111
-#define ENGINE_R_NOT_INITIALISED 117
-#define ENGINE_R_NOT_LOADED 112
-#define ENGINE_R_NO_CALLBACK 127
-#define ENGINE_R_NO_CONTROL_FUNCTION 120
-#define ENGINE_R_NO_KEY 124
-#define ENGINE_R_NO_LOAD_FUNCTION 125
-#define ENGINE_R_NO_REFERENCE 130
-#define ENGINE_R_NO_SUCH_ENGINE 116
-#define ENGINE_R_NO_UNLOAD_FUNCTION 126
-#define ENGINE_R_PROVIDE_PARAMETERS 113
-#define ENGINE_R_REQUEST_FAILED 114
-#define ENGINE_R_REQUEST_FALLBACK 118
-#define ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL 122
-#define ENGINE_R_UNIT_FAILURE 115
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/err/err.c b/src/lib/libcrypto/err/err.c
deleted file mode 100644
index 839f4ab81a..0000000000
--- a/src/lib/libcrypto/err/err.c
+++ /dev/null
@@ -1,801 +0,0 @@
-/* crypto/err/err.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdarg.h>
-#include <string.h>
-#include <openssl/lhash.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-
-
-static LHASH *error_hash=NULL;
-static LHASH *thread_hash=NULL;
-
-static unsigned long err_hash(ERR_STRING_DATA *a);
-static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b);
-static unsigned long pid_hash(ERR_STATE *pid);
-static int pid_cmp(ERR_STATE *a,ERR_STATE *pid);
-static unsigned long get_error_values(int inc,const char **file,int *line,
- const char **data,int *flags);
-static void ERR_STATE_free(ERR_STATE *s);
-#ifndef NO_ERR
-static ERR_STRING_DATA ERR_str_libraries[]=
- {
-{ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"},
-{ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"},
-{ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"},
-{ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"},
-{ERR_PACK(ERR_LIB_DSA,0,0) ,"dsa routines"},
-{ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"},
-{ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"},
-{ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"},
-{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"},
-{ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"},
-{ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"},
-{ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"},
-{ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"},
-{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuration file routines"},
-{ERR_PACK(ERR_LIB_METH,0,0) ,"X509 lookup 'method' routines"},
-{ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"},
-{ERR_PACK(ERR_LIB_RSAREF,0,0) ,"RSAref routines"},
-{ERR_PACK(ERR_LIB_PROXY,0,0) ,"Proxy routines"},
-{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"},
-{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"},
-{ERR_PACK(ERR_LIB_X509V3,0,0) ,"X509 V3 routines"},
-{ERR_PACK(ERR_LIB_PKCS12,0,0) ,"PKCS12 routines"},
-{ERR_PACK(ERR_LIB_RAND,0,0) ,"random number generator"},
-{ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"},
-{ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"},
-{0,NULL},
- };
-
-static ERR_STRING_DATA ERR_str_functs[]=
- {
- {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"},
- {ERR_PACK(0,SYS_F_CONNECT,0), "connect"},
- {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"},
- {ERR_PACK(0,SYS_F_SOCKET,0), "socket"},
- {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"},
- {ERR_PACK(0,SYS_F_BIND,0), "bind"},
- {ERR_PACK(0,SYS_F_LISTEN,0), "listen"},
- {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"},
-#ifdef WINDOWS
- {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"},
-#endif
- {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"},
- {0,NULL},
- };
-
-static ERR_STRING_DATA ERR_str_reasons[]=
- {
-{ERR_R_FATAL ,"fatal"},
-{ERR_R_SYS_LIB ,"system lib"},
-{ERR_R_BN_LIB ,"BN lib"},
-{ERR_R_RSA_LIB ,"RSA lib"},
-{ERR_R_DH_LIB ,"DH lib"},
-{ERR_R_EVP_LIB ,"EVP lib"},
-{ERR_R_BUF_LIB ,"BUF lib"},
-{ERR_R_BIO_LIB ,"BIO lib"},
-{ERR_R_OBJ_LIB ,"OBJ lib"},
-{ERR_R_PEM_LIB ,"PEM lib"},
-{ERR_R_X509_LIB ,"X509 lib"},
-{ERR_R_METH_LIB ,"METH lib"},
-{ERR_R_ASN1_LIB ,"ASN1 lib"},
-{ERR_R_CONF_LIB ,"CONF lib"},
-{ERR_R_SSL_LIB ,"SSL lib"},
-{ERR_R_PROXY_LIB ,"PROXY lib"},
-{ERR_R_BIO_LIB ,"BIO lib"},
-{ERR_R_PKCS7_LIB ,"PKCS7 lib"},
-{ERR_R_PKCS12_LIB ,"PKCS12 lib"},
-{ERR_R_MALLOC_FAILURE ,"Malloc failure"},
-{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"},
-{ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"},
-{ERR_R_NESTED_ASN1_ERROR ,"nested asn1 error"},
-{ERR_R_BAD_ASN1_OBJECT_HEADER ,"bad asn1 object header"},
-{ERR_R_BAD_GET_ASN1_OBJECT_CALL ,"bad get asn1 object call"},
-{ERR_R_EXPECTING_AN_ASN1_SEQUENCE ,"expecting an asn1 sequence"},
-{ERR_R_ASN1_LENGTH_MISMATCH ,"asn1 length mismatch"},
-{ERR_R_MISSING_ASN1_EOS ,"missing asn1 eos"},
-{ERR_R_DSO_LIB ,"DSO lib"},
-{ERR_R_ENGINE_LIB ,"ENGINE lib"},
-
-{0,NULL},
- };
-
-
-#define NUM_SYS_STR_REASONS 127
-#define LEN_SYS_STR_REASON 32
-
-static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
-/* SYS_str_reasons is filled with copies of strerror() results at
- * initialization.
- * 'errno' values up to 127 should cover all usual errors,
- * others will be displayed numerically by ERR_error_string.
- * It is crucial that we have something for each reason code
- * that occurs in ERR_str_reasons, or bogus reason strings
- * will be returned for SYSerr(), which always gets an errno
- * value and never one of those 'standard' reason codes. */
-
-static void build_SYS_str_reasons()
- {
- /* OPENSSL_malloc cannot be used here, use static storage instead */
- static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON];
- int i;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
-
- for (i = 1; i <= NUM_SYS_STR_REASONS; i++)
- {
- ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
-
- str->error = (unsigned long)i;
- if (str->string == NULL)
- {
- char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
- char *src = strerror(i);
- if (src != NULL)
- {
- strncpy(*dest, src, sizeof *dest);
- (*dest)[sizeof *dest - 1] = '\0';
- str->string = *dest;
- }
- }
- if (str->string == NULL)
- str->string = "unknown";
- }
-
- /* Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL},
- * as required by ERR_load_strings. */
-
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
- }
-#endif
-
-#define err_clear_data(p,i) \
- if (((p)->err_data[i] != NULL) && \
- (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \
- { \
- OPENSSL_free((p)->err_data[i]); \
- (p)->err_data[i]=NULL; \
- } \
- (p)->err_data_flags[i]=0;
-
-static void ERR_STATE_free(ERR_STATE *s)
- {
- int i;
-
- if(s == NULL)
- return;
-
- for (i=0; i<ERR_NUM_ERRORS; i++)
- {
- err_clear_data(s,i);
- }
- OPENSSL_free(s);
- }
-
-void ERR_load_ERR_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- CRYPTO_w_lock(CRYPTO_LOCK_ERR);
- if (init == 0)
- {
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
- return;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-#ifndef NO_ERR
- ERR_load_strings(0,ERR_str_libraries);
- ERR_load_strings(0,ERR_str_reasons);
- ERR_load_strings(ERR_LIB_SYS,ERR_str_functs);
- build_SYS_str_reasons();
- ERR_load_strings(ERR_LIB_SYS,SYS_str_reasons);
-#endif
- init=0;
- }
- }
-
-void ERR_load_strings(int lib, ERR_STRING_DATA *str)
- {
- if (error_hash == NULL)
- {
- CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
- error_hash=lh_new(err_hash,err_cmp);
- if (error_hash == NULL)
- {
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
- return;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
-
- ERR_load_ERR_strings();
- }
-
- CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
- while (str->error)
- {
- str->error|=ERR_PACK(lib,0,0);
- lh_insert(error_hash,str);
- str++;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
- }
-
-void ERR_free_strings(void)
- {
- CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-
- if (error_hash != NULL)
- {
- lh_free(error_hash);
- error_hash=NULL;
- }
-
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
- }
-
-/********************************************************/
-
-void ERR_put_error(int lib, int func, int reason, const char *file,
- int line)
- {
- ERR_STATE *es;
-
-#ifdef _OSD_POSIX
- /* In the BS2000-OSD POSIX subsystem, the compiler generates
- * path names in the form "*POSIX(/etc/passwd)".
- * This dirty hack strips them to something sensible.
- * @@@ We shouldn't modify a const string, though.
- */
- if (strncmp(file,"*POSIX(", sizeof("*POSIX(")-1) == 0) {
- char *end;
-
- /* Skip the "*POSIX(" prefix */
- file += sizeof("*POSIX(")-1;
- end = &file[strlen(file)-1];
- if (*end == ')')
- *end = '\0';
- /* Optional: use the basename of the path only. */
- if ((end = strrchr(file, '/')) != NULL)
- file = &end[1];
- }
-#endif
- es=ERR_get_state();
-
- es->top=(es->top+1)%ERR_NUM_ERRORS;
- if (es->top == es->bottom)
- es->bottom=(es->bottom+1)%ERR_NUM_ERRORS;
- es->err_buffer[es->top]=ERR_PACK(lib,func,reason);
- es->err_file[es->top]=file;
- es->err_line[es->top]=line;
- err_clear_data(es,es->top);
- }
-
-void ERR_clear_error(void)
- {
- int i;
- ERR_STATE *es;
-
- es=ERR_get_state();
-
- for (i=0; i<ERR_NUM_ERRORS; i++)
- {
- es->err_buffer[i]=0;
- err_clear_data(es,i);
- es->err_file[i]=NULL;
- es->err_line[i]= -1;
- }
- es->top=es->bottom=0;
- }
-
-
-unsigned long ERR_get_error(void)
- { return(get_error_values(1,NULL,NULL,NULL,NULL)); }
-
-unsigned long ERR_get_error_line(const char **file,
- int *line)
- { return(get_error_values(1,file,line,NULL,NULL)); }
-
-unsigned long ERR_get_error_line_data(const char **file, int *line,
- const char **data, int *flags)
- { return(get_error_values(1,file,line,
- data,flags)); }
-
-unsigned long ERR_peek_error(void)
- { return(get_error_values(0,NULL,NULL,NULL,NULL)); }
-
-unsigned long ERR_peek_error_line(const char **file,
- int *line)
- { return(get_error_values(0,file,line,NULL,NULL)); }
-
-unsigned long ERR_peek_error_line_data(const char **file, int *line,
- const char **data, int *flags)
- { return(get_error_values(0,file,line,
- data,flags)); }
-
-static unsigned long get_error_values(int inc, const char **file, int *line,
- const char **data, int *flags)
- {
- int i=0;
- ERR_STATE *es;
- unsigned long ret;
-
- es=ERR_get_state();
-
- if (es->bottom == es->top) return(0);
- i=(es->bottom+1)%ERR_NUM_ERRORS;
-
- ret=es->err_buffer[i];
- if (inc)
- {
- es->bottom=i;
- es->err_buffer[i]=0;
- }
-
- if ((file != NULL) && (line != NULL))
- {
- if (es->err_file[i] == NULL)
- {
- *file="NA";
- if (line != NULL) *line=0;
- }
- else
- {
- *file=es->err_file[i];
- if (line != NULL) *line=es->err_line[i];
- }
- }
-
- if (data == NULL)
- {
- if (inc)
- {
- err_clear_data(es, i);
- }
- }
- else
- {
- if (es->err_data[i] == NULL)
- {
- *data="";
- if (flags != NULL) *flags=0;
- }
- else
- {
- *data=es->err_data[i];
- if (flags != NULL) *flags=es->err_data_flags[i];
- }
- }
- return(ret);
- }
-
-void ERR_error_string_n(unsigned long e, char *buf, size_t len)
- {
- char lsbuf[64], fsbuf[64], rsbuf[64];
- const char *ls,*fs,*rs;
- unsigned long l,f,r;
-
- l=ERR_GET_LIB(e);
- f=ERR_GET_FUNC(e);
- r=ERR_GET_REASON(e);
-
- ls=ERR_lib_error_string(e);
- fs=ERR_func_error_string(e);
- rs=ERR_reason_error_string(e);
-
- if (ls == NULL)
- BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l);
- if (fs == NULL)
- BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f);
- if (rs == NULL)
- BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r);
-
- BIO_snprintf(buf, len,"error:%08lX:%s:%s:%s", e, ls?ls:lsbuf,
- fs?fs:fsbuf, rs?rs:rsbuf);
- if (strlen(buf) == len-1)
- {
- /* output may be truncated; make sure we always have 5
- * colon-separated fields, i.e. 4 colons ... */
-#define NUM_COLONS 4
- if (len > NUM_COLONS) /* ... if possible */
- {
- int i;
- char *s = buf;
-
- for (i = 0; i < NUM_COLONS; i++)
- {
- char *colon = strchr(s, ':');
- if (colon == NULL || colon > &buf[len-1] - NUM_COLONS + i)
- {
- /* set colon no. i at last possible position
- * (buf[len-1] is the terminating 0)*/
- colon = &buf[len-1] - NUM_COLONS + i;
- *colon = ':';
- }
- s = colon + 1;
- }
- }
- }
- }
-
-/* BAD for multi-threading: uses a local buffer if ret == NULL */
-/* ERR_error_string_n should be used instead for ret != NULL
- * as ERR_error_string cannot know how large the buffer is */
-char *ERR_error_string(unsigned long e, char *ret)
- {
- static char buf[256];
-
- if (ret == NULL) ret=buf;
- ERR_error_string_n(e, ret, 256);
-
- return(ret);
- }
-
-LHASH *ERR_get_string_table(void)
- {
- return(error_hash);
- }
-
-/* not thread-safe */
-LHASH *ERR_get_err_state_table(void)
- {
- return(thread_hash);
- }
-
-const char *ERR_lib_error_string(unsigned long e)
- {
- ERR_STRING_DATA d,*p=NULL;
- unsigned long l;
-
- l=ERR_GET_LIB(e);
-
- CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
-
- if (error_hash != NULL)
- {
- d.error=ERR_PACK(l,0,0);
- p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d);
- }
-
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
-
- return((p == NULL)?NULL:p->string);
- }
-
-const char *ERR_func_error_string(unsigned long e)
- {
- ERR_STRING_DATA d,*p=NULL;
- unsigned long l,f;
-
- l=ERR_GET_LIB(e);
- f=ERR_GET_FUNC(e);
-
- CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
-
- if (error_hash != NULL)
- {
- d.error=ERR_PACK(l,f,0);
- p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d);
- }
-
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
-
- return((p == NULL)?NULL:p->string);
- }
-
-const char *ERR_reason_error_string(unsigned long e)
- {
- ERR_STRING_DATA d,*p=NULL;
- unsigned long l,r;
-
- l=ERR_GET_LIB(e);
- r=ERR_GET_REASON(e);
-
- CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
-
- if (error_hash != NULL)
- {
- d.error=ERR_PACK(l,0,r);
- p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d);
- if (p == NULL)
- {
- d.error=ERR_PACK(0,0,r);
- p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d);
- }
- }
-
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
-
- return((p == NULL)?NULL:p->string);
- }
-
-static unsigned long err_hash(ERR_STRING_DATA *a)
- {
- unsigned long ret,l;
-
- l=a->error;
- ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l);
- return(ret^ret%19*13);
- }
-
-static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b)
- {
- return((int)(a->error-b->error));
- }
-
-static unsigned long pid_hash(ERR_STATE *a)
- {
- return(a->pid*13);
- }
-
-static int pid_cmp(ERR_STATE *a, ERR_STATE *b)
- {
- return((int)((long)a->pid - (long)b->pid));
- }
-
-void ERR_remove_state(unsigned long pid)
- {
- ERR_STATE *p = NULL,tmp;
-
- if (thread_hash == NULL)
- return;
- if (pid == 0)
- pid=(unsigned long)CRYPTO_thread_id();
- tmp.pid=pid;
- CRYPTO_w_lock(CRYPTO_LOCK_ERR);
- if (thread_hash)
- {
- p=(ERR_STATE *)lh_delete(thread_hash,&tmp);
- if (lh_num_items(thread_hash) == 0)
- {
- /* make sure we don't leak memory */
- lh_free(thread_hash);
- thread_hash = NULL;
- }
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
- if (p != NULL) ERR_STATE_free(p);
- }
-
-ERR_STATE *ERR_get_state(void)
- {
- static ERR_STATE fallback;
- ERR_STATE *ret=NULL,tmp,*tmpp=NULL;
- int thread_state_exists;
- int i;
- unsigned long pid;
-
- pid=(unsigned long)CRYPTO_thread_id();
-
- CRYPTO_w_lock(CRYPTO_LOCK_ERR);
- if (thread_hash != NULL)
- {
- tmp.pid=pid;
- ret=(ERR_STATE *)lh_retrieve(thread_hash,&tmp);
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
- /* ret == the error state, if NULL, make a new one */
- if (ret == NULL)
- {
- ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE));
- if (ret == NULL) return(&fallback);
- ret->pid=pid;
- ret->top=0;
- ret->bottom=0;
- for (i=0; i<ERR_NUM_ERRORS; i++)
- {
- ret->err_data[i]=NULL;
- ret->err_data_flags[i]=0;
- }
-
- CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-
- /* no entry yet in thread_hash for current thread -
- * thus, it may have changed since we last looked at it */
- if (thread_hash == NULL)
- thread_hash = lh_new(pid_hash, pid_cmp);
- if (thread_hash == NULL)
- thread_state_exists = 0; /* allocation error */
- else
- {
- tmpp=(ERR_STATE *)lh_insert(thread_hash,ret);
- thread_state_exists = 1;
- }
-
- CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
- if (!thread_state_exists)
- {
- ERR_STATE_free(ret); /* could not insert it */
- return(&fallback);
- }
-
- if (tmpp != NULL) /* old entry - should not happen */
- {
- ERR_STATE_free(tmpp);
- }
- }
- return(ret);
- }
-
-int ERR_get_next_error_library(void)
- {
- static int value=ERR_LIB_USER;
-
- return(value++);
- }
-
-void ERR_set_error_data(char *data, int flags)
- {
- ERR_STATE *es;
- int i;
-
- es=ERR_get_state();
-
- i=es->top;
- if (i == 0)
- i=ERR_NUM_ERRORS-1;
-
- err_clear_data(es,i);
- es->err_data[i]=data;
- es->err_data_flags[i]=flags;
- }
-
-void ERR_add_error_data(int num, ...)
- {
- va_list args;
- int i,n,s;
- char *str,*p,*a;
-
- s=80;
- str=OPENSSL_malloc(s+1);
- if (str == NULL) return;
- str[0]='\0';
-
- va_start(args, num);
- n=0;
- for (i=0; i<num; i++)
- {
- a=va_arg(args, char*);
- /* ignore NULLs, thanks to Bob Beck <beck@obtuse.com> */
- if (a != NULL)
- {
- n+=strlen(a);
- if (n > s)
- {
- s=n+20;
- p=OPENSSL_realloc(str,s+1);
- if (p == NULL)
- {
- OPENSSL_free(str);
- return;
- }
- else
- str=p;
- }
- strcat(str,a);
- }
- }
- ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING);
-
- va_end(args);
- }
-
diff --git a/src/lib/libcrypto/err/err.h b/src/lib/libcrypto/err/err.h
deleted file mode 100644
index 7388a4a937..0000000000
--- a/src/lib/libcrypto/err/err.h
+++ /dev/null
@@ -1,278 +0,0 @@
-/* crypto/err/err.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ERR_H
-#define HEADER_ERR_H
-
-#ifndef NO_FP_API
-#include <stdio.h>
-#include <stdlib.h>
-#endif
-
-#ifndef NO_BIO
-#include <openssl/bio.h>
-#endif
-#ifndef NO_LHASH
-#include <openssl/lhash.h>
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* The following is a bit of a trick to help the object files only contain
- * the 'name of the file' string once. Since 'err.h' is protected by the
- * HEADER_ERR_H stuff, this should be included only once per file. */
-
-#define ERR_file_name __FILE__
-
-#ifndef NO_ERR
-#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e)
-#else
-#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0)
-#endif
-
-#include <errno.h>
-
-#define ERR_TXT_MALLOCED 0x01
-#define ERR_TXT_STRING 0x02
-
-#define ERR_NUM_ERRORS 16
-typedef struct err_state_st
- {
- unsigned long pid;
- unsigned long err_buffer[ERR_NUM_ERRORS];
- char *err_data[ERR_NUM_ERRORS];
- int err_data_flags[ERR_NUM_ERRORS];
- const char *err_file[ERR_NUM_ERRORS];
- int err_line[ERR_NUM_ERRORS];
- int top,bottom;
- } ERR_STATE;
-
-/* library */
-#define ERR_LIB_NONE 1
-#define ERR_LIB_SYS 2
-#define ERR_LIB_BN 3
-#define ERR_LIB_RSA 4
-#define ERR_LIB_DH 5
-#define ERR_LIB_EVP 6
-#define ERR_LIB_BUF 7
-#define ERR_LIB_OBJ 8
-#define ERR_LIB_PEM 9
-#define ERR_LIB_DSA 10
-#define ERR_LIB_X509 11
-#define ERR_LIB_METH 12
-#define ERR_LIB_ASN1 13
-#define ERR_LIB_CONF 14
-#define ERR_LIB_CRYPTO 15
-#define ERR_LIB_SSL 20
-#define ERR_LIB_SSL23 21
-#define ERR_LIB_SSL2 22
-#define ERR_LIB_SSL3 23
-#define ERR_LIB_RSAREF 30
-#define ERR_LIB_PROXY 31
-#define ERR_LIB_BIO 32
-#define ERR_LIB_PKCS7 33
-#define ERR_LIB_X509V3 34
-#define ERR_LIB_PKCS12 35
-#define ERR_LIB_RAND 36
-#define ERR_LIB_DSO 37
-#define ERR_LIB_ENGINE 38
-
-#define ERR_LIB_USER 128
-
-#define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),ERR_file_name,__LINE__)
-#define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),ERR_file_name,__LINE__)
-#define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),ERR_file_name,__LINE__)
-#define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),ERR_file_name,__LINE__)
-#define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),ERR_file_name,__LINE__)
-#define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),ERR_file_name,__LINE__)
-#define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),ERR_file_name,__LINE__)
-#define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),ERR_file_name,__LINE__)
-#define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),ERR_file_name,__LINE__)
-#define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),ERR_file_name,__LINE__)
-#define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),ERR_file_name,__LINE__)
-#define METHerr(f,r) ERR_PUT_error(ERR_LIB_METH,(f),(r),ERR_file_name,__LINE__)
-#define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),ERR_file_name,__LINE__)
-#define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),ERR_file_name,__LINE__)
-#define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),ERR_file_name,__LINE__)
-#define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),ERR_file_name,__LINE__)
-#define SSL23err(f,r) ERR_PUT_error(ERR_LIB_SSL23,(f),(r),ERR_file_name,__LINE__)
-#define SSL2err(f,r) ERR_PUT_error(ERR_LIB_SSL2,(f),(r),ERR_file_name,__LINE__)
-#define SSL3err(f,r) ERR_PUT_error(ERR_LIB_SSL3,(f),(r),ERR_file_name,__LINE__)
-#define RSAREFerr(f,r) ERR_PUT_error(ERR_LIB_RSAREF,(f),(r),ERR_file_name,__LINE__)
-#define PROXYerr(f,r) ERR_PUT_error(ERR_LIB_PROXY,(f),(r),ERR_file_name,__LINE__)
-#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__)
-#define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),ERR_file_name,__LINE__)
-#define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),ERR_file_name,__LINE__)
-#define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),ERR_file_name,__LINE__)
-#define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),ERR_file_name,__LINE__)
-#define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),ERR_file_name,__LINE__)
-
-/* Borland C seems too stupid to be able to shift and do longs in
- * the pre-processor :-( */
-#define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)*0x1000000)| \
- ((((unsigned long)f)&0xfffL)*0x1000)| \
- ((((unsigned long)r)&0xfffL)))
-#define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL)
-#define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL)
-#define ERR_GET_REASON(l) (int)((l)&0xfffL)
-#define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL)
-
-/* OS functions */
-#define SYS_F_FOPEN 1
-#define SYS_F_CONNECT 2
-#define SYS_F_GETSERVBYNAME 3
-#define SYS_F_SOCKET 4
-#define SYS_F_IOCTLSOCKET 5
-#define SYS_F_BIND 6
-#define SYS_F_LISTEN 7
-#define SYS_F_ACCEPT 8
-#define SYS_F_WSASTARTUP 9 /* Winsock stuff */
-#define SYS_F_OPENDIR 10
-
-#define ERR_R_FATAL 32
-/* reasons */
-#define ERR_R_SYS_LIB ERR_LIB_SYS
-#define ERR_R_BN_LIB ERR_LIB_BN
-#define ERR_R_RSA_LIB ERR_LIB_RSA
-#define ERR_R_DSA_LIB ERR_LIB_DSA
-#define ERR_R_DH_LIB ERR_LIB_DH
-#define ERR_R_EVP_LIB ERR_LIB_EVP
-#define ERR_R_BUF_LIB ERR_LIB_BUF
-#define ERR_R_BIO_LIB ERR_LIB_BIO
-#define ERR_R_OBJ_LIB ERR_LIB_OBJ
-#define ERR_R_PEM_LIB ERR_LIB_PEM
-#define ERR_R_X509_LIB ERR_LIB_X509
-#define ERR_R_METH_LIB ERR_LIB_METH
-#define ERR_R_ASN1_LIB ERR_LIB_ASN1
-#define ERR_R_CONF_LIB ERR_LIB_CONF
-#define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO
-#define ERR_R_SSL_LIB ERR_LIB_SSL
-#define ERR_R_SSL23_LIB ERR_LIB_SSL23
-#define ERR_R_SSL2_LIB ERR_LIB_SSL2
-#define ERR_R_SSL3_LIB ERR_LIB_SSL3
-#define ERR_R_PROXY_LIB ERR_LIB_PROXY
-#define ERR_R_BIO_LIB ERR_LIB_BIO
-#define ERR_R_PKCS7_LIB ERR_LIB_PKCS7
-#define ERR_R_PKCS12_LIB ERR_LIB_PKCS12
-#define ERR_R_DSO_LIB ERR_LIB_DSO
-#define ERR_R_ENGINE_LIB ERR_LIB_ENGINE
-
-/* fatal error */
-#define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL)
-#define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL)
-#define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL)
-#define ERR_R_NESTED_ASN1_ERROR (4)
-#define ERR_R_BAD_ASN1_OBJECT_HEADER (5)
-#define ERR_R_BAD_GET_ASN1_OBJECT_CALL (6)
-#define ERR_R_EXPECTING_AN_ASN1_SEQUENCE (7)
-#define ERR_R_ASN1_LENGTH_MISMATCH (8)
-#define ERR_R_MISSING_ASN1_EOS (9)
-
-typedef struct ERR_string_data_st
- {
- unsigned long error;
- const char *string;
- } ERR_STRING_DATA;
-
-void ERR_put_error(int lib, int func,int reason,const char *file,int line);
-void ERR_set_error_data(char *data,int flags);
-
-unsigned long ERR_get_error(void );
-unsigned long ERR_get_error_line(const char **file,int *line);
-unsigned long ERR_get_error_line_data(const char **file,int *line,
- const char **data, int *flags);
-unsigned long ERR_peek_error(void );
-unsigned long ERR_peek_error_line(const char **file,int *line);
-unsigned long ERR_peek_error_line_data(const char **file,int *line,
- const char **data,int *flags);
-void ERR_clear_error(void );
-char *ERR_error_string(unsigned long e,char *buf);
-void ERR_error_string_n(unsigned long e, char *buf, size_t len);
-const char *ERR_lib_error_string(unsigned long e);
-const char *ERR_func_error_string(unsigned long e);
-const char *ERR_reason_error_string(unsigned long e);
-#ifndef NO_FP_API
-void ERR_print_errors_fp(FILE *fp);
-#endif
-#ifndef NO_BIO
-void ERR_print_errors(BIO *bp);
-void ERR_add_error_data(int num, ...);
-#endif
-void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
-void ERR_load_ERR_strings(void);
-void ERR_load_crypto_strings(void);
-void ERR_free_strings(void);
-
-void ERR_remove_state(unsigned long pid); /* if zero we look it up */
-ERR_STATE *ERR_get_state(void);
-
-#ifndef NO_LHASH
-LHASH *ERR_get_string_table(void);
-LHASH *ERR_get_err_state_table(void); /* even less thread-safe than
- * ERR_get_string_table :-) */
-#endif
-
-int ERR_get_next_error_library(void);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/err/err_all.c b/src/lib/libcrypto/err/err_all.c
deleted file mode 100644
index b8315d8272..0000000000
--- a/src/lib/libcrypto/err/err_all.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/* crypto/err/err_all.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#ifndef NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifdef RSAref
-#include <openssl/rsaref.h>
-#endif
-#ifndef NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef NO_DSA
-#include <openssl/dsa.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem2.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/conf.h>
-#include <openssl/pkcs12.h>
-#include <openssl/rand.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/err.h>
-
-void ERR_load_crypto_strings(void)
- {
- static int done=0;
-
- if (done) return;
- done=1;
-#ifndef NO_ERR
- ERR_load_ASN1_strings();
- ERR_load_BN_strings();
- ERR_load_BUF_strings();
- ERR_load_BIO_strings();
- ERR_load_CONF_strings();
-#ifndef NO_RSA
-#ifdef RSAref
- ERR_load_RSAREF_strings();
-#else
- ERR_load_RSA_strings();
-#endif
-#endif
-#ifndef NO_DH
- ERR_load_DH_strings();
-#endif
-#ifndef NO_DSA
- ERR_load_DSA_strings();
-#endif
- ERR_load_ERR_strings();
- ERR_load_EVP_strings();
- ERR_load_OBJ_strings();
- ERR_load_PEM_strings();
- ERR_load_X509_strings();
- ERR_load_X509V3_strings();
- ERR_load_CRYPTO_strings();
- ERR_load_PKCS7_strings();
- ERR_load_PKCS12_strings();
- ERR_load_RAND_strings();
- ERR_load_DSO_strings();
- ERR_load_ENGINE_strings();
-#endif
- }
diff --git a/src/lib/libcrypto/err/err_prn.c b/src/lib/libcrypto/err/err_prn.c
deleted file mode 100644
index 6f60b016c3..0000000000
--- a/src/lib/libcrypto/err/err_prn.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/err/err_prn.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/lhash.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/crypto.h>
-
-#ifndef NO_FP_API
-void ERR_print_errors_fp(FILE *fp)
- {
- unsigned long l;
- char buf[200];
- const char *file,*data;
- int line,flags;
- unsigned long es;
-
- es=CRYPTO_thread_id();
- while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0)
- {
- ERR_error_string_n(l, buf, sizeof buf);
- fprintf(fp,"%lu:%s:%s:%d:%s\n",es,buf,
- file,line,(flags&ERR_TXT_STRING)?data:"");
- }
- }
-#endif
-
-void ERR_print_errors(BIO *bp)
- {
- unsigned long l;
- char buf[256];
- char buf2[256];
- const char *file,*data;
- int line,flags;
- unsigned long es;
-
- es=CRYPTO_thread_id();
- while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0)
- {
- ERR_error_string_n(l, buf, sizeof buf);
- sprintf(buf2,"%lu:%s:%s:%d:",es,buf,
- file,line);
- BIO_write(bp,buf2,strlen(buf2));
- if (flags & ERR_TXT_STRING)
- BIO_write(bp,data,strlen(data));
- BIO_write(bp,"\n",1);
- }
- }
-
diff --git a/src/lib/libcrypto/err/openssl.ec b/src/lib/libcrypto/err/openssl.ec
deleted file mode 100644
index 861d680e07..0000000000
--- a/src/lib/libcrypto/err/openssl.ec
+++ /dev/null
@@ -1,74 +0,0 @@
-L ERR NONE NONE
-L CRYPTO crypto/crypto.h crypto/cpt_err.c
-L BN crypto/bn/bn.h crypto/bn/bn_err.c
-L RSA crypto/rsa/rsa.h crypto/rsa/rsa_err.c
-L DSA crypto/dsa/dsa.h crypto/dsa/dsa_err.c
-L DSO crypto/dso/dso.h crypto/dso/dso_err.c
-L DH crypto/dh/dh.h crypto/dh/dh_err.c
-L EVP crypto/evp/evp.h crypto/evp/evp_err.c
-L BUF crypto/buffer/buffer.h crypto/buffer/buf_err.c
-L BIO crypto/bio/bio.h crypto/bio/bio_err.c
-L OBJ crypto/objects/objects.h crypto/objects/obj_err.c
-L PEM crypto/pem/pem.h crypto/pem/pem_err.c
-L X509 crypto/x509/x509.h crypto/x509/x509_err.c
-L NONE crypto/x509/x509_vfy.h NONE
-L X509V3 crypto/x509v3/x509v3.h crypto/x509v3/v3err.c
-#L METH crypto/meth/meth.h crypto/meth/meth_err.c
-L ASN1 crypto/asn1/asn1.h crypto/asn1/asn1_err.c
-L CONF crypto/conf/conf.h crypto/conf/conf_err.c
-#L PROXY crypto/proxy/proxy.h crypto/proxy/proxy_err.c
-L PKCS7 crypto/pkcs7/pkcs7.h crypto/pkcs7/pkcs7err.c
-L PKCS12 crypto/pkcs12/pkcs12.h crypto/pkcs12/pk12err.c
-L RSAREF rsaref/rsaref.h rsaref/rsar_err.c
-L SSL ssl/ssl.h ssl/ssl_err.c
-L COMP crypto/comp/comp.h crypto/comp/comp_err.c
-L RAND crypto/rand/rand.h crypto/rand/rand_err.c
-L ENGINE crypto/engine/engine.h crypto/engine/engine_err.c
-
-
-F RSAREF_F_RSA_BN2BIN
-F RSAREF_F_RSA_PRIVATE_DECRYPT
-F RSAREF_F_RSA_PRIVATE_ENCRYPT
-F RSAREF_F_RSA_PUBLIC_DECRYPT
-F RSAREF_F_RSA_PUBLIC_ENCRYPT
-#F SSL_F_CLIENT_CERTIFICATE
-
-R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
-R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
-R SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
-R SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
-R SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
-R SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
-R SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
-R SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
-R SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
-R SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
-R SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
-R SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
-R SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
-R SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
-R SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
-R SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
-R SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
-R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
-R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
-R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
-R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
-R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
-R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
-
-R RSAREF_R_CONTENT_ENCODING 0x0400
-R RSAREF_R_DATA 0x0401
-R RSAREF_R_DIGEST_ALGORITHM 0x0402
-R RSAREF_R_ENCODING 0x0403
-R RSAREF_R_KEY 0x0404
-R RSAREF_R_KEY_ENCODING 0x0405
-R RSAREF_R_LEN 0x0406
-R RSAREF_R_MODULUS_LEN 0x0407
-R RSAREF_R_NEED_RANDOM 0x0408
-R RSAREF_R_PRIVATE_KEY 0x0409
-R RSAREF_R_PUBLIC_KEY 0x040a
-R RSAREF_R_SIGNATURE 0x040b
-R RSAREF_R_SIGNATURE_ENCODING 0x040c
-R RSAREF_R_ENCRYPTION_ALGORITHM 0x040d
-
diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c
deleted file mode 100644
index af6fa2ae8f..0000000000
--- a/src/lib/libcrypto/evp/bio_b64.c
+++ /dev/null
@@ -1,547 +0,0 @@
-/* crypto/evp/bio_b64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-static int b64_write(BIO *h, const char *buf, int num);
-static int b64_read(BIO *h, char *buf, int size);
-/*static int b64_puts(BIO *h, const char *str); */
-/*static int b64_gets(BIO *h, char *str, int size); */
-static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int b64_new(BIO *h);
-static int b64_free(BIO *data);
-static long b64_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
-#define B64_BLOCK_SIZE 1024
-#define B64_BLOCK_SIZE2 768
-#define B64_NONE 0
-#define B64_ENCODE 1
-#define B64_DECODE 2
-
-typedef struct b64_struct
- {
- /*BIO *bio; moved to the BIO structure */
- int buf_len;
- int buf_off;
- int tmp_len; /* used to find the start when decoding */
- int tmp_nl; /* If true, scan until '\n' */
- int encode;
- int start; /* have we started decoding yet? */
- int cont; /* <= 0 when finished */
- EVP_ENCODE_CTX base64;
- char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE)+10];
- char tmp[B64_BLOCK_SIZE];
- } BIO_B64_CTX;
-
-static BIO_METHOD methods_b64=
- {
- BIO_TYPE_BASE64,"base64 encoding",
- b64_write,
- b64_read,
- NULL, /* b64_puts, */
- NULL, /* b64_gets, */
- b64_ctrl,
- b64_new,
- b64_free,
- b64_callback_ctrl,
- };
-
-BIO_METHOD *BIO_f_base64(void)
- {
- return(&methods_b64);
- }
-
-static int b64_new(BIO *bi)
- {
- BIO_B64_CTX *ctx;
-
- ctx=(BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX));
- if (ctx == NULL) return(0);
-
- ctx->buf_len=0;
- ctx->tmp_len=0;
- ctx->tmp_nl=0;
- ctx->buf_off=0;
- ctx->cont=1;
- ctx->start=1;
- ctx->encode=0;
-
- bi->init=1;
- bi->ptr=(char *)ctx;
- bi->flags=0;
- return(1);
- }
-
-static int b64_free(BIO *a)
- {
- if (a == NULL) return(0);
- OPENSSL_free(a->ptr);
- a->ptr=NULL;
- a->init=0;
- a->flags=0;
- return(1);
- }
-
-static int b64_read(BIO *b, char *out, int outl)
- {
- int ret=0,i,ii,j,k,x,n,num,ret_code=0;
- BIO_B64_CTX *ctx;
- unsigned char *p,*q;
-
- if (out == NULL) return(0);
- ctx=(BIO_B64_CTX *)b->ptr;
-
- if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-
- if (ctx->encode != B64_DECODE)
- {
- ctx->encode=B64_DECODE;
- ctx->buf_len=0;
- ctx->buf_off=0;
- ctx->tmp_len=0;
- EVP_DecodeInit(&(ctx->base64));
- }
-
- /* First check if there are bytes decoded/encoded */
- if (ctx->buf_len > 0)
- {
- i=ctx->buf_len-ctx->buf_off;
- if (i > outl) i=outl;
- memcpy(out,&(ctx->buf[ctx->buf_off]),i);
- ret=i;
- out+=i;
- outl-=i;
- ctx->buf_off+=i;
- if (ctx->buf_len == ctx->buf_off)
- {
- ctx->buf_len=0;
- ctx->buf_off=0;
- }
- }
-
- /* At this point, we have room of outl bytes and an empty
- * buffer, so we should read in some more. */
-
- ret_code=0;
- while (outl > 0)
- {
- if (ctx->cont <= 0) break;
-
- i=BIO_read(b->next_bio,&(ctx->tmp[ctx->tmp_len]),
- B64_BLOCK_SIZE-ctx->tmp_len);
-
- if (i <= 0)
- {
- ret_code=i;
-
- /* Should be continue next time we are called? */
- if (!BIO_should_retry(b->next_bio))
- ctx->cont=i;
- /* else we should continue when called again */
- break;
- }
- i+=ctx->tmp_len;
-
- /* We need to scan, a line at a time until we
- * have a valid line if we are starting. */
- if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL))
- {
- /* ctx->start=1; */
- ctx->tmp_len=0;
- }
- else if (ctx->start)
- {
- q=p=(unsigned char *)ctx->tmp;
- for (j=0; j<i; j++)
- {
- if (*(q++) != '\n') continue;
-
- /* due to a previous very long line,
- * we need to keep on scanning for a '\n'
- * before we even start looking for
- * base64 encoded stuff. */
- if (ctx->tmp_nl)
- {
- p=q;
- ctx->tmp_nl=0;
- continue;
- }
-
- k=EVP_DecodeUpdate(&(ctx->base64),
- (unsigned char *)ctx->buf,
- &num,p,q-p);
- if ((k <= 0) && (num == 0) && (ctx->start))
- EVP_DecodeInit(&ctx->base64);
- else
- {
- if (p != (unsigned char *)
- &(ctx->tmp[0]))
- {
- i-=(p- (unsigned char *)
- &(ctx->tmp[0]));
- for (x=0; x < i; x++)
- ctx->tmp[x]=p[x];
- }
- EVP_DecodeInit(&ctx->base64);
- ctx->start=0;
- break;
- }
- p=q;
- }
-
- /* we fell off the end without starting */
- if (j == i)
- {
- /* Is this is one long chunk?, if so, keep on
- * reading until a new line. */
- if (p == (unsigned char *)&(ctx->tmp[0]))
- {
- ctx->tmp_nl=1;
- ctx->tmp_len=0;
- }
- else if (p != q) /* finished on a '\n' */
- {
- n=q-p;
- for (ii=0; ii<n; ii++)
- ctx->tmp[ii]=p[ii];
- ctx->tmp_len=n;
- }
- /* else finished on a '\n' */
- continue;
- }
- else
- ctx->tmp_len=0;
- }
-
- if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
- {
- int z,jj;
-
- jj=(i>>2)<<2;
- z=EVP_DecodeBlock((unsigned char *)ctx->buf,
- (unsigned char *)ctx->tmp,jj);
- if (jj > 2)
- {
- if (ctx->tmp[jj-1] == '=')
- {
- z--;
- if (ctx->tmp[jj-2] == '=')
- z--;
- }
- }
- /* z is now number of output bytes and jj is the
- * number consumed */
- if (jj != i)
- {
- memcpy((unsigned char *)ctx->tmp,
- (unsigned char *)&(ctx->tmp[jj]),i-jj);
- ctx->tmp_len=i-jj;
- }
- ctx->buf_len=0;
- if (z > 0)
- {
- ctx->buf_len=z;
- i=1;
- }
- else
- i=z;
- }
- else
- {
- i=EVP_DecodeUpdate(&(ctx->base64),
- (unsigned char *)ctx->buf,&ctx->buf_len,
- (unsigned char *)ctx->tmp,i);
- }
- ctx->cont=i;
- ctx->buf_off=0;
- if (i < 0)
- {
- ret_code=0;
- ctx->buf_len=0;
- break;
- }
-
- if (ctx->buf_len <= outl)
- i=ctx->buf_len;
- else
- i=outl;
-
- memcpy(out,ctx->buf,i);
- ret+=i;
- ctx->buf_off=i;
- if (ctx->buf_off == ctx->buf_len)
- {
- ctx->buf_len=0;
- ctx->buf_off=0;
- }
- outl-=i;
- out+=i;
- }
- BIO_clear_retry_flags(b);
- BIO_copy_next_retry(b);
- return((ret == 0)?ret_code:ret);
- }
-
-static int b64_write(BIO *b, const char *in, int inl)
- {
- int ret=inl,n,i;
- BIO_B64_CTX *ctx;
-
- ctx=(BIO_B64_CTX *)b->ptr;
- BIO_clear_retry_flags(b);
-
- if (ctx->encode != B64_ENCODE)
- {
- ctx->encode=B64_ENCODE;
- ctx->buf_len=0;
- ctx->buf_off=0;
- ctx->tmp_len=0;
- EVP_EncodeInit(&(ctx->base64));
- }
-
- n=ctx->buf_len-ctx->buf_off;
- while (n > 0)
- {
- i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
- if (i <= 0)
- {
- BIO_copy_next_retry(b);
- return(i);
- }
- ctx->buf_off+=i;
- n-=i;
- }
- /* at this point all pending data has been written */
- ctx->buf_off=0;
- ctx->buf_len=0;
-
- if ((in == NULL) || (inl <= 0)) return(0);
-
- while (inl > 0)
- {
- n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl;
-
- if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
- {
- if (ctx->tmp_len > 0)
- {
- n=3-ctx->tmp_len;
- /* There's a teoretical possibility for this */
- if (n > inl)
- n=inl;
- memcpy(&(ctx->tmp[ctx->tmp_len]),in,n);
- ctx->tmp_len+=n;
- if (ctx->tmp_len < 3)
- break;
- ctx->buf_len=EVP_EncodeBlock(
- (unsigned char *)ctx->buf,
- (unsigned char *)ctx->tmp,
- ctx->tmp_len);
- /* Since we're now done using the temporary
- buffer, the length should be 0'd */
- ctx->tmp_len=0;
- }
- else
- {
- if (n < 3)
- {
- memcpy(&(ctx->tmp[0]),in,n);
- ctx->tmp_len=n;
- break;
- }
- n-=n%3;
- ctx->buf_len=EVP_EncodeBlock(
- (unsigned char *)ctx->buf,
- (unsigned char *)in,n);
- }
- }
- else
- {
- EVP_EncodeUpdate(&(ctx->base64),
- (unsigned char *)ctx->buf,&ctx->buf_len,
- (unsigned char *)in,n);
- }
- inl-=n;
- in+=n;
-
- ctx->buf_off=0;
- n=ctx->buf_len;
- while (n > 0)
- {
- i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
- if (i <= 0)
- {
- BIO_copy_next_retry(b);
- return((ret == 0)?i:ret);
- }
- n-=i;
- ctx->buf_off+=i;
- }
- ctx->buf_len=0;
- ctx->buf_off=0;
- }
- return(ret);
- }
-
-static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- BIO_B64_CTX *ctx;
- long ret=1;
- int i;
-
- ctx=(BIO_B64_CTX *)b->ptr;
-
- switch (cmd)
- {
- case BIO_CTRL_RESET:
- ctx->cont=1;
- ctx->start=1;
- ctx->encode=B64_NONE;
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_CTRL_EOF: /* More to read */
- if (ctx->cont <= 0)
- ret=1;
- else
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_CTRL_WPENDING: /* More to write in buffer */
- ret=ctx->buf_len-ctx->buf_off;
- if ((ret == 0) && (ctx->base64.num != 0))
- ret=1;
- else if (ret <= 0)
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_CTRL_PENDING: /* More to read in buffer */
- ret=ctx->buf_len-ctx->buf_off;
- if (ret <= 0)
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_CTRL_FLUSH:
- /* do a final write */
-again:
- while (ctx->buf_len != ctx->buf_off)
- {
- i=b64_write(b,NULL,0);
- if (i < 0)
- {
- ret=i;
- break;
- }
- }
- if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
- {
- if (ctx->tmp_len != 0)
- {
- ctx->buf_len=EVP_EncodeBlock(
- (unsigned char *)ctx->buf,
- (unsigned char *)ctx->tmp,
- ctx->tmp_len);
- ctx->buf_off=0;
- ctx->tmp_len=0;
- goto again;
- }
- }
- else if (ctx->base64.num != 0)
- {
- ctx->buf_off=0;
- EVP_EncodeFinal(&(ctx->base64),
- (unsigned char *)ctx->buf,
- &(ctx->buf_len));
- /* push out the bytes */
- goto again;
- }
- /* Finally flush the underlying BIO */
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
-
- case BIO_C_DO_STATE_MACHINE:
- BIO_clear_retry_flags(b);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- BIO_copy_next_retry(b);
- break;
-
- case BIO_CTRL_DUP:
- break;
- case BIO_CTRL_INFO:
- case BIO_CTRL_GET:
- case BIO_CTRL_SET:
- default:
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- }
- return(ret);
- }
-
-static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
- {
- long ret=1;
-
- if (b->next_bio == NULL) return(0);
- switch (cmd)
- {
- default:
- ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
- break;
- }
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c
deleted file mode 100644
index 831c71a2b5..0000000000
--- a/src/lib/libcrypto/evp/bio_enc.c
+++ /dev/null
@@ -1,425 +0,0 @@
-/* crypto/evp/bio_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-static int enc_write(BIO *h, const char *buf, int num);
-static int enc_read(BIO *h, char *buf, int size);
-/*static int enc_puts(BIO *h, const char *str); */
-/*static int enc_gets(BIO *h, char *str, int size); */
-static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int enc_new(BIO *h);
-static int enc_free(BIO *data);
-static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
-#define ENC_BLOCK_SIZE (1024*4)
-
-typedef struct enc_struct
- {
- int buf_len;
- int buf_off;
- int cont; /* <= 0 when finished */
- int finished;
- int ok; /* bad decrypt */
- EVP_CIPHER_CTX cipher;
- char buf[ENC_BLOCK_SIZE+10];
- } BIO_ENC_CTX;
-
-static BIO_METHOD methods_enc=
- {
- BIO_TYPE_CIPHER,"cipher",
- enc_write,
- enc_read,
- NULL, /* enc_puts, */
- NULL, /* enc_gets, */
- enc_ctrl,
- enc_new,
- enc_free,
- enc_callback_ctrl,
- };
-
-BIO_METHOD *BIO_f_cipher(void)
- {
- return(&methods_enc);
- }
-
-static int enc_new(BIO *bi)
- {
- BIO_ENC_CTX *ctx;
-
- ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX));
- EVP_CIPHER_CTX_init(&ctx->cipher);
- if (ctx == NULL) return(0);
-
- ctx->buf_len=0;
- ctx->buf_off=0;
- ctx->cont=1;
- ctx->finished=0;
- ctx->ok=1;
-
- bi->init=0;
- bi->ptr=(char *)ctx;
- bi->flags=0;
- return(1);
- }
-
-static int enc_free(BIO *a)
- {
- BIO_ENC_CTX *b;
-
- if (a == NULL) return(0);
- b=(BIO_ENC_CTX *)a->ptr;
- EVP_CIPHER_CTX_cleanup(&(b->cipher));
- memset(a->ptr,0,sizeof(BIO_ENC_CTX));
- OPENSSL_free(a->ptr);
- a->ptr=NULL;
- a->init=0;
- a->flags=0;
- return(1);
- }
-
-static int enc_read(BIO *b, char *out, int outl)
- {
- int ret=0,i;
- BIO_ENC_CTX *ctx;
-
- if (out == NULL) return(0);
- ctx=(BIO_ENC_CTX *)b->ptr;
-
- if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-
- /* First check if there are bytes decoded/encoded */
- if (ctx->buf_len > 0)
- {
- i=ctx->buf_len-ctx->buf_off;
- if (i > outl) i=outl;
- memcpy(out,&(ctx->buf[ctx->buf_off]),i);
- ret=i;
- out+=i;
- outl-=i;
- ctx->buf_off+=i;
- if (ctx->buf_len == ctx->buf_off)
- {
- ctx->buf_len=0;
- ctx->buf_off=0;
- }
- }
-
- /* At this point, we have room of outl bytes and an empty
- * buffer, so we should read in some more. */
-
- while (outl > 0)
- {
- if (ctx->cont <= 0) break;
-
- /* read in at offset 8, read the EVP_Cipher
- * documentation about why */
- i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE);
-
- if (i <= 0)
- {
- /* Should be continue next time we are called? */
- if (!BIO_should_retry(b->next_bio))
- {
- ctx->cont=i;
- i=EVP_CipherFinal(&(ctx->cipher),
- (unsigned char *)ctx->buf,
- &(ctx->buf_len));
- ctx->ok=i;
- ctx->buf_off=0;
- }
- else
- {
- ret=(ret == 0)?i:ret;
- break;
- }
- }
- else
- {
- EVP_CipherUpdate(&(ctx->cipher),
- (unsigned char *)ctx->buf,&ctx->buf_len,
- (unsigned char *)&(ctx->buf[8]),i);
- ctx->cont=1;
- /* Note: it is possible for EVP_CipherUpdate to
- * decrypt zero bytes because this is or looks like
- * the final block: if this happens we should retry
- * and either read more data or decrypt the final
- * block
- */
- if(ctx->buf_len == 0) continue;
- }
-
- if (ctx->buf_len <= outl)
- i=ctx->buf_len;
- else
- i=outl;
- if (i <= 0) break;
- memcpy(out,ctx->buf,i);
- ret+=i;
- ctx->buf_off=i;
- outl-=i;
- out+=i;
- }
-
- BIO_clear_retry_flags(b);
- BIO_copy_next_retry(b);
- return((ret == 0)?ctx->cont:ret);
- }
-
-static int enc_write(BIO *b, const char *in, int inl)
- {
- int ret=0,n,i;
- BIO_ENC_CTX *ctx;
-
- ctx=(BIO_ENC_CTX *)b->ptr;
- ret=inl;
-
- BIO_clear_retry_flags(b);
- n=ctx->buf_len-ctx->buf_off;
- while (n > 0)
- {
- i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
- if (i <= 0)
- {
- BIO_copy_next_retry(b);
- return(i);
- }
- ctx->buf_off+=i;
- n-=i;
- }
- /* at this point all pending data has been written */
-
- if ((in == NULL) || (inl <= 0)) return(0);
-
- ctx->buf_off=0;
- while (inl > 0)
- {
- n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
- EVP_CipherUpdate(&(ctx->cipher),
- (unsigned char *)ctx->buf,&ctx->buf_len,
- (unsigned char *)in,n);
- inl-=n;
- in+=n;
-
- ctx->buf_off=0;
- n=ctx->buf_len;
- while (n > 0)
- {
- i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
- if (i <= 0)
- {
- BIO_copy_next_retry(b);
- return(i);
- }
- n-=i;
- ctx->buf_off+=i;
- }
- ctx->buf_len=0;
- ctx->buf_off=0;
- }
- BIO_copy_next_retry(b);
- return(ret);
- }
-
-static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- BIO *dbio;
- BIO_ENC_CTX *ctx,*dctx;
- long ret=1;
- int i;
- EVP_CIPHER_CTX **c_ctx;
-
- ctx=(BIO_ENC_CTX *)b->ptr;
-
- switch (cmd)
- {
- case BIO_CTRL_RESET:
- ctx->ok=1;
- ctx->finished=0;
- EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL,
- ctx->cipher.encrypt);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_CTRL_EOF: /* More to read */
- if (ctx->cont <= 0)
- ret=1;
- else
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_CTRL_WPENDING:
- ret=ctx->buf_len-ctx->buf_off;
- if (ret <= 0)
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_CTRL_PENDING: /* More to read in buffer */
- ret=ctx->buf_len-ctx->buf_off;
- if (ret <= 0)
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_CTRL_FLUSH:
- /* do a final write */
-again:
- while (ctx->buf_len != ctx->buf_off)
- {
- i=enc_write(b,NULL,0);
- if (i < 0)
- {
- ret=i;
- break;
- }
- }
-
- if (!ctx->finished)
- {
- ctx->finished=1;
- ctx->buf_off=0;
- ret=EVP_CipherFinal(&(ctx->cipher),
- (unsigned char *)ctx->buf,
- &(ctx->buf_len));
- ctx->ok=(int)ret;
- if (ret <= 0) break;
-
- /* push out the bytes */
- goto again;
- }
-
- /* Finally flush the underlying BIO */
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_C_GET_CIPHER_STATUS:
- ret=(long)ctx->ok;
- break;
- case BIO_C_DO_STATE_MACHINE:
- BIO_clear_retry_flags(b);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- BIO_copy_next_retry(b);
- break;
- case BIO_C_GET_CIPHER_CTX:
- c_ctx=(EVP_CIPHER_CTX **)ptr;
- (*c_ctx)= &(ctx->cipher);
- b->init=1;
- break;
- case BIO_CTRL_DUP:
- dbio=(BIO *)ptr;
- dctx=(BIO_ENC_CTX *)dbio->ptr;
- memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher));
- dbio->init=1;
- break;
- default:
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- }
- return(ret);
- }
-
-static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
- {
- long ret=1;
-
- if (b->next_bio == NULL) return(0);
- switch (cmd)
- {
- default:
- ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
- break;
- }
- return(ret);
- }
-
-/*
-void BIO_set_cipher_ctx(b,c)
-BIO *b;
-EVP_CIPHER_ctx *c;
- {
- if (b == NULL) return;
-
- if ((b->callback != NULL) &&
- (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
- return;
-
- b->init=1;
- ctx=(BIO_ENC_CTX *)b->ptr;
- memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
-
- if (b->callback != NULL)
- b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
- }
-*/
-
-void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, unsigned char *k,
- unsigned char *i, int e)
- {
- BIO_ENC_CTX *ctx;
-
- if (b == NULL) return;
-
- if ((b->callback != NULL) &&
- (b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,0L) <= 0))
- return;
-
- b->init=1;
- ctx=(BIO_ENC_CTX *)b->ptr;
- EVP_CipherInit(&(ctx->cipher),c,k,i,e);
-
- if (b->callback != NULL)
- b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L);
- }
-
diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c
deleted file mode 100644
index 2373c247d8..0000000000
--- a/src/lib/libcrypto/evp/bio_md.c
+++ /dev/null
@@ -1,261 +0,0 @@
-/* crypto/evp/bio_md.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-/* BIO_put and BIO_get both add to the digest,
- * BIO_gets returns the digest */
-
-static int md_write(BIO *h, char const *buf, int num);
-static int md_read(BIO *h, char *buf, int size);
-/*static int md_puts(BIO *h, const char *str); */
-static int md_gets(BIO *h, char *str, int size);
-static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int md_new(BIO *h);
-static int md_free(BIO *data);
-static long md_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp);
-
-static BIO_METHOD methods_md=
- {
- BIO_TYPE_MD,"message digest",
- md_write,
- md_read,
- NULL, /* md_puts, */
- md_gets,
- md_ctrl,
- md_new,
- md_free,
- md_callback_ctrl,
- };
-
-BIO_METHOD *BIO_f_md(void)
- {
- return(&methods_md);
- }
-
-static int md_new(BIO *bi)
- {
- EVP_MD_CTX *ctx;
-
- ctx=(EVP_MD_CTX *)OPENSSL_malloc(sizeof(EVP_MD_CTX));
- if (ctx == NULL) return(0);
-
- bi->init=0;
- bi->ptr=(char *)ctx;
- bi->flags=0;
- return(1);
- }
-
-static int md_free(BIO *a)
- {
- if (a == NULL) return(0);
- OPENSSL_free(a->ptr);
- a->ptr=NULL;
- a->init=0;
- a->flags=0;
- return(1);
- }
-
-static int md_read(BIO *b, char *out, int outl)
- {
- int ret=0;
- EVP_MD_CTX *ctx;
-
- if (out == NULL) return(0);
- ctx=(EVP_MD_CTX *)b->ptr;
-
- if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-
- ret=BIO_read(b->next_bio,out,outl);
- if (b->init)
- {
- if (ret > 0)
- {
- EVP_DigestUpdate(ctx,(unsigned char *)out,
- (unsigned int)ret);
- }
- }
- BIO_clear_retry_flags(b);
- BIO_copy_next_retry(b);
- return(ret);
- }
-
-static int md_write(BIO *b, const char *in, int inl)
- {
- int ret=0;
- EVP_MD_CTX *ctx;
-
- if ((in == NULL) || (inl <= 0)) return(0);
- ctx=(EVP_MD_CTX *)b->ptr;
-
- if ((ctx != NULL) && (b->next_bio != NULL))
- ret=BIO_write(b->next_bio,in,inl);
- if (b->init)
- {
- if (ret > 0)
- {
- EVP_DigestUpdate(ctx,(unsigned char *)in,
- (unsigned int)ret);
- }
- }
- BIO_clear_retry_flags(b);
- BIO_copy_next_retry(b);
- return(ret);
- }
-
-static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- EVP_MD_CTX *ctx,*dctx,**pctx;
- const EVP_MD **ppmd;
- EVP_MD *md;
- long ret=1;
- BIO *dbio;
-
- ctx=(EVP_MD_CTX *)b->ptr;
-
- switch (cmd)
- {
- case BIO_CTRL_RESET:
- if (b->init)
- EVP_DigestInit(ctx,ctx->digest);
- else
- ret=0;
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- case BIO_C_GET_MD:
- if (b->init)
- {
- ppmd=(const EVP_MD **)ptr;
- *ppmd=ctx->digest;
- }
- else
- ret=0;
- break;
- case BIO_C_GET_MD_CTX:
- if (b->init)
- {
- pctx=(EVP_MD_CTX **)ptr;
- *pctx=ctx;
- }
- else
- ret=0;
- break;
- case BIO_C_DO_STATE_MACHINE:
- BIO_clear_retry_flags(b);
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- BIO_copy_next_retry(b);
- break;
-
- case BIO_C_SET_MD:
- md=(EVP_MD *)ptr;
- EVP_DigestInit(ctx,md);
- b->init=1;
- break;
- case BIO_CTRL_DUP:
- dbio=(BIO *)ptr;
- dctx=(EVP_MD_CTX *)dbio->ptr;
- memcpy(dctx,ctx,sizeof(ctx));
- b->init=1;
- break;
- default:
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- break;
- }
- return(ret);
- }
-
-static long md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
- {
- long ret=1;
-
- if (b->next_bio == NULL) return(0);
- switch (cmd)
- {
- default:
- ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
- break;
- }
- return(ret);
- }
-
-static int md_gets(BIO *bp, char *buf, int size)
- {
- EVP_MD_CTX *ctx;
- unsigned int ret;
-
-
- ctx=(EVP_MD_CTX *)bp->ptr;
- if (size < ctx->digest->md_size)
- return(0);
- EVP_DigestFinal(ctx,(unsigned char *)buf,&ret);
- return((int)ret);
- }
-
-/*
-static int md_puts(bp,str)
-BIO *bp;
-char *str;
- {
- return(-1);
- }
-*/
-
diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c
deleted file mode 100644
index 1e185830a3..0000000000
--- a/src/lib/libcrypto/evp/c_all.c
+++ /dev/null
@@ -1,67 +0,0 @@
-/* crypto/evp/c_all.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-
-void OpenSSL_add_all_algorithms(void)
-{
- OpenSSL_add_all_ciphers();
- OpenSSL_add_all_digests();
-}
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
deleted file mode 100644
index c560733568..0000000000
--- a/src/lib/libcrypto/evp/digest.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* crypto/evp/digest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-
-void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
- {
- ctx->digest=type;
- type->init(&(ctx->md));
- }
-
-void EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data,
- unsigned int count)
- {
- ctx->digest->update(&(ctx->md.base[0]),data,(unsigned long)count);
- }
-
-void EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
- {
- ctx->digest->final(md,&(ctx->md.base[0]));
- if (size != NULL)
- *size=ctx->digest->md_size;
- memset(&(ctx->md),0,sizeof(ctx->md));
- }
-
-int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in)
-{
- if ((in == NULL) || (in->digest == NULL)) {
- EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
- return 0;
- }
- memcpy((char *)out,(char *)in,in->digest->ctx_size);
- return 1;
-}
diff --git a/src/lib/libcrypto/evp/e_bf.c b/src/lib/libcrypto/evp/e_bf.c
deleted file mode 100644
index 53559b0b65..0000000000
--- a/src/lib/libcrypto/evp/e_bf.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* crypto/evp/e_bf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_BF
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include "evp_locl.h"
-#include <openssl/objects.h>
-
-static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
-
-IMPLEMENT_BLOCK_CIPHER(bf, bf_ks, BF, bf_ks, NID_bf, 8, 16, 8,
- EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL,
- EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-
-static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
- {
- BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key);
- return 1;
- }
-
-#endif
diff --git a/src/lib/libcrypto/evp/e_cast.c b/src/lib/libcrypto/evp/e_cast.c
deleted file mode 100644
index e5af7fb4ed..0000000000
--- a/src/lib/libcrypto/evp/e_cast.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* crypto/evp/e_cast.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_CAST
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "evp_locl.h"
-
-static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv,int enc);
-
-IMPLEMENT_BLOCK_CIPHER(cast5, cast_ks, CAST, cast_ks,
- NID_cast5, 8, EVP_CAST5_KEY_SIZE, 8,
- EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
- EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-
-static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
- {
- CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key);
- return 1;
- }
-
-#endif
diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c
deleted file mode 100644
index f4e998b81c..0000000000
--- a/src/lib/libcrypto/evp/e_des.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* crypto/evp/e_des.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "evp_locl.h"
-
-static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
-
-/* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */
-
-static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
-{
- BLOCK_CIPHER_ecb_loop()
- des_ecb_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), ctx->c.des_ks, ctx->encrypt);
- return 1;
-}
-
-static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
-{
- des_ofb64_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, &ctx->num);
- return 1;
-}
-
-static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
-{
- des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks,
- (des_cblock *)ctx->iv, ctx->encrypt);
- return 1;
-}
-
-static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
-{
- des_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ks,
- (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
- return 1;
-}
-
-BLOCK_CIPHER_defs(des, des_ks, NID_des, 8, 8, 8,
- 0, des_init_key, NULL,
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL)
-
-
-static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
- {
- des_cblock *deskey = (des_cblock *)key;
-
- des_set_key_unchecked(deskey,ctx->c.des_ks);
- return 1;
- }
-
-#endif
diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c
deleted file mode 100644
index a9aba4ae70..0000000000
--- a/src/lib/libcrypto/evp/e_des3.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/* crypto/evp/e_des3.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "evp_locl.h"
-
-static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv,int enc);
-
-static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv,int enc);
-
-/* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
-
-static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
-{
- BLOCK_CIPHER_ecb_loop()
- des_ecb3_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i),
- ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
- ctx->encrypt);
- return 1;
-}
-
-static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
-{
- des_ede3_ofb64_encrypt(in, out, (long)inl,
- ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
- (des_cblock *)ctx->iv, &ctx->num);
- return 1;
-}
-
-static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
-{
- des_ede3_cbc_encrypt(in, out, (long)inl,
- ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
- (des_cblock *)ctx->iv, ctx->encrypt);
- return 1;
-}
-
-static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
-{
- des_ede3_cfb64_encrypt(in, out, (long)inl,
- ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
- (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
- return 1;
-}
-
-#define NID_des_ede_ecb NID_des_ede
-
-BLOCK_CIPHER_defs(des_ede, des_ede, NID_des_ede, 8, 16, 8,
- 0, des_ede_init_key, NULL,
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL)
-
-#define NID_des_ede3_ecb NID_des_ede3
-#define des_ede3_cfb_cipher des_ede_cfb_cipher
-#define des_ede3_ofb_cipher des_ede_ofb_cipher
-#define des_ede3_cbc_cipher des_ede_cbc_cipher
-#define des_ede3_ecb_cipher des_ede_ecb_cipher
-
-BLOCK_CIPHER_defs(des_ede3, des_ede, NID_des_ede3, 8, 24, 8,
- 0, des_ede3_init_key, NULL,
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL)
-
-static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
- {
- des_cblock *deskey = (des_cblock *)key;
-
- des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
- des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
- memcpy( (char *)ctx->c.des_ede.ks3,
- (char *)ctx->c.des_ede.ks1,
- sizeof(ctx->c.des_ede.ks1));
- return 1;
- }
-
-static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
- {
- des_cblock *deskey = (des_cblock *)key;
-
- des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
- des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
- des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
-
- return 1;
- }
-
-EVP_CIPHER *EVP_des_ede(void)
-{
- return &des_ede_ecb;
-}
-
-EVP_CIPHER *EVP_des_ede3(void)
-{
- return &des_ede3_ecb;
-}
-#endif
diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c
deleted file mode 100644
index 8d3c88deb7..0000000000
--- a/src/lib/libcrypto/evp/e_idea.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* crypto/evp/e_idea.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_IDEA
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "evp_locl.h"
-
-static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv,int enc);
-
-/* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special
- * case
- */
-
-static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
-{
- BLOCK_CIPHER_ecb_loop()
- idea_ecb_encrypt(in + i, out + i, &ctx->c.idea_ks);
- return 1;
-}
-
-/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */
-
-BLOCK_CIPHER_func_cbc(idea, idea, idea_ks)
-BLOCK_CIPHER_func_ofb(idea, idea, idea_ks)
-BLOCK_CIPHER_func_cfb(idea, idea, idea_ks)
-
-BLOCK_CIPHER_defs(idea, idea_ks, NID_idea, 8, 16, 8,
- 0, idea_init_key, NULL,
- EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-
-static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
- {
- if(!enc) {
- if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1;
- else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE) enc = 1;
- }
- if (enc) idea_set_encrypt_key(key,&(ctx->c.idea_ks));
- else
- {
- IDEA_KEY_SCHEDULE tmp;
-
- idea_set_encrypt_key(key,&tmp);
- idea_set_decrypt_key(&tmp,&(ctx->c.idea_ks));
- memset((unsigned char *)&tmp,0,
- sizeof(IDEA_KEY_SCHEDULE));
- }
- return 1;
- }
-
-#endif
diff --git a/src/lib/libcrypto/evp/e_null.c b/src/lib/libcrypto/evp/e_null.c
deleted file mode 100644
index e0702cf818..0000000000
--- a/src/lib/libcrypto/evp/e_null.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/* crypto/evp/e_null.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv,int enc);
-static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl);
-static EVP_CIPHER n_cipher=
- {
- NID_undef,
- 1,0,0,
- 0,
- null_init_key,
- null_cipher,
- NULL,
- 0,
- NULL,
- NULL,
- NULL
- };
-
-EVP_CIPHER *EVP_enc_null(void)
- {
- return(&n_cipher);
- }
-
-static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
- {
- memset(&(ctx->c),0,sizeof(ctx->c));
- return 1;
- }
-
-static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
- {
- if (in != out)
- memcpy((char *)out,(char *)in,(int)inl);
- return 1;
- }
-
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c
deleted file mode 100644
index 3955c3ef84..0000000000
--- a/src/lib/libcrypto/evp/e_rc2.c
+++ /dev/null
@@ -1,222 +0,0 @@
-/* crypto/evp/e_rc2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RC2
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "evp_locl.h"
-
-static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv,int enc);
-static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
-static int rc2_magic_to_meth(int i);
-static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
-
-IMPLEMENT_BLOCK_CIPHER(rc2, rc2.ks, RC2, rc2, NID_rc2,
- 8,
- EVP_RC2_KEY_SIZE, 8,
- EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
- rc2_init_key, NULL,
- rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv,
- rc2_ctrl)
-
-#define RC2_40_MAGIC 0xa0
-#define RC2_64_MAGIC 0x78
-#define RC2_128_MAGIC 0x3a
-
-static EVP_CIPHER r2_64_cbc_cipher=
- {
- NID_rc2_64_cbc,
- 8,8 /* 64 bit */,8,
- EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
- rc2_init_key,
- rc2_cbc_cipher,
- NULL,
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)),
- rc2_set_asn1_type_and_iv,
- rc2_get_asn1_type_and_iv,
- rc2_ctrl,
- NULL
- };
-
-static EVP_CIPHER r2_40_cbc_cipher=
- {
- NID_rc2_40_cbc,
- 8,5 /* 40 bit */,8,
- EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
- rc2_init_key,
- rc2_cbc_cipher,
- NULL,
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)),
- rc2_set_asn1_type_and_iv,
- rc2_get_asn1_type_and_iv,
- rc2_ctrl,
- NULL
- };
-
-EVP_CIPHER *EVP_rc2_64_cbc(void)
- {
- return(&r2_64_cbc_cipher);
- }
-
-EVP_CIPHER *EVP_rc2_40_cbc(void)
- {
- return(&r2_40_cbc_cipher);
- }
-
-static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
- {
- RC2_set_key(&(ctx->c.rc2.ks),EVP_CIPHER_CTX_key_length(ctx),
- key,ctx->c.rc2.key_bits);
- return 1;
- }
-
-static int rc2_meth_to_magic(EVP_CIPHER_CTX *e)
- {
- int i;
-
- EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
- if (i == 128) return(RC2_128_MAGIC);
- else if (i == 64) return(RC2_64_MAGIC);
- else if (i == 40) return(RC2_40_MAGIC);
- else return(0);
- }
-
-static int rc2_magic_to_meth(int i)
- {
- if (i == RC2_128_MAGIC) return 128;
- else if (i == RC2_64_MAGIC) return 64;
- else if (i == RC2_40_MAGIC) return 40;
- else
- {
- EVPerr(EVP_F_RC2_MAGIC_TO_METH,EVP_R_UNSUPPORTED_KEY_SIZE);
- return(0);
- }
- }
-
-static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
- {
- long num=0;
- int i=0,l;
- int key_bits;
- unsigned char iv[EVP_MAX_IV_LENGTH];
-
- if (type != NULL)
- {
- l=EVP_CIPHER_CTX_iv_length(c);
- i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l);
- if (i != l)
- return(-1);
- key_bits =rc2_magic_to_meth((int)num);
- if (!key_bits)
- return(-1);
- if(i > 0) EVP_CipherInit(c, NULL, NULL, iv, -1);
- EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
- EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
- }
- return(i);
- }
-
-static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
- {
- long num;
- int i=0,j;
-
- if (type != NULL)
- {
- num=rc2_meth_to_magic(c);
- j=EVP_CIPHER_CTX_iv_length(c);
- i=ASN1_TYPE_set_int_octetstring(type,num,c->oiv,j);
- }
- return(i);
- }
-
-static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
- {
- switch(type) {
-
- case EVP_CTRL_INIT:
- c->c.rc2.key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
- return 1;
-
- case EVP_CTRL_GET_RC2_KEY_BITS:
- *(int *)ptr = c->c.rc2.key_bits;
- return 1;
-
-
- case EVP_CTRL_SET_RC2_KEY_BITS:
- if(arg > 0) {
- c->c.rc2.key_bits = arg;
- return 1;
- }
- return 0;
-
- default:
- return -1;
- }
- }
-
-#endif
diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c
deleted file mode 100644
index 1c1e3b3857..0000000000
--- a/src/lib/libcrypto/evp/e_rc4.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* crypto/evp/e_rc4.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RC4
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv,int enc);
-static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl);
-static EVP_CIPHER r4_cipher=
- {
- NID_rc4,
- 1,EVP_RC4_KEY_SIZE,0,
- EVP_CIPH_VARIABLE_LENGTH,
- rc4_init_key,
- rc4_cipher,
- NULL,
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)),
- NULL,
- NULL,
- NULL
- };
-
-static EVP_CIPHER r4_40_cipher=
- {
- NID_rc4_40,
- 1,5 /* 40 bit */,0,
- EVP_CIPH_VARIABLE_LENGTH,
- rc4_init_key,
- rc4_cipher,
- NULL,
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)),
- NULL,
- NULL,
- NULL
- };
-
-EVP_CIPHER *EVP_rc4(void)
- {
- return(&r4_cipher);
- }
-
-EVP_CIPHER *EVP_rc4_40(void)
- {
- return(&r4_40_cipher);
- }
-
-static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
- {
- memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx));
- RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx),
- ctx->c.rc4.key);
- return 1;
- }
-
-static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
- {
- RC4(&(ctx->c.rc4.ks),inl,in,out);
- return 1;
- }
-#endif
diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c
deleted file mode 100644
index e5b15acc7d..0000000000
--- a/src/lib/libcrypto/evp/e_xcbc_d.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/evp/e_xcbc_d.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DES
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv,int enc);
-static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl);
-static EVP_CIPHER d_xcbc_cipher=
- {
- NID_desx_cbc,
- 8,24,8,
- EVP_CIPH_CBC_MODE,
- desx_cbc_init_key,
- desx_cbc_cipher,
- NULL,
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.desx_cbc)),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
- };
-
-EVP_CIPHER *EVP_desx_cbc(void)
- {
- return(&d_xcbc_cipher);
- }
-
-static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
- {
- des_cblock *deskey = (des_cblock *)key;
-
- des_set_key_unchecked(deskey,ctx->c.desx_cbc.ks);
- memcpy(&(ctx->c.desx_cbc.inw[0]),&(key[8]),8);
- memcpy(&(ctx->c.desx_cbc.outw[0]),&(key[16]),8);
-
- return 1;
- }
-
-static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
- {
- des_xcbc_encrypt(in,out,inl,ctx->c.desx_cbc.ks,
- (des_cblock *)&(ctx->iv[0]),
- &ctx->c.desx_cbc.inw,
- &ctx->c.desx_cbc.outw,
- ctx->encrypt);
- return 1;
- }
-#endif
diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c
deleted file mode 100644
index 6ff9c1783c..0000000000
--- a/src/lib/libcrypto/evp/encode.c
+++ /dev/null
@@ -1,437 +0,0 @@
-/* crypto/evp/encode.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-
-#ifndef CHARSET_EBCDIC
-#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
-#define conv_ascii2bin(a) (data_ascii2bin[(a)&0x7f])
-#else
-/* We assume that PEM encoded files are EBCDIC files
- * (i.e., printable text files). Convert them here while decoding.
- * When encoding, output is EBCDIC (text) format again.
- * (No need for conversion in the conv_bin2ascii macro, as the
- * underlying textstring data_bin2ascii[] is already EBCDIC)
- */
-#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
-#define conv_ascii2bin(a) (data_ascii2bin[os_toascii[a]&0x7f])
-#endif
-
-/* 64 char lines
- * pad input with 0
- * left over chars are set to =
- * 1 byte => xx==
- * 2 bytes => xxx=
- * 3 bytes => xxxx
- */
-#define BIN_PER_LINE (64/4*3)
-#define CHUNKS_PER_LINE (64/4)
-#define CHAR_PER_LINE (64+1)
-
-static unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\
-abcdefghijklmnopqrstuvwxyz0123456789+/";
-
-/* 0xF0 is a EOLN
- * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
- * 0xF2 is EOF
- * 0xE0 is ignore at start of line.
- * 0xFF is error
- */
-
-#define B64_EOLN 0xF0
-#define B64_CR 0xF1
-#define B64_EOF 0xF2
-#define B64_WS 0xE0
-#define B64_ERROR 0xFF
-#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3)
-
-static unsigned char data_ascii2bin[128]={
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
- 0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF,
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
- 0xE0,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
- 0xFF,0xFF,0xFF,0x3E,0xFF,0xF2,0xFF,0x3F,
- 0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,
- 0x3C,0x3D,0xFF,0xFF,0xFF,0x00,0xFF,0xFF,
- 0xFF,0x00,0x01,0x02,0x03,0x04,0x05,0x06,
- 0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,
- 0x0F,0x10,0x11,0x12,0x13,0x14,0x15,0x16,
- 0x17,0x18,0x19,0xFF,0xFF,0xFF,0xFF,0xFF,
- 0xFF,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20,
- 0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,
- 0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,0x30,
- 0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF,
- };
-
-void EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
- {
- ctx->length=48;
- ctx->num=0;
- ctx->line_num=0;
- }
-
-void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
- unsigned char *in, int inl)
- {
- int i,j;
- unsigned int total=0;
-
- *outl=0;
- if (inl == 0) return;
- if ((ctx->num+inl) < ctx->length)
- {
- memcpy(&(ctx->enc_data[ctx->num]),in,inl);
- ctx->num+=inl;
- return;
- }
- if (ctx->num != 0)
- {
- i=ctx->length-ctx->num;
- memcpy(&(ctx->enc_data[ctx->num]),in,i);
- in+=i;
- inl-=i;
- j=EVP_EncodeBlock(out,ctx->enc_data,ctx->length);
- ctx->num=0;
- out+=j;
- *(out++)='\n';
- *out='\0';
- total=j+1;
- }
- while (inl >= ctx->length)
- {
- j=EVP_EncodeBlock(out,in,ctx->length);
- in+=ctx->length;
- inl-=ctx->length;
- out+=j;
- *(out++)='\n';
- *out='\0';
- total+=j+1;
- }
- if (inl != 0)
- memcpy(&(ctx->enc_data[0]),in,inl);
- ctx->num=inl;
- *outl=total;
- }
-
-void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
- {
- unsigned int ret=0;
-
- if (ctx->num != 0)
- {
- ret=EVP_EncodeBlock(out,ctx->enc_data,ctx->num);
- out[ret++]='\n';
- out[ret]='\0';
- ctx->num=0;
- }
- *outl=ret;
- }
-
-int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
- {
- int i,ret=0;
- unsigned long l;
-
- for (i=dlen; i > 0; i-=3)
- {
- if (i >= 3)
- {
- l= (((unsigned long)f[0])<<16L)|
- (((unsigned long)f[1])<< 8L)|f[2];
- *(t++)=conv_bin2ascii(l>>18L);
- *(t++)=conv_bin2ascii(l>>12L);
- *(t++)=conv_bin2ascii(l>> 6L);
- *(t++)=conv_bin2ascii(l );
- }
- else
- {
- l=((unsigned long)f[0])<<16L;
- if (i == 2) l|=((unsigned long)f[1]<<8L);
-
- *(t++)=conv_bin2ascii(l>>18L);
- *(t++)=conv_bin2ascii(l>>12L);
- *(t++)=(i == 1)?'=':conv_bin2ascii(l>> 6L);
- *(t++)='=';
- }
- ret+=4;
- f+=3;
- }
-
- *t='\0';
- return(ret);
- }
-
-void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
- {
- ctx->length=30;
- ctx->num=0;
- ctx->line_num=0;
- ctx->expect_nl=0;
- }
-
-/* -1 for error
- * 0 for last line
- * 1 for full line
- */
-int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
- unsigned char *in, int inl)
- {
- int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl;
- unsigned char *d;
-
- n=ctx->num;
- d=ctx->enc_data;
- ln=ctx->line_num;
- exp_nl=ctx->expect_nl;
-
- /* last line of input. */
- if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF)))
- { rv=0; goto end; }
-
- /* We parse the input data */
- for (i=0; i<inl; i++)
- {
- /* If the current line is > 80 characters, scream alot */
- if (ln >= 80) { rv= -1; goto end; }
-
- /* Get char and put it into the buffer */
- tmp= *(in++);
- v=conv_ascii2bin(tmp);
- /* only save the good data :-) */
- if (!B64_NOT_BASE64(v))
- {
- d[n++]=tmp;
- ln++;
- }
- else if (v == B64_ERROR)
- {
- rv= -1;
- goto end;
- }
-
- /* have we seen a '=' which is 'definitly' the last
- * input line. seof will point to the character that
- * holds it. and eof will hold how many characters to
- * chop off. */
- if (tmp == '=')
- {
- if (seof == -1) seof=n;
- eof++;
- }
-
- /* eoln */
- if (v == B64_EOLN)
- {
- ln=0;
- if (exp_nl)
- {
- exp_nl=0;
- continue;
- }
- }
- exp_nl=0;
-
- /* If we are at the end of input and it looks like a
- * line, process it. */
- if (((i+1) == inl) && (((n&3) == 0) || eof))
- {
- v=B64_EOF;
- /* In case things were given us in really small
- records (so two '=' were given in separate
- updates), eof may contain the incorrect number
- of ending bytes to skip, so let's redo the count */
- eof = 0;
- if (d[n-1] == '=') eof++;
- if (d[n-2] == '=') eof++;
- /* There will never be more than two '=' */
- }
-
- if ((v == B64_EOF) || (n >= 64))
- {
- /* This is needed to work correctly on 64 byte input
- * lines. We process the line and then need to
- * accept the '\n' */
- if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
- tmp2=v;
- if (n > 0)
- {
- v=EVP_DecodeBlock(out,d,n);
- if (v < 0) { rv=0; goto end; }
- n=0;
- ret+=(v-eof);
- }
- else
- {
- eof=1;
- v=0;
- }
-
- /* This is the case where we have had a short
- * but valid input line */
- if ((v < ctx->length) && eof)
- {
- rv=0;
- goto end;
- }
- else
- ctx->length=v;
-
- if (seof >= 0) { rv=0; goto end; }
- out+=v;
- }
- }
- rv=1;
-end:
- *outl=ret;
- ctx->num=n;
- ctx->line_num=ln;
- ctx->expect_nl=exp_nl;
- return(rv);
- }
-
-int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
- {
- int i,ret=0,a,b,c,d;
- unsigned long l;
-
- /* trim white space from the start of the line. */
- while ((conv_ascii2bin(*f) == B64_WS) && (n > 0))
- {
- f++;
- n--;
- }
-
- /* strip off stuff at the end of the line
- * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */
- while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n-1]))))
- n--;
-
- if (n%4 != 0) return(-1);
-
- for (i=0; i<n; i+=4)
- {
- a=conv_ascii2bin(*(f++));
- b=conv_ascii2bin(*(f++));
- c=conv_ascii2bin(*(f++));
- d=conv_ascii2bin(*(f++));
- if ( (a & 0x80) || (b & 0x80) ||
- (c & 0x80) || (d & 0x80))
- return(-1);
- l=( (((unsigned long)a)<<18L)|
- (((unsigned long)b)<<12L)|
- (((unsigned long)c)<< 6L)|
- (((unsigned long)d) ));
- *(t++)=(unsigned char)(l>>16L)&0xff;
- *(t++)=(unsigned char)(l>> 8L)&0xff;
- *(t++)=(unsigned char)(l )&0xff;
- ret+=3;
- }
- return(ret);
- }
-
-int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
- {
- int i;
-
- *outl=0;
- if (ctx->num != 0)
- {
- i=EVP_DecodeBlock(out,ctx->enc_data,ctx->num);
- if (i < 0) return(-1);
- ctx->num=0;
- *outl=i;
- return(1);
- }
- else
- return(1);
- }
-
-#ifdef undef
-int EVP_DecodeValid(unsigned char *buf, int len)
- {
- int i,num=0,bad=0;
-
- if (len == 0) return(-1);
- while (conv_ascii2bin(*buf) == B64_WS)
- {
- buf++;
- len--;
- if (len == 0) return(-1);
- }
-
- for (i=len; i >= 4; i-=4)
- {
- if ( (conv_ascii2bin(buf[0]) >= 0x40) ||
- (conv_ascii2bin(buf[1]) >= 0x40) ||
- (conv_ascii2bin(buf[2]) >= 0x40) ||
- (conv_ascii2bin(buf[3]) >= 0x40))
- return(-1);
- buf+=4;
- num+=1+(buf[2] != '=')+(buf[3] != '=');
- }
- if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
- return(num);
- if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
- (conv_ascii2bin(buf[0]) == B64_EOLN))
- return(num);
- return(1);
- }
-#endif
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
deleted file mode 100644
index fd43127092..0000000000
--- a/src/lib/libcrypto/evp/evp.h
+++ /dev/null
@@ -1,851 +0,0 @@
-/* crypto/evp/evp.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ENVELOPE_H
-#define HEADER_ENVELOPE_H
-
-#ifdef OPENSSL_ALGORITHM_DEFINES
-# include <openssl/opensslconf.h>
-#else
-# define OPENSSL_ALGORITHM_DEFINES
-# include <openssl/opensslconf.h>
-# undef OPENSSL_ALGORITHM_DEFINES
-#endif
-
-#ifndef NO_BIO
-#include <openssl/bio.h>
-#endif
-#ifndef NO_MD2
-#include <openssl/md2.h>
-#endif
-#ifndef NO_MD4
-#include <openssl/md4.h>
-#endif
-#ifndef NO_MD5
-#include <openssl/md5.h>
-#endif
-#ifndef NO_SHA
-#include <openssl/sha.h>
-#endif
-#ifndef NO_RIPEMD
-#include <openssl/ripemd.h>
-#endif
-#ifndef NO_DES
-#include <openssl/des.h>
-#endif
-#ifndef NO_RC4
-#include <openssl/rc4.h>
-#endif
-#ifndef NO_RC2
-#include <openssl/rc2.h>
-#endif
-#ifndef NO_RC5
-#include <openssl/rc5.h>
-#endif
-#ifndef NO_BF
-#include <openssl/blowfish.h>
-#endif
-#ifndef NO_CAST
-#include <openssl/cast.h>
-#endif
-#ifndef NO_IDEA
-#include <openssl/idea.h>
-#endif
-#ifndef NO_MDC2
-#include <openssl/mdc2.h>
-#endif
-
-#define EVP_RC2_KEY_SIZE 16
-#define EVP_RC4_KEY_SIZE 16
-#define EVP_BLOWFISH_KEY_SIZE 16
-#define EVP_CAST5_KEY_SIZE 16
-#define EVP_RC5_32_12_16_KEY_SIZE 16
-#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
-#define EVP_MAX_KEY_LENGTH 24
-#define EVP_MAX_IV_LENGTH 8
-
-#define PKCS5_SALT_LEN 8
-/* Default PKCS#5 iteration count */
-#define PKCS5_DEFAULT_ITER 2048
-
-#ifndef NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#ifndef NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-#ifndef NO_DH
-#include <openssl/dh.h>
-#endif
-
-#include <openssl/objects.h>
-
-#define EVP_PK_RSA 0x0001
-#define EVP_PK_DSA 0x0002
-#define EVP_PK_DH 0x0004
-#define EVP_PKT_SIGN 0x0010
-#define EVP_PKT_ENC 0x0020
-#define EVP_PKT_EXCH 0x0040
-#define EVP_PKS_RSA 0x0100
-#define EVP_PKS_DSA 0x0200
-#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
-
-#define EVP_PKEY_NONE NID_undef
-#define EVP_PKEY_RSA NID_rsaEncryption
-#define EVP_PKEY_RSA2 NID_rsa
-#define EVP_PKEY_DSA NID_dsa
-#define EVP_PKEY_DSA1 NID_dsa_2
-#define EVP_PKEY_DSA2 NID_dsaWithSHA
-#define EVP_PKEY_DSA3 NID_dsaWithSHA1
-#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
-#define EVP_PKEY_DH NID_dhKeyAgreement
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Type needs to be a bit field
- * Sub-type needs to be for variations on the method, as in, can it do
- * arbitrary encryption.... */
-typedef struct evp_pkey_st
- {
- int type;
- int save_type;
- int references;
- union {
- char *ptr;
-#ifndef NO_RSA
- struct rsa_st *rsa; /* RSA */
-#endif
-#ifndef NO_DSA
- struct dsa_st *dsa; /* DSA */
-#endif
-#ifndef NO_DH
- struct dh_st *dh; /* DH */
-#endif
- } pkey;
- int save_parameters;
- STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
- } EVP_PKEY;
-
-#define EVP_PKEY_MO_SIGN 0x0001
-#define EVP_PKEY_MO_VERIFY 0x0002
-#define EVP_PKEY_MO_ENCRYPT 0x0004
-#define EVP_PKEY_MO_DECRYPT 0x0008
-
-#if 0
-/* This structure is required to tie the message digest and signing together.
- * The lookup can be done by md/pkey_method, oid, oid/pkey_method, or
- * oid, md and pkey.
- * This is required because for various smart-card perform the digest and
- * signing/verification on-board. To handle this case, the specific
- * EVP_MD and EVP_PKEY_METHODs need to be closely associated.
- * When a PKEY is created, it will have a EVP_PKEY_METHOD associated with it.
- * This can either be software or a token to provide the required low level
- * routines.
- */
-typedef struct evp_pkey_md_st
- {
- int oid;
- EVP_MD *md;
- EVP_PKEY_METHOD *pkey;
- } EVP_PKEY_MD;
-
-#define EVP_rsa_md2() \
- EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\
- EVP_rsa_pkcs1(),EVP_md2())
-#define EVP_rsa_md5() \
- EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\
- EVP_rsa_pkcs1(),EVP_md5())
-#define EVP_rsa_sha0() \
- EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\
- EVP_rsa_pkcs1(),EVP_sha())
-#define EVP_rsa_sha1() \
- EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\
- EVP_rsa_pkcs1(),EVP_sha1())
-#define EVP_rsa_ripemd160() \
- EVP_PKEY_MD_add(NID_ripemd160WithRSA,\
- EVP_rsa_pkcs1(),EVP_ripemd160())
-#define EVP_rsa_mdc2() \
- EVP_PKEY_MD_add(NID_mdc2WithRSA,\
- EVP_rsa_octet_string(),EVP_mdc2())
-#define EVP_dsa_sha() \
- EVP_PKEY_MD_add(NID_dsaWithSHA,\
- EVP_dsa(),EVP_mdc2())
-#define EVP_dsa_sha1() \
- EVP_PKEY_MD_add(NID_dsaWithSHA1,\
- EVP_dsa(),EVP_sha1())
-
-typedef struct evp_pkey_method_st
- {
- char *name;
- int flags;
- int type; /* RSA, DSA, an SSLeay specific constant */
- int oid; /* For the pub-key type */
- int encrypt_oid; /* pub/priv key encryption */
-
- int (*sign)();
- int (*verify)();
- struct {
- int (*set)(); /* get and/or set the underlying type */
- int (*get)();
- int (*encrypt)();
- int (*decrypt)();
- int (*i2d)();
- int (*d2i)();
- int (*dup)();
- } pub,priv;
- int (*set_asn1_parameters)();
- int (*get_asn1_parameters)();
- } EVP_PKEY_METHOD;
-#endif
-
-#ifndef EVP_MD
-typedef struct env_md_st
- {
- int type;
- int pkey_type;
- int md_size;
- void (*init)();
- void (*update)();
- void (*final)();
-
- int (*sign)();
- int (*verify)();
- int required_pkey_type[5]; /*EVP_PKEY_xxx */
- int block_size;
- int ctx_size; /* how big does the ctx need to be */
- } EVP_MD;
-
-
-
-#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
-
-#ifndef NO_DSA
-#define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \
- {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
- EVP_PKEY_DSA4,0}
-#else
-#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
-#endif
-
-#ifndef NO_RSA
-#define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \
- {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
- RSA_sign_ASN1_OCTET_STRING, \
- RSA_verify_ASN1_OCTET_STRING, \
- {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-#else
-#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
-#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
-#endif
-
-#endif /* !EVP_MD */
-
-typedef struct env_md_ctx_st
- {
- const EVP_MD *digest;
- union {
- unsigned char base[4];
-#ifndef NO_MD2
- MD2_CTX md2;
-#endif
-#ifndef NO_MD5
- MD5_CTX md5;
-#endif
-#ifndef NO_MD4
- MD4_CTX md4;
-#endif
-#ifndef NO_RIPEMD
- RIPEMD160_CTX ripemd160;
-#endif
-#ifndef NO_SHA
- SHA_CTX sha;
-#endif
-#ifndef NO_MDC2
- MDC2_CTX mdc2;
-#endif
- } md;
- } EVP_MD_CTX;
-
-typedef struct evp_cipher_st EVP_CIPHER;
-typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
-
-struct evp_cipher_st
- {
- int nid;
- int block_size;
- int key_len; /* Default value for variable length ciphers */
- int iv_len;
- unsigned long flags; /* Various flags */
- int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc); /* init key */
- int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */
- int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
- int ctx_size; /* how big the ctx needs to be */
- int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
- int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
- int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
- void *app_data; /* Application data */
- };
-
-/* Values for cipher flags */
-
-/* Modes for ciphers */
-
-#define EVP_CIPH_STREAM_CIPHER 0x0
-#define EVP_CIPH_ECB_MODE 0x1
-#define EVP_CIPH_CBC_MODE 0x2
-#define EVP_CIPH_CFB_MODE 0x3
-#define EVP_CIPH_OFB_MODE 0x4
-#define EVP_CIPH_MODE 0x7
-/* Set if variable length cipher */
-#define EVP_CIPH_VARIABLE_LENGTH 0x8
-/* Set if the iv handling should be done by the cipher itself */
-#define EVP_CIPH_CUSTOM_IV 0x10
-/* Set if the cipher's init() function should be called if key is NULL */
-#define EVP_CIPH_ALWAYS_CALL_INIT 0x20
-/* Call ctrl() to init cipher parameters */
-#define EVP_CIPH_CTRL_INIT 0x40
-/* Don't use standard key length function */
-#define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80
-
-/* ctrl() values */
-
-#define EVP_CTRL_INIT 0x0
-#define EVP_CTRL_SET_KEY_LENGTH 0x1
-#define EVP_CTRL_GET_RC2_KEY_BITS 0x2
-#define EVP_CTRL_SET_RC2_KEY_BITS 0x3
-#define EVP_CTRL_GET_RC5_ROUNDS 0x4
-#define EVP_CTRL_SET_RC5_ROUNDS 0x5
-
-typedef struct evp_cipher_info_st
- {
- const EVP_CIPHER *cipher;
- unsigned char iv[EVP_MAX_IV_LENGTH];
- } EVP_CIPHER_INFO;
-
-struct evp_cipher_ctx_st
- {
- const EVP_CIPHER *cipher;
- int encrypt; /* encrypt or decrypt */
- int buf_len; /* number we have left */
-
- unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
- unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
- unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */
- int num; /* used by cfb/ofb mode */
-
- void *app_data; /* application stuff */
- int key_len; /* May change for variable length cipher */
- union {
-#ifndef NO_RC4
- struct
- {
- unsigned char key[EVP_RC4_KEY_SIZE];
- RC4_KEY ks; /* working key */
- } rc4;
-#endif
-#ifndef NO_DES
- des_key_schedule des_ks;/* key schedule */
- struct
- {
- des_key_schedule ks;/* key schedule */
- des_cblock inw;
- des_cblock outw;
- } desx_cbc;
- struct
- {
- des_key_schedule ks1;/* key schedule */
- des_key_schedule ks2;/* key schedule (for ede) */
- des_key_schedule ks3;/* key schedule (for ede3) */
- } des_ede;
-#endif
-#ifndef NO_IDEA
- IDEA_KEY_SCHEDULE idea_ks;/* key schedule */
-#endif
-#ifndef NO_RC2
- struct {
- int key_bits; /* effective key bits */
- RC2_KEY ks;/* key schedule */
- } rc2;
-#endif
-#ifndef NO_RC5
- struct {
- int rounds; /* number of rounds */
- RC5_32_KEY ks;/* key schedule */
- } rc5;
-#endif
-#ifndef NO_BF
- BF_KEY bf_ks;/* key schedule */
-#endif
-#ifndef NO_CAST
- CAST_KEY cast_ks;/* key schedule */
-#endif
- } c;
- };
-
-typedef struct evp_Encode_Ctx_st
- {
- int num; /* number saved in a partial encode/decode */
- int length; /* The length is either the output line length
- * (in input bytes) or the shortest input line
- * length that is ok. Once decoding begins,
- * the length is adjusted up each time a longer
- * line is decoded */
- unsigned char enc_data[80]; /* data to encode */
- int line_num; /* number read on current line */
- int expect_nl;
- } EVP_ENCODE_CTX;
-
-/* Password based encryption function */
-typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
- ASN1_TYPE *param, EVP_CIPHER *cipher,
- EVP_MD *md, int en_de);
-
-#ifndef NO_RSA
-#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
- (char *)(rsa))
-#endif
-
-#ifndef NO_DSA
-#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
- (char *)(dsa))
-#endif
-
-#ifndef NO_DH
-#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
- (char *)(dh))
-#endif
-
-/* Add some extra combinations */
-#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
-#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
-#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
-#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
-
-#define EVP_MD_type(e) ((e)->type)
-#define EVP_MD_pkey_type(e) ((e)->pkey_type)
-#define EVP_MD_size(e) ((e)->md_size)
-#define EVP_MD_block_size(e) ((e)->block_size)
-
-#define EVP_MD_CTX_md(e) ((e)->digest)
-#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
-#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
-#define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
-
-#define EVP_CIPHER_nid(e) ((e)->nid)
-#define EVP_CIPHER_block_size(e) ((e)->block_size)
-#define EVP_CIPHER_key_length(e) ((e)->key_len)
-#define EVP_CIPHER_iv_length(e) ((e)->iv_len)
-#define EVP_CIPHER_flags(e) ((e)->flags)
-#define EVP_CIPHER_mode(e) ((e)->flags) & EVP_CIPH_MODE)
-
-#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
-#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid)
-#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
-#define EVP_CIPHER_CTX_key_length(e) ((e)->key_len)
-#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
-#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
-#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
-#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
-#define EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags)
-#define EVP_CIPHER_CTX_mode(e) ((e)->cipher->flags & EVP_CIPH_MODE)
-
-#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
-#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
-
-#define EVP_SignInit(a,b) EVP_DigestInit(a,b)
-#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
-#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
-#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
-#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
-#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
-
-#ifdef CONST_STRICT
-void BIO_set_md(BIO *,const EVP_MD *md);
-#else
-# define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
-#endif
-#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
-#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
-#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
-#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
-
-#define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l))
-
-#define EVP_add_cipher_alias(n,alias) \
- OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
-#define EVP_add_digest_alias(n,alias) \
- OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
-#define EVP_delete_cipher_alias(alias) \
- OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
-#define EVP_delete_digest_alias(alias) \
- OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
-
-
-int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
-void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
-void EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
- unsigned int cnt);
-void EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
-
-int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
-void EVP_set_pw_prompt(char *prompt);
-char * EVP_get_pw_prompt(void);
-
-int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md,
- const unsigned char *salt, const unsigned char *data, int datal,
- int count, unsigned char *key, unsigned char *iv);
-
-int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
- unsigned char *key, unsigned char *iv);
-int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, unsigned char *in, int inl);
-int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-
-int EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
- unsigned char *key, unsigned char *iv);
-int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, unsigned char *in, int inl);
-int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-
-int EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
- unsigned char *key,unsigned char *iv,int enc);
-int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, unsigned char *in, int inl);
-int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-
-int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
- EVP_PKEY *pkey);
-
-int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf,
- unsigned int siglen,EVP_PKEY *pkey);
-
-int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
- int ekl,unsigned char *iv,EVP_PKEY *priv);
-int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-
-int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
- int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
-void EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
-
-void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
-void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
- int *outl,unsigned char *in,int inl);
-void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
-int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
-
-void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
-int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
- unsigned char *in, int inl);
-int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
- char *out, int *outl);
-int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
-
-void ERR_load_EVP_strings(void );
-
-void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
-int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
-int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
-int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
-
-#ifndef NO_BIO
-BIO_METHOD *BIO_f_md(void);
-BIO_METHOD *BIO_f_base64(void);
-BIO_METHOD *BIO_f_cipher(void);
-BIO_METHOD *BIO_f_reliable(void);
-void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,unsigned char *k,
- unsigned char *i, int enc);
-#endif
-
-EVP_MD *EVP_md_null(void);
-#ifndef NO_MD2
-EVP_MD *EVP_md2(void);
-#endif
-#ifndef NO_MD4
-EVP_MD *EVP_md4(void);
-#endif
-#ifndef NO_MD5
-EVP_MD *EVP_md5(void);
-#endif
-#ifndef NO_SHA
-EVP_MD *EVP_sha(void);
-EVP_MD *EVP_sha1(void);
-EVP_MD *EVP_dss(void);
-EVP_MD *EVP_dss1(void);
-#endif
-#ifndef NO_MDC2
-EVP_MD *EVP_mdc2(void);
-#endif
-#ifndef NO_RIPEMD
-EVP_MD *EVP_ripemd160(void);
-#endif
-EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
-#ifndef NO_DES
-EVP_CIPHER *EVP_des_ecb(void);
-EVP_CIPHER *EVP_des_ede(void);
-EVP_CIPHER *EVP_des_ede3(void);
-EVP_CIPHER *EVP_des_cfb(void);
-EVP_CIPHER *EVP_des_ede_cfb(void);
-EVP_CIPHER *EVP_des_ede3_cfb(void);
-EVP_CIPHER *EVP_des_ofb(void);
-EVP_CIPHER *EVP_des_ede_ofb(void);
-EVP_CIPHER *EVP_des_ede3_ofb(void);
-EVP_CIPHER *EVP_des_cbc(void);
-EVP_CIPHER *EVP_des_ede_cbc(void);
-EVP_CIPHER *EVP_des_ede3_cbc(void);
-EVP_CIPHER *EVP_desx_cbc(void);
-#endif
-#ifndef NO_RC4
-EVP_CIPHER *EVP_rc4(void);
-EVP_CIPHER *EVP_rc4_40(void);
-#endif
-#ifndef NO_IDEA
-EVP_CIPHER *EVP_idea_ecb(void);
-EVP_CIPHER *EVP_idea_cfb(void);
-EVP_CIPHER *EVP_idea_ofb(void);
-EVP_CIPHER *EVP_idea_cbc(void);
-#endif
-#ifndef NO_RC2
-EVP_CIPHER *EVP_rc2_ecb(void);
-EVP_CIPHER *EVP_rc2_cbc(void);
-EVP_CIPHER *EVP_rc2_40_cbc(void);
-EVP_CIPHER *EVP_rc2_64_cbc(void);
-EVP_CIPHER *EVP_rc2_cfb(void);
-EVP_CIPHER *EVP_rc2_ofb(void);
-#endif
-#ifndef NO_BF
-EVP_CIPHER *EVP_bf_ecb(void);
-EVP_CIPHER *EVP_bf_cbc(void);
-EVP_CIPHER *EVP_bf_cfb(void);
-EVP_CIPHER *EVP_bf_ofb(void);
-#endif
-#ifndef NO_CAST
-EVP_CIPHER *EVP_cast5_ecb(void);
-EVP_CIPHER *EVP_cast5_cbc(void);
-EVP_CIPHER *EVP_cast5_cfb(void);
-EVP_CIPHER *EVP_cast5_ofb(void);
-#endif
-#ifndef NO_RC5
-EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
-EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
-EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
-EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
-#endif
-void OpenSSL_add_all_algorithms(void);
-void OpenSSL_add_all_ciphers(void);
-void OpenSSL_add_all_digests(void);
-#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
-#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
-#define SSLeay_add_all_digests() OpenSSL_add_all_digests()
-
-int EVP_add_cipher(EVP_CIPHER *cipher);
-int EVP_add_digest(EVP_MD *digest);
-
-const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
-const EVP_MD *EVP_get_digestbyname(const char *name);
-void EVP_cleanup(void);
-
-int EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key,
- int enc_key_len,EVP_PKEY *private_key);
-int EVP_PKEY_encrypt(unsigned char *enc_key,
- unsigned char *key,int key_len,EVP_PKEY *pub_key);
-int EVP_PKEY_type(int type);
-int EVP_PKEY_bits(EVP_PKEY *pkey);
-int EVP_PKEY_size(EVP_PKEY *pkey);
-int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
-#ifndef NO_RSA
-int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key);
-RSA * EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
-#endif
-#ifndef NO_DSA
-int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key);
-DSA * EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
-#endif
-#ifndef NO_DH
-int EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key);
-DH * EVP_PKEY_get1_DH(EVP_PKEY *pkey);
-#endif
-EVP_PKEY * EVP_PKEY_new(void);
-void EVP_PKEY_free(EVP_PKEY *pkey);
-EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp,
- long length);
-int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
-
-EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp,
- long length);
-EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
- long length);
-int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
-
-int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from);
-int EVP_PKEY_missing_parameters(EVP_PKEY *pkey);
-int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode);
-int EVP_PKEY_cmp_parameters(EVP_PKEY *a,EVP_PKEY *b);
-
-int EVP_CIPHER_type(const EVP_CIPHER *ctx);
-
-/* calls methods */
-int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-
-/* These are used by EVP_CIPHER methods */
-int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
-int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
-
-/* PKCS5 password based encryption */
-int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
- ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
- int en_de);
-int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
- int keylen, unsigned char *out);
-int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
- ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
- int en_de);
-
-void PKCS5_PBE_add(void);
-
-int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
- ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
-int EVP_PBE_alg_add(int nid, EVP_CIPHER *cipher, EVP_MD *md,
- EVP_PBE_KEYGEN *keygen);
-void EVP_PBE_cleanup(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the EVP functions. */
-
-/* Function codes. */
-#define EVP_F_D2I_PKEY 100
-#define EVP_F_EVP_CIPHERINIT 123
-#define EVP_F_EVP_CIPHER_CTX_CTRL 124
-#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
-#define EVP_F_EVP_DECRYPTFINAL 101
-#define EVP_F_EVP_MD_CTX_COPY 110
-#define EVP_F_EVP_OPENINIT 102
-#define EVP_F_EVP_PBE_ALG_ADD 115
-#define EVP_F_EVP_PBE_CIPHERINIT 116
-#define EVP_F_EVP_PKCS82PKEY 111
-#define EVP_F_EVP_PKCS8_SET_BROKEN 112
-#define EVP_F_EVP_PKEY2PKCS8 113
-#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
-#define EVP_F_EVP_PKEY_DECRYPT 104
-#define EVP_F_EVP_PKEY_ENCRYPT 105
-#define EVP_F_EVP_PKEY_GET1_DH 119
-#define EVP_F_EVP_PKEY_GET1_DSA 120
-#define EVP_F_EVP_PKEY_GET1_RSA 121
-#define EVP_F_EVP_PKEY_NEW 106
-#define EVP_F_EVP_SIGNFINAL 107
-#define EVP_F_EVP_VERIFYFINAL 108
-#define EVP_F_PKCS5_PBE_KEYIVGEN 117
-#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
-#define EVP_F_RC2_MAGIC_TO_METH 109
-#define EVP_F_RC5_CTRL 125
-
-/* Reason codes. */
-#define EVP_R_BAD_DECRYPT 100
-#define EVP_R_BN_DECODE_ERROR 112
-#define EVP_R_BN_PUBKEY_ERROR 113
-#define EVP_R_CIPHER_PARAMETER_ERROR 122
-#define EVP_R_CTRL_NOT_IMPLEMENTED 132
-#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
-#define EVP_R_DECODE_ERROR 114
-#define EVP_R_DIFFERENT_KEY_TYPES 101
-#define EVP_R_ENCODE_ERROR 115
-#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
-#define EVP_R_EXPECTING_AN_RSA_KEY 127
-#define EVP_R_EXPECTING_A_DH_KEY 128
-#define EVP_R_EXPECTING_A_DSA_KEY 129
-#define EVP_R_INITIALIZATION_ERROR 134
-#define EVP_R_INPUT_NOT_INITIALIZED 111
-#define EVP_R_INVALID_KEY_LENGTH 130
-#define EVP_R_IV_TOO_LARGE 102
-#define EVP_R_KEYGEN_FAILURE 120
-#define EVP_R_MISSING_PARAMETERS 103
-#define EVP_R_NO_CIPHER_SET 131
-#define EVP_R_NO_DSA_PARAMETERS 116
-#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
-#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
-#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
-#define EVP_R_PUBLIC_KEY_NOT_RSA 106
-#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
-#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
-#define EVP_R_UNSUPPORTED_CIPHER 107
-#define EVP_R_UNSUPPORTED_KEYLENGTH 123
-#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
-#define EVP_R_UNSUPPORTED_KEY_SIZE 108
-#define EVP_R_UNSUPPORTED_PRF 125
-#define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
-#define EVP_R_UNSUPPORTED_SALT_TYPE 126
-#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
-#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
deleted file mode 100644
index e2687f9879..0000000000
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ /dev/null
@@ -1,341 +0,0 @@
-/* crypto/evp/evp_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include "evp_locl.h"
-
-const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
-
-void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
- {
- memset(ctx,0,sizeof(EVP_CIPHER_CTX));
- /* ctx->cipher=NULL; */
- }
-
-int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- unsigned char *key, unsigned char *iv, int enc)
- {
- if(enc && (enc != -1)) enc = 1;
- if (cipher) {
- ctx->cipher=cipher;
- ctx->key_len = cipher->key_len;
- if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
- if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
- EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
- return 0;
- }
- }
- } else if(!ctx->cipher) {
- EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET);
- return 0;
- }
- if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
- switch(EVP_CIPHER_CTX_mode(ctx)) {
-
- case EVP_CIPH_STREAM_CIPHER:
- case EVP_CIPH_ECB_MODE:
- break;
-
- case EVP_CIPH_CFB_MODE:
- case EVP_CIPH_OFB_MODE:
-
- ctx->num = 0;
-
- case EVP_CIPH_CBC_MODE:
-
- if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
- memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
- break;
-
- default:
- return 0;
- break;
- }
- }
-
- if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
- if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
- }
- if(enc != -1) ctx->encrypt=enc;
- ctx->buf_len=0;
- return 1;
- }
-
-int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
- unsigned char *in, int inl)
- {
- if (ctx->encrypt)
- return EVP_EncryptUpdate(ctx,out,outl,in,inl);
- else return EVP_DecryptUpdate(ctx,out,outl,in,inl);
- }
-
-int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
- {
- if (ctx->encrypt)
- return EVP_EncryptFinal(ctx,out,outl);
- else return(EVP_DecryptFinal(ctx,out,outl));
- }
-
-int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- unsigned char *key, unsigned char *iv)
- {
- return EVP_CipherInit(ctx, cipher, key, iv, 1);
- }
-
-int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- unsigned char *key, unsigned char *iv)
- {
- return EVP_CipherInit(ctx, cipher, key, iv, 0);
- }
-
-
-int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
- unsigned char *in, int inl)
- {
- int i,j,bl;
-
- i=ctx->buf_len;
- bl=ctx->cipher->block_size;
- *outl=0;
- if ((inl == 0) && (i != bl)) return 1;
- if (i != 0)
- {
- if (i+inl < bl)
- {
- memcpy(&(ctx->buf[i]),in,inl);
- ctx->buf_len+=inl;
- return 1;
- }
- else
- {
- j=bl-i;
- if (j != 0) memcpy(&(ctx->buf[i]),in,j);
- if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0;
- inl-=j;
- in+=j;
- out+=bl;
- *outl+=bl;
- }
- }
- i=inl%bl; /* how much is left */
- inl-=i;
- if (inl > 0)
- {
- if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0;
- *outl+=inl;
- }
-
- if (i != 0)
- memcpy(ctx->buf,&(in[inl]),i);
- ctx->buf_len=i;
- return 1;
- }
-
-int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
- {
- int i,n,b,bl;
-
- b=ctx->cipher->block_size;
- if (b == 1)
- {
- *outl=0;
- return 1;
- }
- bl=ctx->buf_len;
- n=b-bl;
- for (i=bl; i<b; i++)
- ctx->buf[i]=n;
- if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,b)) return 0;
- *outl=b;
- return 1;
- }
-
-int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
- unsigned char *in, int inl)
- {
- int b,bl,n;
- int keep_last=0;
-
- *outl=0;
- if (inl == 0) return 1;
-
- b=ctx->cipher->block_size;
- if (b > 1)
- {
- /* Is the input a multiple of the block size? */
- bl=ctx->buf_len;
- n=inl+bl;
- if (n%b == 0)
- {
- if (inl < b) /* must be 'just one' buff */
- {
- memcpy(&(ctx->buf[bl]),in,inl);
- ctx->buf_len=b;
- *outl=0;
- return 1;
- }
- keep_last=1;
- inl-=b; /* don't do the last block */
- }
- }
- if(!EVP_EncryptUpdate(ctx,out,outl,in,inl)) return 0;
-
- /* if we have 'decrypted' a multiple of block size, make sure
- * we have a copy of this last block */
- if (keep_last)
- {
- memcpy(&(ctx->buf[0]),&(in[inl]),b);
-#ifdef DEBUG
- if (ctx->buf_len != 0)
- {
- abort();
- }
-#endif
- ctx->buf_len=b;
- }
- return 1;
- }
-
-int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
- {
- int i,b;
- int n;
-
- *outl=0;
- b=ctx->cipher->block_size;
- if (b > 1)
- {
- if (ctx->buf_len != b)
- {
- EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
- return(0);
- }
- if(!EVP_EncryptUpdate(ctx,ctx->buf,&n,ctx->buf,0)) return 0;
- if (n != b)
- return(0);
- n=ctx->buf[b-1];
- if (n > b)
- {
- EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
- return(0);
- }
- for (i=0; i<n; i++)
- {
- if (ctx->buf[--b] != n)
- {
- EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
- return(0);
- }
- }
- n=ctx->cipher->block_size-n;
- for (i=0; i<n; i++)
- out[i]=ctx->buf[i];
- *outl=n;
- }
- else
- *outl=0;
- return(1);
- }
-
-int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
- {
- if ((c->cipher != NULL) && (c->cipher->cleanup != NULL))
- {
- if(!c->cipher->cleanup(c)) return 0;
- }
- memset(c,0,sizeof(EVP_CIPHER_CTX));
- return 1;
- }
-
-int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
- {
- if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
- return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
- if(c->key_len == keylen) return 1;
- if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH))
- {
- c->key_len = keylen;
- return 1;
- }
- EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
- return 0;
- }
-
-int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
-{
- int ret;
- if(!ctx->cipher) {
- EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
- return 0;
- }
-
- if(!ctx->cipher->ctrl) {
- EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
- return 0;
- }
-
- ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
- if(ret == -1) {
- EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
- return 0;
- }
- return ret;
-}
diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c
deleted file mode 100644
index a01412a07c..0000000000
--- a/src/lib/libcrypto/evp/evp_err.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/* crypto/evp/evp_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA EVP_str_functs[]=
- {
-{ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"},
-{ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0), "EVP_CipherInit"},
-{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0), "EVP_CIPHER_CTX_ctrl"},
-{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0), "EVP_CIPHER_CTX_set_key_length"},
-{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"},
-{ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0), "EVP_MD_CTX_copy"},
-{ERR_PACK(0,EVP_F_EVP_OPENINIT,0), "EVP_OpenInit"},
-{ERR_PACK(0,EVP_F_EVP_PBE_ALG_ADD,0), "EVP_PBE_alg_add"},
-{ERR_PACK(0,EVP_F_EVP_PBE_CIPHERINIT,0), "EVP_PBE_CipherInit"},
-{ERR_PACK(0,EVP_F_EVP_PKCS82PKEY,0), "EVP_PKCS82PKEY"},
-{ERR_PACK(0,EVP_F_EVP_PKCS8_SET_BROKEN,0), "EVP_PKCS8_SET_BROKEN"},
-{ERR_PACK(0,EVP_F_EVP_PKEY2PKCS8,0), "EVP_PKEY2PKCS8"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0), "EVP_PKEY_copy_parameters"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0), "EVP_PKEY_decrypt"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DH,0), "EVP_PKEY_get1_DH"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0), "EVP_PKEY_get1_DSA"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0), "EVP_PKEY_get1_RSA"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"},
-{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"},
-{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"},
-{ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0), "PKCS5_PBE_keyivgen"},
-{ERR_PACK(0,EVP_F_PKCS5_V2_PBE_KEYIVGEN,0), "PKCS5_v2_PBE_keyivgen"},
-{ERR_PACK(0,EVP_F_RC2_MAGIC_TO_METH,0), "RC2_MAGIC_TO_METH"},
-{ERR_PACK(0,EVP_F_RC5_CTRL,0), "RC5_CTRL"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA EVP_str_reasons[]=
- {
-{EVP_R_BAD_DECRYPT ,"bad decrypt"},
-{EVP_R_BN_DECODE_ERROR ,"bn decode error"},
-{EVP_R_BN_PUBKEY_ERROR ,"bn pubkey error"},
-{EVP_R_CIPHER_PARAMETER_ERROR ,"cipher parameter error"},
-{EVP_R_CTRL_NOT_IMPLEMENTED ,"ctrl not implemented"},
-{EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED ,"ctrl operation not implemented"},
-{EVP_R_DECODE_ERROR ,"decode error"},
-{EVP_R_DIFFERENT_KEY_TYPES ,"different key types"},
-{EVP_R_ENCODE_ERROR ,"encode error"},
-{EVP_R_EVP_PBE_CIPHERINIT_ERROR ,"evp pbe cipherinit error"},
-{EVP_R_EXPECTING_AN_RSA_KEY ,"expecting an rsa key"},
-{EVP_R_EXPECTING_A_DH_KEY ,"expecting a dh key"},
-{EVP_R_EXPECTING_A_DSA_KEY ,"expecting a dsa key"},
-{EVP_R_INITIALIZATION_ERROR ,"initialization error"},
-{EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"},
-{EVP_R_INVALID_KEY_LENGTH ,"invalid key length"},
-{EVP_R_IV_TOO_LARGE ,"iv too large"},
-{EVP_R_KEYGEN_FAILURE ,"keygen failure"},
-{EVP_R_MISSING_PARAMETERS ,"missing parameters"},
-{EVP_R_NO_CIPHER_SET ,"no cipher set"},
-{EVP_R_NO_DSA_PARAMETERS ,"no dsa parameters"},
-{EVP_R_NO_SIGN_FUNCTION_CONFIGURED ,"no sign function configured"},
-{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"},
-{EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE ,"pkcs8 unknown broken type"},
-{EVP_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"},
-{EVP_R_UNKNOWN_PBE_ALGORITHM ,"unknown pbe algorithm"},
-{EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS ,"unsuported number of rounds"},
-{EVP_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
-{EVP_R_UNSUPPORTED_KEYLENGTH ,"unsupported keylength"},
-{EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION,"unsupported key derivation function"},
-{EVP_R_UNSUPPORTED_KEY_SIZE ,"unsupported key size"},
-{EVP_R_UNSUPPORTED_PRF ,"unsupported prf"},
-{EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM ,"unsupported private key algorithm"},
-{EVP_R_UNSUPPORTED_SALT_TYPE ,"unsupported salt type"},
-{EVP_R_WRONG_FINAL_BLOCK_LENGTH ,"wrong final block length"},
-{EVP_R_WRONG_PUBLIC_KEY_TYPE ,"wrong public key type"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_EVP_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_EVP,EVP_str_functs);
- ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
deleted file mode 100644
index e7434ef9b2..0000000000
--- a/src/lib/libcrypto/evp/evp_key.c
+++ /dev/null
@@ -1,159 +0,0 @@
-/* crypto/evp/evp_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-
-/* should be init to zeros. */
-static char prompt_string[80];
-
-void EVP_set_pw_prompt(char *prompt)
- {
- if (prompt == NULL)
- prompt_string[0]='\0';
- else
- strncpy(prompt_string,prompt,79);
- }
-
-char *EVP_get_pw_prompt(void)
- {
- if (prompt_string[0] == '\0')
- return(NULL);
- else
- return(prompt_string);
- }
-
-/* For historical reasons, the standard function for reading passwords is
- * in the DES library -- if someone ever wants to disable DES,
- * this function will fail */
-int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
- {
-#ifndef NO_DES
- if ((prompt == NULL) && (prompt_string[0] != '\0'))
- prompt=prompt_string;
- return(des_read_pw_string(buf,len,prompt,verify));
-#else
- return -1;
-#endif
- }
-
-int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md,
- const unsigned char *salt, const unsigned char *data, int datal,
- int count, unsigned char *key, unsigned char *iv)
- {
- EVP_MD_CTX c;
- unsigned char md_buf[EVP_MAX_MD_SIZE];
- int niv,nkey,addmd=0;
- unsigned int mds=0,i;
-
- nkey=type->key_len;
- niv=type->iv_len;
-
- if (data == NULL) return(nkey);
-
- for (;;)
- {
- EVP_DigestInit(&c,md);
- if (addmd++)
- EVP_DigestUpdate(&c,&(md_buf[0]),mds);
- EVP_DigestUpdate(&c,data,datal);
- if (salt != NULL)
- EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
- EVP_DigestFinal(&c,&(md_buf[0]),&mds);
-
- for (i=1; i<(unsigned int)count; i++)
- {
- EVP_DigestInit(&c,md);
- EVP_DigestUpdate(&c,&(md_buf[0]),mds);
- EVP_DigestFinal(&c,&(md_buf[0]),&mds);
- }
- i=0;
- if (nkey)
- {
- for (;;)
- {
- if (nkey == 0) break;
- if (i == mds) break;
- if (key != NULL)
- *(key++)=md_buf[i];
- nkey--;
- i++;
- }
- }
- if (niv && (i != mds))
- {
- for (;;)
- {
- if (niv == 0) break;
- if (i == mds) break;
- if (iv != NULL)
- *(iv++)=md_buf[i];
- niv--;
- i++;
- }
- }
- if ((nkey == 0) && (niv == 0)) break;
- }
- memset(&c,0,sizeof(c));
- memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
- return(type->key_len);
- }
-
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c
deleted file mode 100644
index a431945ef5..0000000000
--- a/src/lib/libcrypto/evp/evp_lib.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* crypto/evp/evp_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
- {
- int ret;
-
- if (c->cipher->set_asn1_parameters != NULL)
- ret=c->cipher->set_asn1_parameters(c,type);
- else
- ret=1;
- return(ret);
- }
-
-int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
- {
- int ret;
-
- if (c->cipher->get_asn1_parameters != NULL)
- ret=c->cipher->get_asn1_parameters(c,type);
- else
- ret=1;
- return(ret);
- }
-
-int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
- {
- int i=0,l;
-
- if (type != NULL)
- {
- l=EVP_CIPHER_CTX_iv_length(c);
- i=ASN1_TYPE_get_octetstring(type,c->oiv,l);
- if (i != l)
- return(-1);
- else if (i > 0)
- memcpy(c->iv,c->oiv,l);
- }
- return(i);
- }
-
-int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
- {
- int i=0,j;
-
- if (type != NULL)
- {
- j=EVP_CIPHER_CTX_iv_length(c);
- i=ASN1_TYPE_set_octetstring(type,c->oiv,j);
- }
- return(i);
- }
-
-/* Convert the various cipher NIDs and dummies to a proper OID NID */
-int EVP_CIPHER_type(const EVP_CIPHER *ctx)
-{
- int nid;
- ASN1_OBJECT *otmp;
- nid = EVP_CIPHER_nid(ctx);
-
- switch(nid) {
-
- case NID_rc2_cbc:
- case NID_rc2_64_cbc:
- case NID_rc2_40_cbc:
-
- return NID_rc2_cbc;
-
- case NID_rc4:
- case NID_rc4_40:
-
- return NID_rc4;
-
- default:
- /* Check it has an OID and it is valid */
- otmp = OBJ_nid2obj(nid);
- if(!otmp || !otmp->data) nid = NID_undef;
- ASN1_OBJECT_free(otmp);
- return nid;
- }
-}
-
diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h
deleted file mode 100644
index ce49d5b7d8..0000000000
--- a/src/lib/libcrypto/evp/evp_locl.h
+++ /dev/null
@@ -1,168 +0,0 @@
-/* evp_locl.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Macros to code block cipher wrappers */
-
-/* Wrapper functions for each cipher mode */
-
-#define BLOCK_CIPHER_ecb_loop() \
- unsigned int i; \
- if(inl < 8) return 1;\
- inl -= 8; \
- for(i=0; i <= inl; i+=8) \
-
-#define BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \
-static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
-{\
- BLOCK_CIPHER_ecb_loop() \
- cprefix##_ecb_encrypt(in + i, out + i, &ctx->c.kname, ctx->encrypt);\
- return 1;\
-}
-
-#define BLOCK_CIPHER_func_ofb(cname, cprefix, kname) \
-static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
-{\
- cprefix##_ofb64_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, &ctx->num);\
- return 1;\
-}
-
-#define BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \
-static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
-{\
- cprefix##_cbc_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, ctx->encrypt);\
- return 1;\
-}
-
-#define BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \
-static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
-{\
- cprefix##_cfb64_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, &ctx->num, ctx->encrypt);\
- return 1;\
-}
-
-#define BLOCK_CIPHER_all_funcs(cname, cprefix, kname) \
- BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \
- BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \
- BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \
- BLOCK_CIPHER_func_ofb(cname, cprefix, kname)
-
-#define BLOCK_CIPHER_defs(cname, kstruct, \
- nid, block_size, key_len, iv_len, flags,\
- init_key, cleanup, set_asn1, get_asn1, ctrl)\
-static EVP_CIPHER cname##_cbc = {\
- nid##_cbc, block_size, key_len, iv_len, \
- flags | EVP_CIPH_CBC_MODE,\
- init_key,\
- cname##_cbc_cipher,\
- cleanup,\
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
- set_asn1, get_asn1,\
- ctrl, \
- NULL \
-};\
-EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
-static EVP_CIPHER cname##_cfb = {\
- nid##_cfb64, 1, key_len, iv_len, \
- flags | EVP_CIPH_CFB_MODE,\
- init_key,\
- cname##_cfb_cipher,\
- cleanup,\
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
- set_asn1, get_asn1,\
- ctrl,\
- NULL \
-};\
-EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
-static EVP_CIPHER cname##_ofb = {\
- nid##_ofb64, 1, key_len, iv_len, \
- flags | EVP_CIPH_OFB_MODE,\
- init_key,\
- cname##_ofb_cipher,\
- cleanup,\
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
- set_asn1, get_asn1,\
- ctrl,\
- NULL \
-};\
-EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
-static EVP_CIPHER cname##_ecb = {\
- nid##_ecb, block_size, key_len, iv_len, \
- flags | EVP_CIPH_ECB_MODE,\
- init_key,\
- cname##_ecb_cipher,\
- cleanup,\
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
- set_asn1, get_asn1,\
- ctrl,\
- NULL \
-};\
-EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
-
-
-
-#define IMPLEMENT_BLOCK_CIPHER(cname, kname, cprefix, kstruct, \
- nid, block_size, key_len, iv_len, flags, \
- init_key, cleanup, set_asn1, get_asn1, ctrl) \
- BLOCK_CIPHER_all_funcs(cname, cprefix, kname) \
- BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, flags,\
- init_key, cleanup, set_asn1, get_asn1, ctrl)
-
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
deleted file mode 100644
index 224a422b12..0000000000
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/* evp_pbe.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include "cryptlib.h"
-
-/* Password based encryption (PBE) functions */
-
-static STACK *pbe_algs;
-
-/* Setup a cipher context from a PBE algorithm */
-
-typedef struct {
-int pbe_nid;
-EVP_CIPHER *cipher;
-EVP_MD *md;
-EVP_PBE_KEYGEN *keygen;
-} EVP_PBE_CTL;
-
-int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
- ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
-{
-
- EVP_PBE_CTL *pbetmp, pbelu;
- int i;
- pbelu.pbe_nid = OBJ_obj2nid(pbe_obj);
- if (pbelu.pbe_nid != NID_undef) i = sk_find(pbe_algs, (char *)&pbelu);
- else i = -1;
-
- if (i == -1) {
- char obj_tmp[80];
- EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM);
- if (!pbe_obj) strcpy (obj_tmp, "NULL");
- else i2t_ASN1_OBJECT(obj_tmp, 80, pbe_obj);
- ERR_add_error_data(2, "TYPE=", obj_tmp);
- return 0;
- }
- if(!pass) passlen = 0;
- else if (passlen == -1) passlen = strlen(pass);
- pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i);
- i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher,
- pbetmp->md, en_de);
- if (!i) {
- EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
- return 0;
- }
- return 1;
-}
-
-static int pbe_cmp(const char * const *a, const char * const *b)
-{
- EVP_PBE_CTL **pbe1 = (EVP_PBE_CTL **) a, **pbe2 = (EVP_PBE_CTL **)b;
- return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid);
-}
-
-/* Add a PBE algorithm */
-
-int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md,
- EVP_PBE_KEYGEN *keygen)
-{
- EVP_PBE_CTL *pbe_tmp;
- if (!pbe_algs) pbe_algs = sk_new(pbe_cmp);
- if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) {
- EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- pbe_tmp->pbe_nid = nid;
- pbe_tmp->cipher = cipher;
- pbe_tmp->md = md;
- pbe_tmp->keygen = keygen;
- sk_push (pbe_algs, (char *)pbe_tmp);
- return 1;
-}
-
-void EVP_PBE_cleanup(void)
-{
- sk_pop_free(pbe_algs, OPENSSL_freeFunc);
- pbe_algs = NULL;
-}
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
deleted file mode 100644
index 8df2874f3c..0000000000
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ /dev/null
@@ -1,408 +0,0 @@
-/* evp_pkey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-
-static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
-
-/* Extract a private key from a PKCS8 structure */
-
-EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
-{
- EVP_PKEY *pkey = NULL;
-#ifndef NO_RSA
- RSA *rsa = NULL;
-#endif
-#ifndef NO_DSA
- DSA *dsa = NULL;
- ASN1_INTEGER *privkey;
- ASN1_TYPE *t1, *t2, *param = NULL;
- STACK_OF(ASN1_TYPE) *ndsa = NULL;
- BN_CTX *ctx = NULL;
- int plen;
-#endif
- X509_ALGOR *a;
- unsigned char *p;
- int pkeylen;
- char obj_tmp[80];
-
- if(p8->pkey->type == V_ASN1_OCTET_STRING) {
- p8->broken = PKCS8_OK;
- p = p8->pkey->value.octet_string->data;
- pkeylen = p8->pkey->value.octet_string->length;
- } else {
- p8->broken = PKCS8_NO_OCTET;
- p = p8->pkey->value.sequence->data;
- pkeylen = p8->pkey->value.sequence->length;
- }
- if (!(pkey = EVP_PKEY_new())) {
- EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- a = p8->pkeyalg;
- switch (OBJ_obj2nid(a->algorithm))
- {
-#ifndef NO_RSA
- case NID_rsaEncryption:
- if (!(rsa = d2i_RSAPrivateKey (NULL, &p, pkeylen))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- return NULL;
- }
- EVP_PKEY_assign_RSA (pkey, rsa);
- break;
-#endif
-#ifndef NO_DSA
- case NID_dsa:
- /* PKCS#8 DSA is weird: you just get a private key integer
- * and parameters in the AlgorithmIdentifier the pubkey must
- * be recalculated.
- */
-
- /* Check for broken DSA PKCS#8, UGH! */
- if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) {
- if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen,
- d2i_ASN1_TYPE,
- ASN1_TYPE_free))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
- if(sk_ASN1_TYPE_num(ndsa) != 2 ) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
- /* Handle Two broken types:
- * SEQUENCE {parameters, priv_key}
- * SEQUENCE {pub_key, priv_key}
- */
-
- t1 = sk_ASN1_TYPE_value(ndsa, 0);
- t2 = sk_ASN1_TYPE_value(ndsa, 1);
- if(t1->type == V_ASN1_SEQUENCE) {
- p8->broken = PKCS8_EMBEDDED_PARAM;
- param = t1;
- } else if(a->parameter->type == V_ASN1_SEQUENCE) {
- p8->broken = PKCS8_NS_DB;
- param = a->parameter;
- } else {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
-
- if(t2->type != V_ASN1_INTEGER) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
- privkey = t2->value.integer;
- } else {
- if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
- param = p8->pkeyalg->parameter;
- }
- if (!param || (param->type != V_ASN1_SEQUENCE)) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
- p = param->value.sequence->data;
- plen = param->value.sequence->length;
- if (!(dsa = d2i_DSAparams (NULL, &p, plen))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
- /* We have parameters now set private key */
- if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR);
- goto dsaerr;
- }
- /* Calculate public key (ouch!) */
- if (!(dsa->pub_key = BN_new())) {
- EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
- goto dsaerr;
- }
- if (!(ctx = BN_CTX_new())) {
- EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
- goto dsaerr;
- }
-
- if (!BN_mod_exp(dsa->pub_key, dsa->g,
- dsa->priv_key, dsa->p, ctx)) {
-
- EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR);
- goto dsaerr;
- }
-
- EVP_PKEY_assign_DSA(pkey, dsa);
- BN_CTX_free (ctx);
- if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- else ASN1_INTEGER_free(privkey);
- break;
- dsaerr:
- BN_CTX_free (ctx);
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- DSA_free(dsa);
- EVP_PKEY_free(pkey);
- return NULL;
- break;
-#endif
- default:
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
- if (!a->algorithm) strcpy (obj_tmp, "NULL");
- else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);
- ERR_add_error_data(2, "TYPE=", obj_tmp);
- EVP_PKEY_free (pkey);
- return NULL;
- }
- return pkey;
-}
-
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
-{
- return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
-}
-
-/* Turn a private key into a PKCS8 structure */
-
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
-{
- PKCS8_PRIV_KEY_INFO *p8;
-
- if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- p8->broken = broken;
- ASN1_INTEGER_set (p8->version, 0);
- if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- PKCS8_PRIV_KEY_INFO_free (p8);
- return NULL;
- }
- p8->pkey->type = V_ASN1_OCTET_STRING;
- switch (EVP_PKEY_type(pkey->type)) {
-#ifndef NO_RSA
- case EVP_PKEY_RSA:
-
- if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE;
-
- p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption);
- p8->pkeyalg->parameter->type = V_ASN1_NULL;
- if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey,
- &p8->pkey->value.octet_string)) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- PKCS8_PRIV_KEY_INFO_free (p8);
- return NULL;
- }
- break;
-#endif
-#ifndef NO_DSA
- case EVP_PKEY_DSA:
- if(!dsa_pkey2pkcs8(p8, pkey)) {
- PKCS8_PRIV_KEY_INFO_free (p8);
- return NULL;
- }
-
- break;
-#endif
- default:
- EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
- PKCS8_PRIV_KEY_INFO_free (p8);
- return NULL;
- }
- RAND_add(p8->pkey->value.octet_string->data,
- p8->pkey->value.octet_string->length, 0);
- return p8;
-}
-
-PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
-{
- switch (broken) {
-
- case PKCS8_OK:
- p8->broken = PKCS8_OK;
- return p8;
- break;
-
- case PKCS8_NO_OCTET:
- p8->broken = PKCS8_NO_OCTET;
- p8->pkey->type = V_ASN1_SEQUENCE;
- return p8;
- break;
-
- default:
- EVPerr(EVP_F_EVP_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
- return NULL;
- break;
-
- }
-}
-
-#ifndef NO_DSA
-static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
-{
- ASN1_STRING *params;
- ASN1_INTEGER *prkey;
- ASN1_TYPE *ttmp;
- STACK_OF(ASN1_TYPE) *ndsa;
- unsigned char *p, *q;
- int len;
-
- p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
- len = i2d_DSAparams (pkey->pkey.dsa, NULL);
- if (!(p = OPENSSL_malloc(len))) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- PKCS8_PRIV_KEY_INFO_free (p8);
- return 0;
- }
- q = p;
- i2d_DSAparams (pkey->pkey.dsa, &q);
- params = ASN1_STRING_new();
- ASN1_STRING_set(params, p, len);
- OPENSSL_free(p);
- /* Get private key into integer */
- if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
- return 0;
- }
-
- switch(p8->broken) {
-
- case PKCS8_OK:
- case PKCS8_NO_OCTET:
-
- if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER,
- &p8->pkey->value.octet_string)) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- M_ASN1_INTEGER_free (prkey);
- return 0;
- }
-
- M_ASN1_INTEGER_free (prkey);
- p8->pkeyalg->parameter->value.sequence = params;
- p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
-
- break;
-
- case PKCS8_NS_DB:
-
- p8->pkeyalg->parameter->value.sequence = params;
- p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
- ndsa = sk_ASN1_TYPE_new_null();
- ttmp = ASN1_TYPE_new();
- if (!(ttmp->value.integer = BN_to_ASN1_INTEGER (pkey->pkey.dsa->pub_key, NULL))) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
- PKCS8_PRIV_KEY_INFO_free(p8);
- return 0;
- }
- ttmp->type = V_ASN1_INTEGER;
- sk_ASN1_TYPE_push(ndsa, ttmp);
-
- ttmp = ASN1_TYPE_new();
- ttmp->value.integer = prkey;
- ttmp->type = V_ASN1_INTEGER;
- sk_ASN1_TYPE_push(ndsa, ttmp);
-
- p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
-
- if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
- &p8->pkey->value.octet_string->data,
- &p8->pkey->value.octet_string->length)) {
-
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- M_ASN1_INTEGER_free(prkey);
- return 0;
- }
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- break;
-
- case PKCS8_EMBEDDED_PARAM:
-
- p8->pkeyalg->parameter->type = V_ASN1_NULL;
- ndsa = sk_ASN1_TYPE_new_null();
- ttmp = ASN1_TYPE_new();
- ttmp->value.sequence = params;
- ttmp->type = V_ASN1_SEQUENCE;
- sk_ASN1_TYPE_push(ndsa, ttmp);
-
- ttmp = ASN1_TYPE_new();
- ttmp->value.integer = prkey;
- ttmp->type = V_ASN1_INTEGER;
- sk_ASN1_TYPE_push(ndsa, ttmp);
-
- p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
-
- if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
- &p8->pkey->value.octet_string->data,
- &p8->pkey->value.octet_string->length)) {
-
- EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- M_ASN1_INTEGER_free (prkey);
- return 0;
- }
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- break;
- }
- return 1;
-}
-#endif
diff --git a/src/lib/libcrypto/evp/m_dss.c b/src/lib/libcrypto/evp/m_dss.c
deleted file mode 100644
index 8ea826868e..0000000000
--- a/src/lib/libcrypto/evp/m_dss.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/evp/m_dss.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef NO_SHA
-static EVP_MD dsa_md=
- {
- NID_dsaWithSHA,
- NID_dsaWithSHA,
- SHA_DIGEST_LENGTH,
- SHA1_Init,
- SHA1_Update,
- SHA1_Final,
- EVP_PKEY_DSA_method,
- SHA_CBLOCK,
- sizeof(EVP_MD *)+sizeof(SHA_CTX),
- };
-
-EVP_MD *EVP_dss(void)
- {
- return(&dsa_md);
- }
-#endif
diff --git a/src/lib/libcrypto/evp/m_dss1.c b/src/lib/libcrypto/evp/m_dss1.c
deleted file mode 100644
index 9d8d1ce23e..0000000000
--- a/src/lib/libcrypto/evp/m_dss1.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/evp/m_dss1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_SHA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static EVP_MD dss1_md=
- {
- NID_dsa,
- NID_dsaWithSHA1,
- SHA_DIGEST_LENGTH,
- SHA1_Init,
- SHA1_Update,
- SHA1_Final,
- EVP_PKEY_DSA_method,
- SHA_CBLOCK,
- sizeof(EVP_MD *)+sizeof(SHA_CTX),
- };
-
-EVP_MD *EVP_dss1(void)
- {
- return(&dss1_md);
- }
-#endif
diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c
deleted file mode 100644
index 6a24ceb86d..0000000000
--- a/src/lib/libcrypto/evp/m_md4.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/evp/m_md4.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_MD4
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static EVP_MD md4_md=
- {
- NID_md4,
- 0,
- MD4_DIGEST_LENGTH,
- MD4_Init,
- MD4_Update,
- MD4_Final,
- EVP_PKEY_RSA_method,
- MD4_CBLOCK,
- sizeof(EVP_MD *)+sizeof(MD4_CTX),
- };
-
-EVP_MD *EVP_md4(void)
- {
- return(&md4_md);
- }
-#endif
diff --git a/src/lib/libcrypto/evp/m_md5.c b/src/lib/libcrypto/evp/m_md5.c
deleted file mode 100644
index 9fc9530127..0000000000
--- a/src/lib/libcrypto/evp/m_md5.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/evp/m_md5.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_MD5
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static EVP_MD md5_md=
- {
- NID_md5,
- NID_md5WithRSAEncryption,
- MD5_DIGEST_LENGTH,
- MD5_Init,
- MD5_Update,
- MD5_Final,
- EVP_PKEY_RSA_method,
- MD5_CBLOCK,
- sizeof(EVP_MD *)+sizeof(MD5_CTX),
- };
-
-EVP_MD *EVP_md5(void)
- {
- return(&md5_md);
- }
-#endif
diff --git a/src/lib/libcrypto/evp/m_null.c b/src/lib/libcrypto/evp/m_null.c
deleted file mode 100644
index e2dadf3dab..0000000000
--- a/src/lib/libcrypto/evp/m_null.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/evp/m_null.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static void function(void)
- {
- }
-
-static EVP_MD null_md=
- {
- NID_undef,
- NID_undef,
- 0,
- function,
- function,
- function,
-
- EVP_PKEY_NULL_method,
- 0,
- sizeof(EVP_MD *),
- };
-
-EVP_MD *EVP_md_null(void)
- {
- return(&null_md);
- }
-
-
diff --git a/src/lib/libcrypto/evp/m_ripemd.c b/src/lib/libcrypto/evp/m_ripemd.c
deleted file mode 100644
index 3d781a4e8d..0000000000
--- a/src/lib/libcrypto/evp/m_ripemd.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* crypto/evp/m_ripemd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RIPEMD
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/ripemd.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static EVP_MD ripemd160_md=
- {
- NID_ripemd160,
- NID_ripemd160WithRSA,
- RIPEMD160_DIGEST_LENGTH,
- RIPEMD160_Init,
- RIPEMD160_Update,
- RIPEMD160_Final,
- EVP_PKEY_RSA_method,
- RIPEMD160_CBLOCK,
- sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX),
- };
-
-EVP_MD *EVP_ripemd160(void)
- {
- return(&ripemd160_md);
- }
-#endif
diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c
deleted file mode 100644
index 57a1ab0cce..0000000000
--- a/src/lib/libcrypto/evp/m_sha1.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/evp/m_sha1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_SHA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static EVP_MD sha1_md=
- {
- NID_sha1,
- NID_sha1WithRSAEncryption,
- SHA_DIGEST_LENGTH,
- SHA1_Init,
- SHA1_Update,
- SHA1_Final,
- EVP_PKEY_RSA_method,
- SHA_CBLOCK,
- sizeof(EVP_MD *)+sizeof(SHA_CTX),
- };
-
-EVP_MD *EVP_sha1(void)
- {
- return(&sha1_md);
- }
-#endif
diff --git a/src/lib/libcrypto/evp/names.c b/src/lib/libcrypto/evp/names.c
deleted file mode 100644
index 620f43feaa..0000000000
--- a/src/lib/libcrypto/evp/names.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/evp/names.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_add_cipher(EVP_CIPHER *c)
- {
- int r;
-
- r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c);
- if (r == 0) return(0);
- r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c);
- return(r);
- }
-
-int EVP_add_digest(EVP_MD *md)
- {
- int r;
- const char *name;
-
- name=OBJ_nid2sn(md->type);
- r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(char *)md);
- if (r == 0) return(0);
- r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(char *)md);
- if (r == 0) return(0);
-
- if (md->type != md->pkey_type)
- {
- r=OBJ_NAME_add(OBJ_nid2sn(md->pkey_type),
- OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
- if (r == 0) return(0);
- r=OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
- OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
- }
- return(r);
- }
-
-const EVP_CIPHER *EVP_get_cipherbyname(const char *name)
- {
- const EVP_CIPHER *cp;
-
- cp=(const EVP_CIPHER *)OBJ_NAME_get(name,OBJ_NAME_TYPE_CIPHER_METH);
- return(cp);
- }
-
-const EVP_MD *EVP_get_digestbyname(const char *name)
- {
- const EVP_MD *cp;
-
- cp=(const EVP_MD *)OBJ_NAME_get(name,OBJ_NAME_TYPE_MD_METH);
- return(cp);
- }
-
-void EVP_cleanup(void)
- {
- OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
- OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
- /* The above calls will only clean out the contents of the name
- hash table, but not the hash table itself. The following line
- does that part. -- Richard Levitte */
- OBJ_NAME_cleanup(-1);
-
- EVP_PBE_cleanup();
- }
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
deleted file mode 100644
index 6bfa2c5acb..0000000000
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* p5_crpt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/x509.h>
-#include <openssl/evp.h>
-#include "cryptlib.h"
-
-/* PKCS#5 v1.5 compatible PBE functions: see PKCS#5 v2.0 for more info.
- */
-
-void PKCS5_PBE_add(void)
-{
-#ifndef NO_DES
-# ifndef NO_MD5
-EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(),
- PKCS5_PBE_keyivgen);
-# endif
-# ifndef NO_MD2
-EVP_PBE_alg_add(NID_pbeWithMD2AndDES_CBC, EVP_des_cbc(), EVP_md2(),
- PKCS5_PBE_keyivgen);
-# endif
-# ifndef NO_SHA
-EVP_PBE_alg_add(NID_pbeWithSHA1AndDES_CBC, EVP_des_cbc(), EVP_sha1(),
- PKCS5_PBE_keyivgen);
-# endif
-#endif
-#ifndef NO_RC2
-# ifndef NO_MD5
-EVP_PBE_alg_add(NID_pbeWithMD5AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md5(),
- PKCS5_PBE_keyivgen);
-# endif
-# ifndef NO_MD2
-EVP_PBE_alg_add(NID_pbeWithMD2AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md2(),
- PKCS5_PBE_keyivgen);
-# endif
-# ifndef NO_SHA
-EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(),
- PKCS5_PBE_keyivgen);
-# endif
-#endif
-#ifndef NO_HMAC
-EVP_PBE_alg_add(NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen);
-#endif
-}
-
-int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
- ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
- int en_de)
-{
- EVP_MD_CTX ctx;
- unsigned char md_tmp[EVP_MAX_MD_SIZE];
- unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
- int i;
- PBEPARAM *pbe;
- int saltlen, iter;
- unsigned char *salt, *pbuf;
-
- /* Extract useful info from parameter */
- pbuf = param->value.sequence->data;
- if (!param || (param->type != V_ASN1_SEQUENCE) ||
- !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) {
- EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
- return 0;
- }
-
- if (!pbe->iter) iter = 1;
- else iter = ASN1_INTEGER_get (pbe->iter);
- salt = pbe->salt->data;
- saltlen = pbe->salt->length;
-
- if(!pass) passlen = 0;
- else if(passlen == -1) passlen = strlen(pass);
-
- EVP_DigestInit (&ctx, md);
- EVP_DigestUpdate (&ctx, pass, passlen);
- EVP_DigestUpdate (&ctx, salt, saltlen);
- PBEPARAM_free(pbe);
- EVP_DigestFinal (&ctx, md_tmp, NULL);
- for (i = 1; i < iter; i++) {
- EVP_DigestInit(&ctx, md);
- EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md));
- EVP_DigestFinal (&ctx, md_tmp, NULL);
- }
- memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher));
- memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
- EVP_CIPHER_iv_length(cipher));
- EVP_CipherInit(cctx, cipher, key, iv, en_de);
- memset(md_tmp, 0, EVP_MAX_MD_SIZE);
- memset(key, 0, EVP_MAX_KEY_LENGTH);
- memset(iv, 0, EVP_MAX_IV_LENGTH);
- return 1;
-}
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
deleted file mode 100644
index 717fad68ca..0000000000
--- a/src/lib/libcrypto/evp/p5_crpt2.c
+++ /dev/null
@@ -1,248 +0,0 @@
-/* p5_crpt2.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#if !defined(NO_HMAC) && !defined(NO_SHA)
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/x509.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include "cryptlib.h"
-
-/* set this to print out info about the keygen algorithm */
-/* #define DEBUG_PKCS5V2 */
-
-#ifdef DEBUG_PKCS5V2
- static void h__dump (const unsigned char *p, int len);
-#endif
-
-/* This is an implementation of PKCS#5 v2.0 password based encryption key
- * derivation function PBKDF2 using the only currently defined function HMAC
- * with SHA1. Verified against test vectors posted by Peter Gutmann
- * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list.
- */
-
-int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
- int keylen, unsigned char *out)
-{
- unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4];
- int cplen, j, k, tkeylen;
- unsigned long i = 1;
- HMAC_CTX hctx;
- p = out;
- tkeylen = keylen;
- if(!pass) passlen = 0;
- else if(passlen == -1) passlen = strlen(pass);
- while(tkeylen) {
- if(tkeylen > SHA_DIGEST_LENGTH) cplen = SHA_DIGEST_LENGTH;
- else cplen = tkeylen;
- /* We are unlikely to ever use more than 256 blocks (5120 bits!)
- * but just in case...
- */
- itmp[0] = (unsigned char)((i >> 24) & 0xff);
- itmp[1] = (unsigned char)((i >> 16) & 0xff);
- itmp[2] = (unsigned char)((i >> 8) & 0xff);
- itmp[3] = (unsigned char)(i & 0xff);
- HMAC_Init(&hctx, pass, passlen, EVP_sha1());
- HMAC_Update(&hctx, salt, saltlen);
- HMAC_Update(&hctx, itmp, 4);
- HMAC_Final(&hctx, digtmp, NULL);
- memcpy(p, digtmp, cplen);
- for(j = 1; j < iter; j++) {
- HMAC(EVP_sha1(), pass, passlen,
- digtmp, SHA_DIGEST_LENGTH, digtmp, NULL);
- for(k = 0; k < cplen; k++) p[k] ^= digtmp[k];
- }
- tkeylen-= cplen;
- i++;
- p+= cplen;
- }
- HMAC_cleanup(&hctx);
-#ifdef DEBUG_PKCS5V2
- fprintf(stderr, "Password:\n");
- h__dump (pass, passlen);
- fprintf(stderr, "Salt:\n");
- h__dump (salt, saltlen);
- fprintf(stderr, "Iteration count %d\n", iter);
- fprintf(stderr, "Key:\n");
- h__dump (out, keylen);
-#endif
- return 1;
-}
-
-#ifdef DO_TEST
-main()
-{
- unsigned char out[4];
- unsigned char salt[] = {0x12, 0x34, 0x56, 0x78};
- PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out);
- fprintf(stderr, "Out %02X %02X %02X %02X\n",
- out[0], out[1], out[2], out[3]);
-}
-
-#endif
-
-/* Now the key derivation function itself. This is a bit evil because
- * it has to check the ASN1 parameters are valid: and there are quite a
- * few of them...
- */
-
-int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
- ASN1_TYPE *param, EVP_CIPHER *c, EVP_MD *md,
- int en_de)
-{
- unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH];
- int saltlen, keylen, iter, plen;
- PBE2PARAM *pbe2 = NULL;
- const EVP_CIPHER *cipher;
- PBKDF2PARAM *kdf = NULL;
-
- pbuf = param->value.sequence->data;
- plen = param->value.sequence->length;
- if(!param || (param->type != V_ASN1_SEQUENCE) ||
- !(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
- return 0;
- }
-
- /* See if we recognise the key derivation function */
-
- if(OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
- EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
- goto err;
- }
-
- /* lets see if we recognise the encryption algorithm.
- */
-
- cipher = EVP_get_cipherbyname(
- OBJ_nid2sn(OBJ_obj2nid(pbe2->encryption->algorithm)));
-
- if(!cipher) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
- EVP_R_UNSUPPORTED_CIPHER);
- goto err;
- }
-
- /* Fixup cipher based on AlgorithmIdentifier */
- EVP_CipherInit(ctx, cipher, NULL, NULL, en_de);
- if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
- EVP_R_CIPHER_PARAMETER_ERROR);
- goto err;
- }
- keylen = EVP_CIPHER_CTX_key_length(ctx);
-
- /* Now decode key derivation function */
-
- pbuf = pbe2->keyfunc->parameter->value.sequence->data;
- plen = pbe2->keyfunc->parameter->value.sequence->length;
- if(!pbe2->keyfunc->parameter ||
- (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE) ||
- !(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
- goto err;
- }
-
- PBE2PARAM_free(pbe2);
- pbe2 = NULL;
-
- /* Now check the parameters of the kdf */
-
- if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != keylen)){
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
- EVP_R_UNSUPPORTED_KEYLENGTH);
- goto err;
- }
-
- if(kdf->prf && (OBJ_obj2nid(kdf->prf->algorithm) != NID_hmacWithSHA1)) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
- goto err;
- }
-
- if(kdf->salt->type != V_ASN1_OCTET_STRING) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
- EVP_R_UNSUPPORTED_SALT_TYPE);
- goto err;
- }
-
- /* it seems that its all OK */
- salt = kdf->salt->value.octet_string->data;
- saltlen = kdf->salt->value.octet_string->length;
- iter = ASN1_INTEGER_get(kdf->iter);
- PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key);
- EVP_CipherInit(ctx, NULL, key, NULL, en_de);
- memset(key, 0, keylen);
- PBKDF2PARAM_free(kdf);
- return 1;
-
- err:
- PBE2PARAM_free(pbe2);
- PBKDF2PARAM_free(kdf);
- return 0;
-}
-
-#ifdef DEBUG_PKCS5V2
-static void h__dump (const unsigned char *p, int len)
-{
- for (; len --; p++) fprintf(stderr, "%02X ", *p);
- fprintf(stderr, "\n");
-}
-#endif
-#endif
diff --git a/src/lib/libcrypto/evp/p_dec.c b/src/lib/libcrypto/evp/p_dec.c
deleted file mode 100644
index 57b5daa453..0000000000
--- a/src/lib/libcrypto/evp/p_dec.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* crypto/evp/p_dec.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#ifndef NO_RSA
-#include <openssl/rsa.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_PKEY_decrypt(unsigned char *key, unsigned char *ek, int ekl,
- EVP_PKEY *priv)
- {
- int ret= -1;
-
-#ifndef NO_RSA
- if (priv->type != EVP_PKEY_RSA)
- {
-#endif
- EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
-#ifndef NO_RSA
- goto err;
- }
-
- ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
-err:
-#endif
- return(ret);
- }
diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c
deleted file mode 100644
index 4cf6acaf5d..0000000000
--- a/src/lib/libcrypto/evp/p_enc.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* crypto/evp/p_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#ifndef NO_RSA
-#include <openssl/rsa.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_PKEY_encrypt(unsigned char *ek, unsigned char *key, int key_len,
- EVP_PKEY *pubk)
- {
- int ret=0;
-
-#ifndef NO_RSA
- if (pubk->type != EVP_PKEY_RSA)
- {
-#endif
- EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
-#ifndef NO_RSA
- goto err;
- }
- ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING);
-err:
-#endif
- return(ret);
- }
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
deleted file mode 100644
index 62398ed74d..0000000000
--- a/src/lib/libcrypto/evp/p_lib.c
+++ /dev/null
@@ -1,333 +0,0 @@
-/* crypto/evp/p_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-static void EVP_PKEY_free_it(EVP_PKEY *x);
-int EVP_PKEY_bits(EVP_PKEY *pkey)
- {
-#ifndef NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
- return(BN_num_bits(pkey->pkey.rsa->n));
- else
-#endif
-#ifndef NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- return(BN_num_bits(pkey->pkey.dsa->p));
-#endif
- return(0);
- }
-
-int EVP_PKEY_size(EVP_PKEY *pkey)
- {
- if (pkey == NULL)
- return(0);
-#ifndef NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
- return(RSA_size(pkey->pkey.rsa));
- else
-#endif
-#ifndef NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- return(DSA_size(pkey->pkey.dsa));
-#endif
- return(0);
- }
-
-int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
- {
-#ifndef NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- {
- int ret=pkey->save_parameters=mode;
-
- if (mode >= 0)
- pkey->save_parameters=mode;
- return(ret);
- }
-#endif
- return(0);
- }
-
-int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
- {
- if (to->type != from->type)
- {
- EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES);
- goto err;
- }
-
- if (EVP_PKEY_missing_parameters(from))
- {
- EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
- goto err;
- }
-#ifndef NO_DSA
- if (to->type == EVP_PKEY_DSA)
- {
- BIGNUM *a;
-
- if ((a=BN_dup(from->pkey.dsa->p)) == NULL) goto err;
- if (to->pkey.dsa->p != NULL) BN_free(to->pkey.dsa->p);
- to->pkey.dsa->p=a;
-
- if ((a=BN_dup(from->pkey.dsa->q)) == NULL) goto err;
- if (to->pkey.dsa->q != NULL) BN_free(to->pkey.dsa->q);
- to->pkey.dsa->q=a;
-
- if ((a=BN_dup(from->pkey.dsa->g)) == NULL) goto err;
- if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g);
- to->pkey.dsa->g=a;
- }
-#endif
- return(1);
-err:
- return(0);
- }
-
-int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
- {
-#ifndef NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- {
- DSA *dsa;
-
- dsa=pkey->pkey.dsa;
- if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
- return(1);
- }
-#endif
- return(0);
- }
-
-int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b)
- {
-#ifndef NO_DSA
- if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
- {
- if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
- BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) ||
- BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g))
- return(0);
- else
- return(1);
- }
-#endif
- return(-1);
- }
-
-EVP_PKEY *EVP_PKEY_new(void)
- {
- EVP_PKEY *ret;
-
- ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
- if (ret == NULL)
- {
- EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- ret->type=EVP_PKEY_NONE;
- ret->references=1;
- ret->pkey.ptr=NULL;
- ret->attributes=NULL;
- ret->save_parameters=1;
- return(ret);
- }
-
-int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key)
- {
- if (pkey == NULL) return(0);
- if (pkey->pkey.ptr != NULL)
- EVP_PKEY_free_it(pkey);
- pkey->type=EVP_PKEY_type(type);
- pkey->save_type=type;
- pkey->pkey.ptr=key;
- return(key != NULL);
- }
-
-#ifndef NO_RSA
-int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
-{
- int ret = EVP_PKEY_assign_RSA(pkey, key);
- if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_RSA);
- return ret;
-}
-
-RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
- {
- if(pkey->type != EVP_PKEY_RSA) {
- EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
- return NULL;
- }
- CRYPTO_add(&pkey->pkey.rsa->references, 1, CRYPTO_LOCK_RSA);
- return pkey->pkey.rsa;
-}
-#endif
-
-#ifndef NO_DSA
-int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
-{
- int ret = EVP_PKEY_assign_DSA(pkey, key);
- if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DSA);
- return ret;
-}
-
-DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
- {
- if(pkey->type != EVP_PKEY_DSA) {
- EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
- return NULL;
- }
- CRYPTO_add(&pkey->pkey.dsa->references, 1, CRYPTO_LOCK_DSA);
- return pkey->pkey.dsa;
-}
-#endif
-
-#ifndef NO_DH
-
-int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
-{
- int ret = EVP_PKEY_assign_DH(pkey, key);
- if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DH);
- return ret;
-}
-
-DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
- {
- if(pkey->type != EVP_PKEY_DH) {
- EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
- return NULL;
- }
- CRYPTO_add(&pkey->pkey.dh->references, 1, CRYPTO_LOCK_DH);
- return pkey->pkey.dh;
-}
-#endif
-
-int EVP_PKEY_type(int type)
- {
- switch (type)
- {
- case EVP_PKEY_RSA:
- case EVP_PKEY_RSA2:
- return(EVP_PKEY_RSA);
- case EVP_PKEY_DSA:
- case EVP_PKEY_DSA1:
- case EVP_PKEY_DSA2:
- case EVP_PKEY_DSA3:
- case EVP_PKEY_DSA4:
- return(EVP_PKEY_DSA);
- case EVP_PKEY_DH:
- return(EVP_PKEY_DH);
- default:
- return(NID_undef);
- }
- }
-
-void EVP_PKEY_free(EVP_PKEY *x)
- {
- int i;
-
- if (x == NULL) return;
-
- i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
- REF_PRINT("EVP_PKEY",x);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"EVP_PKEY_free, bad reference count\n");
- abort();
- }
-#endif
- EVP_PKEY_free_it(x);
- OPENSSL_free(x);
- }
-
-static void EVP_PKEY_free_it(EVP_PKEY *x)
- {
- switch (x->type)
- {
-#ifndef NO_RSA
- case EVP_PKEY_RSA:
- case EVP_PKEY_RSA2:
- RSA_free(x->pkey.rsa);
- break;
-#endif
-#ifndef NO_DSA
- case EVP_PKEY_DSA:
- case EVP_PKEY_DSA2:
- case EVP_PKEY_DSA3:
- case EVP_PKEY_DSA4:
- DSA_free(x->pkey.dsa);
- break;
-#endif
-#ifndef NO_DH
- case EVP_PKEY_DH:
- DH_free(x->pkey.dh);
- break;
-#endif
- }
- }
-
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c
deleted file mode 100644
index 2760c00fec..0000000000
--- a/src/lib/libcrypto/evp/p_open.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/evp/p_open.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek,
- int ekl, unsigned char *iv, EVP_PKEY *priv)
- {
- unsigned char *key=NULL;
- int i,size=0,ret=0;
-
- if(type) {
- EVP_CIPHER_CTX_init(ctx);
- if(!EVP_DecryptInit(ctx,type,NULL,NULL)) return 0;
- }
-
- if(!priv) return 1;
-
- if (priv->type != EVP_PKEY_RSA)
- {
- EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
- goto err;
- }
-
- size=RSA_size(priv->pkey.rsa);
- key=(unsigned char *)OPENSSL_malloc(size+2);
- if (key == NULL)
- {
- /* ERROR */
- EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- i=EVP_PKEY_decrypt(key,ek,ekl,priv);
- if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i))
- {
- /* ERROR */
- goto err;
- }
- if(!EVP_DecryptInit(ctx,NULL,key,iv)) goto err;
-
- ret=1;
-err:
- if (key != NULL) memset(key,0,size);
- OPENSSL_free(key);
- return(ret);
- }
-
-int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
- {
- int i;
-
- i=EVP_DecryptFinal(ctx,out,outl);
- EVP_DecryptInit(ctx,NULL,NULL,NULL);
- return(i);
- }
-#else /* !NO_RSA */
-
-# ifdef PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c
deleted file mode 100644
index 2fd1d7e0c2..0000000000
--- a/src/lib/libcrypto/evp/p_seal.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* crypto/evp/p_seal.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#ifndef NO_RSA
-#include <openssl/rsa.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
- int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
- {
- unsigned char key[EVP_MAX_KEY_LENGTH];
- int i;
-
- if(type) {
- EVP_CIPHER_CTX_init(ctx);
- if(!EVP_EncryptInit(ctx,type,NULL,NULL)) return 0;
- }
- if (npubk <= 0) return(0);
- if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0)
- return(0);
- if (EVP_CIPHER_CTX_iv_length(ctx))
- RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx));
-
- if(!EVP_EncryptInit(ctx,NULL,key,iv)) return 0;
-
- for (i=0; i<npubk; i++)
- {
- ekl[i]=EVP_PKEY_encrypt(ek[i],key,EVP_CIPHER_CTX_key_length(ctx),
- pubk[i]);
- if (ekl[i] <= 0) return(-1);
- }
- return(npubk);
- }
-
-/* MACRO
-void EVP_SealUpdate(ctx,out,outl,in,inl)
-EVP_CIPHER_CTX *ctx;
-unsigned char *out;
-int *outl;
-unsigned char *in;
-int inl;
- {
- EVP_EncryptUpdate(ctx,out,outl,in,inl);
- }
-*/
-
-void EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
- {
- EVP_EncryptFinal(ctx,out,outl);
- EVP_EncryptInit(ctx,NULL,NULL,NULL);
- }
diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c
deleted file mode 100644
index 1fa32ac17e..0000000000
--- a/src/lib/libcrypto/evp/p_sign.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* crypto/evp/p_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifdef undef
-void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
- {
- EVP_DigestInit(ctx,type);
- }
-
-void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
- unsigned int count)
- {
- EVP_DigestUpdate(ctx,data,count);
- }
-#endif
-
-int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
- EVP_PKEY *pkey)
- {
- unsigned char m[EVP_MAX_MD_SIZE];
- unsigned int m_len;
- int i,ok=0,v;
- MS_STATIC EVP_MD_CTX tmp_ctx;
-
- *siglen=0;
- EVP_MD_CTX_copy(&tmp_ctx,ctx);
- EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len);
- for (i=0; i<4; i++)
- {
- v=ctx->digest->required_pkey_type[i];
- if (v == 0) break;
- if (pkey->type == v)
- {
- ok=1;
- break;
- }
- }
- if (!ok)
- {
- EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
- return(0);
- }
- if (ctx->digest->sign == NULL)
- {
- EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
- return(0);
- }
- return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen,
- pkey->pkey.ptr));
- }
-
diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c
deleted file mode 100644
index dcb54f3abb..0000000000
--- a/src/lib/libcrypto/evp/p_verify.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* crypto/evp/p_verify.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf,
- unsigned int siglen, EVP_PKEY *pkey)
- {
- unsigned char m[EVP_MAX_MD_SIZE];
- unsigned int m_len;
- int i,ok=0,v;
- MS_STATIC EVP_MD_CTX tmp_ctx;
-
- for (i=0; i<4; i++)
- {
- v=ctx->digest->required_pkey_type[i];
- if (v == 0) break;
- if (pkey->type == v)
- {
- ok=1;
- break;
- }
- }
- if (!ok)
- {
- EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
- return(-1);
- }
- EVP_MD_CTX_copy(&tmp_ctx,ctx);
- EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len);
- if (ctx->digest->verify == NULL)
- {
- EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
- return(0);
- }
-
- return(ctx->digest->verify(ctx->digest->type,m,m_len,
- sigbuf,siglen,pkey->pkey.ptr));
- }
-
diff --git a/src/lib/libcrypto/ex_data.c b/src/lib/libcrypto/ex_data.c
deleted file mode 100644
index 739e543d78..0000000000
--- a/src/lib/libcrypto/ex_data.c
+++ /dev/null
@@ -1,223 +0,0 @@
-/* crypto/ex_data.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
-#include "cryptlib.h"
-
-int CRYPTO_get_ex_new_index(int idx, STACK_OF(CRYPTO_EX_DATA_FUNCS) **skp, long argl, void *argp,
- CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
- {
- int ret= -1;
- CRYPTO_EX_DATA_FUNCS *a;
-
- MemCheck_off();
- if (*skp == NULL)
- *skp=sk_CRYPTO_EX_DATA_FUNCS_new_null();
- if (*skp == NULL)
- {
- CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- a=(CRYPTO_EX_DATA_FUNCS *)OPENSSL_malloc(sizeof(CRYPTO_EX_DATA_FUNCS));
- if (a == NULL)
- {
- CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- a->argl=argl;
- a->argp=argp;
- a->new_func=new_func;
- a->dup_func=dup_func;
- a->free_func=free_func;
- while (sk_CRYPTO_EX_DATA_FUNCS_num(*skp) <= idx)
- {
- if (!sk_CRYPTO_EX_DATA_FUNCS_push(*skp,NULL))
- {
- CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE);
- OPENSSL_free(a);
- goto err;
- }
- }
- sk_CRYPTO_EX_DATA_FUNCS_set(*skp,idx, a);
- ret=idx;
-err:
- MemCheck_on();
- return(ret);
- }
-
-int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
- {
- int i;
-
- if (ad->sk == NULL)
- {
- if ((ad->sk=sk_new_null()) == NULL)
- {
- CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- }
- i=sk_num(ad->sk);
-
- while (i <= idx)
- {
- if (!sk_push(ad->sk,NULL))
- {
- CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- i++;
- }
- sk_set(ad->sk,idx,val);
- return(1);
- }
-
-void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad, int idx)
- {
- if (ad->sk == NULL)
- return(0);
- else if (idx >= sk_num(ad->sk))
- return(0);
- else
- return(sk_value(ad->sk,idx));
- }
-
-/* The callback is called with the 'object', which is the original data object
- * being duplicated, a pointer to the
- * 'new' object to be inserted, the index, and the argi/argp
- */
-int CRYPTO_dup_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, CRYPTO_EX_DATA *to,
- CRYPTO_EX_DATA *from)
- {
- int i,j,m,r;
- CRYPTO_EX_DATA_FUNCS *mm;
- char *from_d;
-
- if (meth == NULL) return(1);
- if (from->sk == NULL) return(1);
- m=sk_CRYPTO_EX_DATA_FUNCS_num(meth);
- j=sk_num(from->sk);
- for (i=0; i<j; i++)
- {
- from_d=CRYPTO_get_ex_data(from,i);
- if (i < m)
- {
- mm=sk_CRYPTO_EX_DATA_FUNCS_value(meth,i);
- if (mm->dup_func != NULL)
- r=mm->dup_func(to,from,(char **)&from_d,i,
- mm->argl,mm->argp);
- }
- CRYPTO_set_ex_data(to,i,from_d);
- }
- return(1);
- }
-
-/* Call each free callback */
-void CRYPTO_free_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad)
- {
- CRYPTO_EX_DATA_FUNCS *m;
- void *ptr;
- int i,max;
-
- if (meth != NULL)
- {
- max=sk_CRYPTO_EX_DATA_FUNCS_num(meth);
- for (i=0; i<max; i++)
- {
- m=sk_CRYPTO_EX_DATA_FUNCS_value(meth,i);
- if ((m != NULL) && (m->free_func != NULL))
- {
- ptr=CRYPTO_get_ex_data(ad,i);
- m->free_func(obj,ptr,ad,i,m->argl,m->argp);
- }
- }
- }
- if (ad->sk != NULL)
- {
- sk_free(ad->sk);
- ad->sk=NULL;
- }
- }
-
-void CRYPTO_new_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad)
- {
- CRYPTO_EX_DATA_FUNCS *m;
- void *ptr;
- int i,max;
-
- ad->sk=NULL;
- if (meth != NULL)
- {
- max=sk_CRYPTO_EX_DATA_FUNCS_num(meth);
- for (i=0; i<max; i++)
- {
- m=sk_CRYPTO_EX_DATA_FUNCS_value(meth,i);
- if ((m != NULL) && (m->new_func != NULL))
- {
- ptr=CRYPTO_get_ex_data(ad,i);
- m->new_func(obj,ptr,ad,i,m->argl,m->argp);
- }
- }
- }
- }
-
-IMPLEMENT_STACK_OF(CRYPTO_EX_DATA_FUNCS)
diff --git a/src/lib/libcrypto/hmac/hmac.c b/src/lib/libcrypto/hmac/hmac.c
deleted file mode 100644
index e1ec79e093..0000000000
--- a/src/lib/libcrypto/hmac/hmac.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/* crypto/hmac/hmac.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/hmac.h>
-
-void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
- const EVP_MD *md)
- {
- int i,j,reset=0;
- unsigned char pad[HMAC_MAX_MD_CBLOCK];
-
- if (md != NULL)
- {
- reset=1;
- ctx->md=md;
- }
- else
- md=ctx->md;
-
- if (key != NULL)
- {
- reset=1;
- j=EVP_MD_block_size(md);
- if (j < len)
- {
- EVP_DigestInit(&ctx->md_ctx,md);
- EVP_DigestUpdate(&ctx->md_ctx,key,len);
- EVP_DigestFinal(&(ctx->md_ctx),ctx->key,
- &ctx->key_length);
- }
- else
- {
- memcpy(ctx->key,key,len);
- ctx->key_length=len;
- }
- if(ctx->key_length != HMAC_MAX_MD_CBLOCK)
- memset(&ctx->key[ctx->key_length], 0,
- HMAC_MAX_MD_CBLOCK - ctx->key_length);
- }
-
- if (reset)
- {
- for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
- pad[i]=0x36^ctx->key[i];
- EVP_DigestInit(&ctx->i_ctx,md);
- EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md));
-
- for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
- pad[i]=0x5c^ctx->key[i];
- EVP_DigestInit(&ctx->o_ctx,md);
- EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md));
- }
-
- memcpy(&ctx->md_ctx,&ctx->i_ctx,sizeof(ctx->i_ctx));
- }
-
-void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len)
- {
- EVP_DigestUpdate(&(ctx->md_ctx),data,len);
- }
-
-void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
- {
- int j;
- unsigned int i;
- unsigned char buf[EVP_MAX_MD_SIZE];
-
- j=EVP_MD_block_size(ctx->md);
-
- EVP_DigestFinal(&(ctx->md_ctx),buf,&i);
- memcpy(&(ctx->md_ctx),&(ctx->o_ctx),sizeof(ctx->o_ctx));
- EVP_DigestUpdate(&(ctx->md_ctx),buf,i);
- EVP_DigestFinal(&(ctx->md_ctx),md,len);
- }
-
-void HMAC_cleanup(HMAC_CTX *ctx)
- {
- memset(ctx,0,sizeof(HMAC_CTX));
- }
-
-unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
- const unsigned char *d, int n, unsigned char *md,
- unsigned int *md_len)
- {
- HMAC_CTX c;
- static unsigned char m[EVP_MAX_MD_SIZE];
-
- if (md == NULL) md=m;
- HMAC_Init(&c,key,key_len,evp_md);
- HMAC_Update(&c,d,n);
- HMAC_Final(&c,md,md_len);
- HMAC_cleanup(&c);
- return(md);
- }
-
diff --git a/src/lib/libcrypto/hmac/hmac.h b/src/lib/libcrypto/hmac/hmac.h
deleted file mode 100644
index 328bad2608..0000000000
--- a/src/lib/libcrypto/hmac/hmac.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/* crypto/hmac/hmac.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#ifndef HEADER_HMAC_H
-#define HEADER_HMAC_H
-
-#ifdef NO_HMAC
-#error HMAC is disabled.
-#endif
-
-#include <openssl/evp.h>
-
-#define HMAC_MAX_MD_CBLOCK 64
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct hmac_ctx_st
- {
- const EVP_MD *md;
- EVP_MD_CTX md_ctx;
- EVP_MD_CTX i_ctx;
- EVP_MD_CTX o_ctx;
- unsigned int key_length;
- unsigned char key[HMAC_MAX_MD_CBLOCK];
- } HMAC_CTX;
-
-#define HMAC_size(e) (EVP_MD_size((e)->md))
-
-
-void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
- const EVP_MD *md);
-void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
-void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
-void HMAC_cleanup(HMAC_CTX *ctx);
-unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
- const unsigned char *d, int n, unsigned char *md,
- unsigned int *md_len);
-
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/idea/idea.h b/src/lib/libcrypto/idea/idea.h
deleted file mode 100644
index f14adf8398..0000000000
--- a/src/lib/libcrypto/idea/idea.h
+++ /dev/null
@@ -1,99 +0,0 @@
-/* crypto/idea/idea.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_IDEA_H
-#define HEADER_IDEA_H
-
-#ifdef NO_IDEA
-#error IDEA is disabled.
-#endif
-
-#define IDEA_ENCRYPT 1
-#define IDEA_DECRYPT 0
-
-#include <openssl/opensslconf.h> /* IDEA_INT */
-#define IDEA_BLOCK 8
-#define IDEA_KEY_LENGTH 16
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct idea_key_st
- {
- IDEA_INT data[9][6];
- } IDEA_KEY_SCHEDULE;
-
-const char *idea_options(void);
-void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
- IDEA_KEY_SCHEDULE *ks);
-void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
-void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
-void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
- long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
-void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
- int *num,int enc);
-void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
-void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/lhash/lh_stats.c b/src/lib/libcrypto/lhash/lh_stats.c
deleted file mode 100644
index ee0600060e..0000000000
--- a/src/lib/libcrypto/lhash/lh_stats.c
+++ /dev/null
@@ -1,274 +0,0 @@
-/* crypto/lhash/lh_stats.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-/* If you wish to build this outside of SSLeay, remove the following lines
- * and things should work as expected */
-#include "cryptlib.h"
-
-#ifndef NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/lhash.h>
-
-#ifdef NO_BIO
-
-void lh_stats(LHASH *lh, FILE *out)
- {
- fprintf(out,"num_items = %lu\n",lh->num_items);
- fprintf(out,"num_nodes = %u\n",lh->num_nodes);
- fprintf(out,"num_alloc_nodes = %u\n",lh->num_alloc_nodes);
- fprintf(out,"num_expands = %lu\n",lh->num_expands);
- fprintf(out,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs);
- fprintf(out,"num_contracts = %lu\n",lh->num_contracts);
- fprintf(out,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs);
- fprintf(out,"num_hash_calls = %lu\n",lh->num_hash_calls);
- fprintf(out,"num_comp_calls = %lu\n",lh->num_comp_calls);
- fprintf(out,"num_insert = %lu\n",lh->num_insert);
- fprintf(out,"num_replace = %lu\n",lh->num_replace);
- fprintf(out,"num_delete = %lu\n",lh->num_delete);
- fprintf(out,"num_no_delete = %lu\n",lh->num_no_delete);
- fprintf(out,"num_retrieve = %lu\n",lh->num_retrieve);
- fprintf(out,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss);
- fprintf(out,"num_hash_comps = %lu\n",lh->num_hash_comps);
-#ifdef DEBUG
- fprintf(out,"p = %u\n",lh->p);
- fprintf(out,"pmax = %u\n",lh->pmax);
- fprintf(out,"up_load = %lu\n",lh->up_load);
- fprintf(out,"down_load = %lu\n",lh->down_load);
-#endif
- }
-
-void lh_node_stats(LHASH *lh, FILE *out)
- {
- LHASH_NODE *n;
- unsigned int i,num;
-
- for (i=0; i<lh->num_nodes; i++)
- {
- for (n=lh->b[i],num=0; n != NULL; n=n->next)
- num++;
- fprintf(out,"node %6u -> %3u\n",i,num);
- }
- }
-
-void lh_node_usage_stats(LHASH *lh, FILE *out)
- {
- LHASH_NODE *n;
- unsigned long num;
- unsigned int i;
- unsigned long total=0,n_used=0;
-
- for (i=0; i<lh->num_nodes; i++)
- {
- for (n=lh->b[i],num=0; n != NULL; n=n->next)
- num++;
- if (num != 0)
- {
- n_used++;
- total+=num;
- }
- }
- fprintf(out,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
- fprintf(out,"%lu items\n",total);
- if (n_used == 0) return;
- fprintf(out,"load %d.%02d actual load %d.%02d\n",
- (int)(total/lh->num_nodes),
- (int)((total%lh->num_nodes)*100/lh->num_nodes),
- (int)(total/n_used),
- (int)((total%n_used)*100/n_used));
- }
-
-#else
-
-#ifndef NO_FP_API
-void lh_stats(LHASH *lh, FILE *fp)
- {
- BIO *bp;
-
- bp=BIO_new(BIO_s_file());
- if (bp == NULL) goto end;
- BIO_set_fp(bp,fp,BIO_NOCLOSE);
- lh_stats_bio(lh,bp);
- BIO_free(bp);
-end:;
- }
-
-void lh_node_stats(LHASH *lh, FILE *fp)
- {
- BIO *bp;
-
- bp=BIO_new(BIO_s_file());
- if (bp == NULL) goto end;
- BIO_set_fp(bp,fp,BIO_NOCLOSE);
- lh_node_stats_bio(lh,bp);
- BIO_free(bp);
-end:;
- }
-
-void lh_node_usage_stats(LHASH *lh, FILE *fp)
- {
- BIO *bp;
-
- bp=BIO_new(BIO_s_file());
- if (bp == NULL) goto end;
- BIO_set_fp(bp,fp,BIO_NOCLOSE);
- lh_node_usage_stats_bio(lh,bp);
- BIO_free(bp);
-end:;
- }
-
-#endif
-
-void lh_stats_bio(LHASH *lh, BIO *out)
- {
- char buf[128];
-
- sprintf(buf,"num_items = %lu\n",lh->num_items);
- BIO_puts(out,buf);
- sprintf(buf,"num_nodes = %u\n",lh->num_nodes);
- BIO_puts(out,buf);
- sprintf(buf,"num_alloc_nodes = %u\n",lh->num_alloc_nodes);
- BIO_puts(out,buf);
- sprintf(buf,"num_expands = %lu\n",lh->num_expands);
- BIO_puts(out,buf);
- sprintf(buf,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs);
- BIO_puts(out,buf);
- sprintf(buf,"num_contracts = %lu\n",lh->num_contracts);
- BIO_puts(out,buf);
- sprintf(buf,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs);
- BIO_puts(out,buf);
- sprintf(buf,"num_hash_calls = %lu\n",lh->num_hash_calls);
- BIO_puts(out,buf);
- sprintf(buf,"num_comp_calls = %lu\n",lh->num_comp_calls);
- BIO_puts(out,buf);
- sprintf(buf,"num_insert = %lu\n",lh->num_insert);
- BIO_puts(out,buf);
- sprintf(buf,"num_replace = %lu\n",lh->num_replace);
- BIO_puts(out,buf);
- sprintf(buf,"num_delete = %lu\n",lh->num_delete);
- BIO_puts(out,buf);
- sprintf(buf,"num_no_delete = %lu\n",lh->num_no_delete);
- BIO_puts(out,buf);
- sprintf(buf,"num_retrieve = %lu\n",lh->num_retrieve);
- BIO_puts(out,buf);
- sprintf(buf,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss);
- BIO_puts(out,buf);
- sprintf(buf,"num_hash_comps = %lu\n",lh->num_hash_comps);
- BIO_puts(out,buf);
-#ifdef DEBUG
- sprintf(buf,"p = %u\n",lh->p);
- BIO_puts(out,buf);
- sprintf(buf,"pmax = %u\n",lh->pmax);
- BIO_puts(out,buf);
- sprintf(buf,"up_load = %lu\n",lh->up_load);
- BIO_puts(out,buf);
- sprintf(buf,"down_load = %lu\n",lh->down_load);
- BIO_puts(out,buf);
-#endif
- }
-
-void lh_node_stats_bio(LHASH *lh, BIO *out)
- {
- LHASH_NODE *n;
- unsigned int i,num;
- char buf[128];
-
- for (i=0; i<lh->num_nodes; i++)
- {
- for (n=lh->b[i],num=0; n != NULL; n=n->next)
- num++;
- sprintf(buf,"node %6u -> %3u\n",i,num);
- BIO_puts(out,buf);
- }
- }
-
-void lh_node_usage_stats_bio(LHASH *lh, BIO *out)
- {
- LHASH_NODE *n;
- unsigned long num;
- unsigned int i;
- unsigned long total=0,n_used=0;
- char buf[128];
-
- for (i=0; i<lh->num_nodes; i++)
- {
- for (n=lh->b[i],num=0; n != NULL; n=n->next)
- num++;
- if (num != 0)
- {
- n_used++;
- total+=num;
- }
- }
- sprintf(buf,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
- BIO_puts(out,buf);
- sprintf(buf,"%lu items\n",total);
- BIO_puts(out,buf);
- if (n_used == 0) return;
- sprintf(buf,"load %d.%02d actual load %d.%02d\n",
- (int)(total/lh->num_nodes),
- (int)((total%lh->num_nodes)*100/lh->num_nodes),
- (int)(total/n_used),
- (int)((total%n_used)*100/n_used));
- BIO_puts(out,buf);
- }
-
-#endif
diff --git a/src/lib/libcrypto/lhash/lhash.c b/src/lib/libcrypto/lhash/lhash.c
deleted file mode 100644
index 7da14620a4..0000000000
--- a/src/lib/libcrypto/lhash/lhash.c
+++ /dev/null
@@ -1,461 +0,0 @@
-/* crypto/lhash/lhash.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Code for dynamic hash table routines
- * Author - Eric Young v 2.0
- *
- * 2.2 eay - added #include "crypto.h" so the memory leak checking code is
- * present. eay 18-Jun-98
- *
- * 2.1 eay - Added an 'error in last operation' flag. eay 6-May-98
- *
- * 2.0 eay - Fixed a bug that occurred when using lh_delete
- * from inside lh_doall(). As entries were deleted,
- * the 'table' was 'contract()ed', making some entries
- * jump from the end of the table to the start, there by
- * skipping the lh_doall() processing. eay - 4/12/95
- *
- * 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs
- * were not being free()ed. 21/11/95
- *
- * 1.8 eay - Put the stats routines into a separate file, lh_stats.c
- * 19/09/95
- *
- * 1.7 eay - Removed the fputs() for realloc failures - the code
- * should silently tolerate them. I have also fixed things
- * lint complained about 04/05/95
- *
- * 1.6 eay - Fixed an invalid pointers in contract/expand 27/07/92
- *
- * 1.5 eay - Fixed a misuse of realloc in expand 02/03/1992
- *
- * 1.4 eay - Fixed lh_doall so the function can call lh_delete 28/05/91
- *
- * 1.3 eay - Fixed a few lint problems 19/3/1991
- *
- * 1.2 eay - Fixed lh_doall problem 13/3/1991
- *
- * 1.1 eay - Added lh_doall
- *
- * 1.0 eay - First version
- */
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-
-const char *lh_version="lhash" OPENSSL_VERSION_PTEXT;
-
-#undef MIN_NODES
-#define MIN_NODES 16
-#define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */
-#define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */
-
-static void expand(LHASH *lh);
-static void contract(LHASH *lh);
-static LHASH_NODE **getrn(LHASH *lh, void *data, unsigned long *rhash);
-
-LHASH *lh_new(unsigned long (*h)(), int (*c)())
- {
- LHASH *ret;
- int i;
-
- if ((ret=(LHASH *)OPENSSL_malloc(sizeof(LHASH))) == NULL)
- goto err0;
- if ((ret->b=(LHASH_NODE **)OPENSSL_malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL)
- goto err1;
- for (i=0; i<MIN_NODES; i++)
- ret->b[i]=NULL;
- ret->comp=((c == NULL)?(int (*)())strcmp:c);
- ret->hash=((h == NULL)?(unsigned long (*)())lh_strhash:h);
- ret->num_nodes=MIN_NODES/2;
- ret->num_alloc_nodes=MIN_NODES;
- ret->p=0;
- ret->pmax=MIN_NODES/2;
- ret->up_load=UP_LOAD;
- ret->down_load=DOWN_LOAD;
- ret->num_items=0;
-
- ret->num_expands=0;
- ret->num_expand_reallocs=0;
- ret->num_contracts=0;
- ret->num_contract_reallocs=0;
- ret->num_hash_calls=0;
- ret->num_comp_calls=0;
- ret->num_insert=0;
- ret->num_replace=0;
- ret->num_delete=0;
- ret->num_no_delete=0;
- ret->num_retrieve=0;
- ret->num_retrieve_miss=0;
- ret->num_hash_comps=0;
-
- ret->error=0;
- return(ret);
-err1:
- OPENSSL_free(ret);
-err0:
- return(NULL);
- }
-
-void lh_free(LHASH *lh)
- {
- unsigned int i;
- LHASH_NODE *n,*nn;
-
- if (lh == NULL)
- return;
-
- for (i=0; i<lh->num_nodes; i++)
- {
- n=lh->b[i];
- while (n != NULL)
- {
- nn=n->next;
- OPENSSL_free(n);
- n=nn;
- }
- }
- OPENSSL_free(lh->b);
- OPENSSL_free(lh);
- }
-
-void *lh_insert(LHASH *lh, void *data)
- {
- unsigned long hash;
- LHASH_NODE *nn,**rn;
- void *ret;
-
- lh->error=0;
- if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))
- expand(lh);
-
- rn=getrn(lh,data,&hash);
-
- if (*rn == NULL)
- {
- if ((nn=(LHASH_NODE *)OPENSSL_malloc(sizeof(LHASH_NODE))) == NULL)
- {
- lh->error++;
- return(NULL);
- }
- nn->data=data;
- nn->next=NULL;
-#ifndef NO_HASH_COMP
- nn->hash=hash;
-#endif
- *rn=nn;
- ret=NULL;
- lh->num_insert++;
- lh->num_items++;
- }
- else /* replace same key */
- {
- ret= (*rn)->data;
- (*rn)->data=data;
- lh->num_replace++;
- }
- return(ret);
- }
-
-void *lh_delete(LHASH *lh, void *data)
- {
- unsigned long hash;
- LHASH_NODE *nn,**rn;
- void *ret;
-
- lh->error=0;
- rn=getrn(lh,data,&hash);
-
- if (*rn == NULL)
- {
- lh->num_no_delete++;
- return(NULL);
- }
- else
- {
- nn= *rn;
- *rn=nn->next;
- ret=nn->data;
- OPENSSL_free(nn);
- lh->num_delete++;
- }
-
- lh->num_items--;
- if ((lh->num_nodes > MIN_NODES) &&
- (lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)))
- contract(lh);
-
- return(ret);
- }
-
-void *lh_retrieve(LHASH *lh, void *data)
- {
- unsigned long hash;
- LHASH_NODE **rn;
- void *ret;
-
- lh->error=0;
- rn=getrn(lh,data,&hash);
-
- if (*rn == NULL)
- {
- lh->num_retrieve_miss++;
- return(NULL);
- }
- else
- {
- ret= (*rn)->data;
- lh->num_retrieve++;
- }
- return(ret);
- }
-
-void lh_doall(LHASH *lh, void (*func)())
- {
- lh_doall_arg(lh,func,NULL);
- }
-
-void lh_doall_arg(LHASH *lh, void (*func)(), void *arg)
- {
- int i;
- LHASH_NODE *a,*n;
-
- /* reverse the order so we search from 'top to bottom'
- * We were having memory leaks otherwise */
- for (i=lh->num_nodes-1; i>=0; i--)
- {
- a=lh->b[i];
- while (a != NULL)
- {
- /* 28/05/91 - eay - n added so items can be deleted
- * via lh_doall */
- n=a->next;
- func(a->data,arg);
- a=n;
- }
- }
- }
-
-static void expand(LHASH *lh)
- {
- LHASH_NODE **n,**n1,**n2,*np;
- unsigned int p,i,j;
- unsigned long hash,nni;
-
- lh->num_nodes++;
- lh->num_expands++;
- p=(int)lh->p++;
- n1= &(lh->b[p]);
- n2= &(lh->b[p+(int)lh->pmax]);
- *n2=NULL; /* 27/07/92 - eay - undefined pointer bug */
- nni=lh->num_alloc_nodes;
-
- for (np= *n1; np != NULL; )
- {
-#ifndef NO_HASH_COMP
- hash=np->hash;
-#else
- hash=(*(lh->hash))(np->data);
- lh->num_hash_calls++;
-#endif
- if ((hash%nni) != p)
- { /* move it */
- *n1= (*n1)->next;
- np->next= *n2;
- *n2=np;
- }
- else
- n1= &((*n1)->next);
- np= *n1;
- }
-
- if ((lh->p) >= lh->pmax)
- {
- j=(int)lh->num_alloc_nodes*2;
- n=(LHASH_NODE **)OPENSSL_realloc(lh->b,
- (unsigned int)sizeof(LHASH_NODE *)*j);
- if (n == NULL)
- {
-/* fputs("realloc error in lhash",stderr); */
- lh->error++;
- lh->p=0;
- return;
- }
- /* else */
- for (i=(int)lh->num_alloc_nodes; i<j; i++)/* 26/02/92 eay */
- n[i]=NULL; /* 02/03/92 eay */
- lh->pmax=lh->num_alloc_nodes;
- lh->num_alloc_nodes=j;
- lh->num_expand_reallocs++;
- lh->p=0;
- lh->b=n;
- }
- }
-
-static void contract(LHASH *lh)
- {
- LHASH_NODE **n,*n1,*np;
-
- np=lh->b[lh->p+lh->pmax-1];
- lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */
- if (lh->p == 0)
- {
- n=(LHASH_NODE **)OPENSSL_realloc(lh->b,
- (unsigned int)(sizeof(LHASH_NODE *)*lh->pmax));
- if (n == NULL)
- {
-/* fputs("realloc error in lhash",stderr); */
- lh->error++;
- return;
- }
- lh->num_contract_reallocs++;
- lh->num_alloc_nodes/=2;
- lh->pmax/=2;
- lh->p=lh->pmax-1;
- lh->b=n;
- }
- else
- lh->p--;
-
- lh->num_nodes--;
- lh->num_contracts++;
-
- n1=lh->b[(int)lh->p];
- if (n1 == NULL)
- lh->b[(int)lh->p]=np;
- else
- {
- while (n1->next != NULL)
- n1=n1->next;
- n1->next=np;
- }
- }
-
-static LHASH_NODE **getrn(LHASH *lh, void *data, unsigned long *rhash)
- {
- LHASH_NODE **ret,*n1;
- unsigned long hash,nn;
- int (*cf)();
-
- hash=(*(lh->hash))(data);
- lh->num_hash_calls++;
- *rhash=hash;
-
- nn=hash%lh->pmax;
- if (nn < lh->p)
- nn=hash%lh->num_alloc_nodes;
-
- cf=lh->comp;
- ret= &(lh->b[(int)nn]);
- for (n1= *ret; n1 != NULL; n1=n1->next)
- {
-#ifndef NO_HASH_COMP
- lh->num_hash_comps++;
- if (n1->hash != hash)
- {
- ret= &(n1->next);
- continue;
- }
-#endif
- lh->num_comp_calls++;
- if ((*cf)(n1->data,data) == 0)
- break;
- ret= &(n1->next);
- }
- return(ret);
- }
-
-/* The following hash seems to work very well on normal text strings
- * no collisions on /usr/dict/words and it distributes on %2^n quite
- * well, not as good as MD5, but still good.
- */
-unsigned long lh_strhash(const char *c)
- {
- unsigned long ret=0;
- long n;
- unsigned long v;
- int r;
-
- if ((c == NULL) || (*c == '\0'))
- return(ret);
-/*
- unsigned char b[16];
- MD5(c,strlen(c),b);
- return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24));
-*/
-
- n=0x100;
- while (*c)
- {
- v=n|(*c);
- n+=0x100;
- r= (int)((v>>2)^v)&0x0f;
- ret=(ret<<r)|(ret>>(32-r));
- ret&=0xFFFFFFFFL;
- ret^=v*v;
- c++;
- }
- return((ret>>16)^ret);
- }
-
-unsigned long lh_num_items(LHASH *lh)
- {
- return lh ? lh->num_items : 0;
- }
diff --git a/src/lib/libcrypto/lhash/lhash.h b/src/lib/libcrypto/lhash/lhash.h
deleted file mode 100644
index b8ff021906..0000000000
--- a/src/lib/libcrypto/lhash/lhash.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/* crypto/lhash/lhash.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Header for dynamic hash table routines
- * Author - Eric Young
- */
-
-#ifndef HEADER_LHASH_H
-#define HEADER_LHASH_H
-
-#ifndef NO_FP_API
-#include <stdio.h>
-#endif
-
-#ifndef NO_BIO
-#include <openssl/bio.h>
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct lhash_node_st
- {
- void *data;
- struct lhash_node_st *next;
-#ifndef NO_HASH_COMP
- unsigned long hash;
-#endif
- } LHASH_NODE;
-
-typedef struct lhash_st
- {
- LHASH_NODE **b;
- int (*comp)();
- unsigned long (*hash)();
- unsigned int num_nodes;
- unsigned int num_alloc_nodes;
- unsigned int p;
- unsigned int pmax;
- unsigned long up_load; /* load times 256 */
- unsigned long down_load; /* load times 256 */
- unsigned long num_items;
-
- unsigned long num_expands;
- unsigned long num_expand_reallocs;
- unsigned long num_contracts;
- unsigned long num_contract_reallocs;
- unsigned long num_hash_calls;
- unsigned long num_comp_calls;
- unsigned long num_insert;
- unsigned long num_replace;
- unsigned long num_delete;
- unsigned long num_no_delete;
- unsigned long num_retrieve;
- unsigned long num_retrieve_miss;
- unsigned long num_hash_comps;
-
- int error;
- } LHASH;
-
-#define LH_LOAD_MULT 256
-
-/* Indicates a malloc() error in the last call, this is only bad
- * in lh_insert(). */
-#define lh_error(lh) ((lh)->error)
-
-LHASH *lh_new(unsigned long (*h)(/* void *a */), int (*c)(/* void *a,void *b */));
-void lh_free(LHASH *lh);
-void *lh_insert(LHASH *lh, void *data);
-void *lh_delete(LHASH *lh, void *data);
-void *lh_retrieve(LHASH *lh, void *data);
- void lh_doall(LHASH *lh, void (*func)(/*void *b*/));
-void lh_doall_arg(LHASH *lh, void (*func)(/*void *a,void *b*/),void *arg);
-unsigned long lh_strhash(const char *c);
-unsigned long lh_num_items(LHASH *lh);
-
-#ifndef NO_FP_API
-void lh_stats(LHASH *lh, FILE *out);
-void lh_node_stats(LHASH *lh, FILE *out);
-void lh_node_usage_stats(LHASH *lh, FILE *out);
-#endif
-
-#ifndef NO_BIO
-void lh_stats_bio(LHASH *lh, BIO *out);
-void lh_node_stats_bio(LHASH *lh, BIO *out);
-void lh_node_usage_stats_bio(LHASH *lh, BIO *out);
-#endif
-#ifdef __cplusplus
-}
-#endif
-
-#endif
-
diff --git a/src/lib/libcrypto/md32_common.h b/src/lib/libcrypto/md32_common.h
deleted file mode 100644
index 1a404a458d..0000000000
--- a/src/lib/libcrypto/md32_common.h
+++ /dev/null
@@ -1,607 +0,0 @@
-/* crypto/md32_common.h */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * This is a generic 32 bit "collector" for message digest algorithms.
- * Whenever needed it collects input character stream into chunks of
- * 32 bit values and invokes a block function that performs actual hash
- * calculations.
- *
- * Porting guide.
- *
- * Obligatory macros:
- *
- * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
- * this macro defines byte order of input stream.
- * HASH_CBLOCK
- * size of a unit chunk HASH_BLOCK operates on.
- * HASH_LONG
- * has to be at lest 32 bit wide, if it's wider, then
- * HASH_LONG_LOG2 *has to* be defined along
- * HASH_CTX
- * context structure that at least contains following
- * members:
- * typedef struct {
- * ...
- * HASH_LONG Nl,Nh;
- * HASH_LONG data[HASH_LBLOCK];
- * int num;
- * ...
- * } HASH_CTX;
- * HASH_UPDATE
- * name of "Update" function, implemented here.
- * HASH_TRANSFORM
- * name of "Transform" function, implemented here.
- * HASH_FINAL
- * name of "Final" function, implemented here.
- * HASH_BLOCK_HOST_ORDER
- * name of "block" function treating *aligned* input message
- * in host byte order, implemented externally.
- * HASH_BLOCK_DATA_ORDER
- * name of "block" function treating *unaligned* input message
- * in original (data) byte order, implemented externally (it
- * actually is optional if data and host are of the same
- * "endianess").
- * HASH_MAKE_STRING
- * macro convering context variables to an ASCII hash string.
- *
- * Optional macros:
- *
- * B_ENDIAN or L_ENDIAN
- * defines host byte-order.
- * HASH_LONG_LOG2
- * defaults to 2 if not states otherwise.
- * HASH_LBLOCK
- * assumed to be HASH_CBLOCK/4 if not stated otherwise.
- * HASH_BLOCK_DATA_ORDER_ALIGNED
- * alternative "block" function capable of treating
- * aligned input message in original (data) order,
- * implemented externally.
- *
- * MD5 example:
- *
- * #define DATA_ORDER_IS_LITTLE_ENDIAN
- *
- * #define HASH_LONG MD5_LONG
- * #define HASH_LONG_LOG2 MD5_LONG_LOG2
- * #define HASH_CTX MD5_CTX
- * #define HASH_CBLOCK MD5_CBLOCK
- * #define HASH_LBLOCK MD5_LBLOCK
- * #define HASH_UPDATE MD5_Update
- * #define HASH_TRANSFORM MD5_Transform
- * #define HASH_FINAL MD5_Final
- * #define HASH_BLOCK_HOST_ORDER md5_block_host_order
- * #define HASH_BLOCK_DATA_ORDER md5_block_data_order
- *
- * <appro@fy.chalmers.se>
- */
-
-#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-#error "DATA_ORDER must be defined!"
-#endif
-
-#ifndef HASH_CBLOCK
-#error "HASH_CBLOCK must be defined!"
-#endif
-#ifndef HASH_LONG
-#error "HASH_LONG must be defined!"
-#endif
-#ifndef HASH_CTX
-#error "HASH_CTX must be defined!"
-#endif
-
-#ifndef HASH_UPDATE
-#error "HASH_UPDATE must be defined!"
-#endif
-#ifndef HASH_TRANSFORM
-#error "HASH_TRANSFORM must be defined!"
-#endif
-#ifndef HASH_FINAL
-#error "HASH_FINAL must be defined!"
-#endif
-
-#ifndef HASH_BLOCK_HOST_ORDER
-#error "HASH_BLOCK_HOST_ORDER must be defined!"
-#endif
-
-#if 0
-/*
- * Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED
- * isn't defined.
- */
-#ifndef HASH_BLOCK_DATA_ORDER
-#error "HASH_BLOCK_DATA_ORDER must be defined!"
-#endif
-#endif
-
-#ifndef HASH_LBLOCK
-#define HASH_LBLOCK (HASH_CBLOCK/4)
-#endif
-
-#ifndef HASH_LONG_LOG2
-#define HASH_LONG_LOG2 2
-#endif
-
-/*
- * Engage compiler specific rotate intrinsic function if available.
- */
-#undef ROTATE
-#ifndef PEDANTIC
-# if defined(_MSC_VER)
-# define ROTATE(a,n) _lrotl(a,n)
-# elif defined(__MWERKS__)
-# if defined(__POWERPC__)
-# define ROTATE(a,n) __rlwinm(a,n,0,31)
-# elif defined(__MC68K__)
- /* Motorola specific tweak. <appro@fy.chalmers.se> */
-# define ROTATE(a,n) ( n<24 ? __rol(a,n) : __ror(a,32-n) )
-# else
-# define ROTATE(a,n) __rol(a,n)
-# endif
-# elif defined(__GNUC__) && __GNUC__>=2 && !defined(NO_ASM) && !defined(NO_INLINE_ASM)
- /*
- * Some GNU C inline assembler templates. Note that these are
- * rotates by *constant* number of bits! But that's exactly
- * what we need here...
- *
- * <appro@fy.chalmers.se>
- */
-# if defined(__i386)
-# define ROTATE(a,n) ({ register unsigned int ret; \
- asm ( \
- "roll %1,%0" \
- : "=r"(ret) \
- : "I"(n), "0"(a) \
- : "cc"); \
- ret; \
- })
-# elif defined(__powerpc) || defined(__ppc)
-# define ROTATE(a,n) ({ register unsigned int ret; \
- asm ( \
- "rlwinm %0,%1,%2,0,31" \
- : "=r"(ret) \
- : "r"(a), "I"(n)); \
- ret; \
- })
-# endif
-# endif
-
-/*
- * Engage compiler specific "fetch in reverse byte order"
- * intrinsic function if available.
- */
-# if defined(__GNUC__) && __GNUC__>=2 && !defined(NO_ASM) && !defined(NO_INLINE_ASM)
- /* some GNU C inline assembler templates by <appro@fy.chalmers.se> */
-# if defined(__i386) && !defined(I386_ONLY)
-# define BE_FETCH32(a) ({ register unsigned int l=(a);\
- asm ( \
- "bswapl %0" \
- : "=r"(l) : "0"(l)); \
- l; \
- })
-# elif defined(__powerpc)
-# define LE_FETCH32(a) ({ register unsigned int l; \
- asm ( \
- "lwbrx %0,0,%1" \
- : "=r"(l) \
- : "r"(a)); \
- l; \
- })
-
-# elif defined(__sparc) && defined(ULTRASPARC)
-# define LE_FETCH32(a) ({ register unsigned int l; \
- asm ( \
- "lda [%1]#ASI_PRIMARY_LITTLE,%0"\
- : "=r"(l) \
- : "r"(a)); \
- l; \
- })
-# endif
-# endif
-#endif /* PEDANTIC */
-
-#if HASH_LONG_LOG2==2 /* Engage only if sizeof(HASH_LONG)== 4 */
-/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
-#ifdef ROTATE
-/* 5 instructions with rotate instruction, else 9 */
-#define REVERSE_FETCH32(a,l) ( \
- l=*(const HASH_LONG *)(a), \
- ((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24))) \
- )
-#else
-/* 6 instructions with rotate instruction, else 8 */
-#define REVERSE_FETCH32(a,l) ( \
- l=*(const HASH_LONG *)(a), \
- l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)), \
- ROTATE(l,16) \
- )
-/*
- * Originally the middle line started with l=(((l&0xFF00FF00)>>8)|...
- * It's rewritten as above for two reasons:
- * - RISCs aren't good at long constants and have to explicitely
- * compose 'em with several (well, usually 2) instructions in a
- * register before performing the actual operation and (as you
- * already realized:-) having same constant should inspire the
- * compiler to permanently allocate the only register for it;
- * - most modern CPUs have two ALUs, but usually only one has
- * circuitry for shifts:-( this minor tweak inspires compiler
- * to schedule shift instructions in a better way...
- *
- * <appro@fy.chalmers.se>
- */
-#endif
-#endif
-
-#ifndef ROTATE
-#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
-#endif
-
-/*
- * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED
- * and HASH_BLOCK_HOST_ORDER ought to be the same if input data
- * and host are of the same "endianess". It's possible to mask
- * this with blank #define HASH_BLOCK_DATA_ORDER though...
- *
- * <appro@fy.chalmers.se>
- */
-#if defined(B_ENDIAN)
-# if defined(DATA_ORDER_IS_BIG_ENDIAN)
-# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
-# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER
-# endif
-# elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-# ifndef HOST_FETCH32
-# ifdef LE_FETCH32
-# define HOST_FETCH32(p,l) LE_FETCH32(p)
-# elif defined(REVERSE_FETCH32)
-# define HOST_FETCH32(p,l) REVERSE_FETCH32(p,l)
-# endif
-# endif
-# endif
-#elif defined(L_ENDIAN)
-# if defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
-# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER
-# endif
-# elif defined(DATA_ORDER_IS_BIG_ENDIAN)
-# ifndef HOST_FETCH32
-# ifdef BE_FETCH32
-# define HOST_FETCH32(p,l) BE_FETCH32(p)
-# elif defined(REVERSE_FETCH32)
-# define HOST_FETCH32(p,l) REVERSE_FETCH32(p,l)
-# endif
-# endif
-# endif
-#endif
-
-#if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
-#ifndef HASH_BLOCK_DATA_ORDER
-#error "HASH_BLOCK_DATA_ORDER must be defined!"
-#endif
-#endif
-
-#if defined(DATA_ORDER_IS_BIG_ENDIAN)
-
-#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
- l|=(((unsigned long)(*((c)++)))<<16), \
- l|=(((unsigned long)(*((c)++)))<< 8), \
- l|=(((unsigned long)(*((c)++))) ), \
- l)
-#define HOST_p_c2l(c,l,n) { \
- switch (n) { \
- case 0: l =((unsigned long)(*((c)++)))<<24; \
- case 1: l|=((unsigned long)(*((c)++)))<<16; \
- case 2: l|=((unsigned long)(*((c)++)))<< 8; \
- case 3: l|=((unsigned long)(*((c)++))); \
- } }
-#define HOST_p_c2l_p(c,l,sc,len) { \
- switch (sc) { \
- case 0: l =((unsigned long)(*((c)++)))<<24; \
- if (--len == 0) break; \
- case 1: l|=((unsigned long)(*((c)++)))<<16; \
- if (--len == 0) break; \
- case 2: l|=((unsigned long)(*((c)++)))<< 8; \
- } }
-/* NOTE the pointer is not incremented at the end of this */
-#define HOST_c2l_p(c,l,n) { \
- l=0; (c)+=n; \
- switch (n) { \
- case 3: l =((unsigned long)(*(--(c))))<< 8; \
- case 2: l|=((unsigned long)(*(--(c))))<<16; \
- case 1: l|=((unsigned long)(*(--(c))))<<24; \
- } }
-#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff), \
- l)
-
-#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-
-#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
- l|=(((unsigned long)(*((c)++)))<< 8), \
- l|=(((unsigned long)(*((c)++)))<<16), \
- l|=(((unsigned long)(*((c)++)))<<24), \
- l)
-#define HOST_p_c2l(c,l,n) { \
- switch (n) { \
- case 0: l =((unsigned long)(*((c)++))); \
- case 1: l|=((unsigned long)(*((c)++)))<< 8; \
- case 2: l|=((unsigned long)(*((c)++)))<<16; \
- case 3: l|=((unsigned long)(*((c)++)))<<24; \
- } }
-#define HOST_p_c2l_p(c,l,sc,len) { \
- switch (sc) { \
- case 0: l =((unsigned long)(*((c)++))); \
- if (--len == 0) break; \
- case 1: l|=((unsigned long)(*((c)++)))<< 8; \
- if (--len == 0) break; \
- case 2: l|=((unsigned long)(*((c)++)))<<16; \
- } }
-/* NOTE the pointer is not incremented at the end of this */
-#define HOST_c2l_p(c,l,n) { \
- l=0; (c)+=n; \
- switch (n) { \
- case 3: l =((unsigned long)(*(--(c))))<<16; \
- case 2: l|=((unsigned long)(*(--(c))))<< 8; \
- case 1: l|=((unsigned long)(*(--(c)))); \
- } }
-#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24)&0xff), \
- l)
-
-#endif
-
-/*
- * Time for some action:-)
- */
-
-void HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len)
- {
- const unsigned char *data=data_;
- register HASH_LONG * p;
- register unsigned long l;
- int sw,sc,ew,ec;
-
- if (len==0) return;
-
- l=(c->Nl+(len<<3))&0xffffffffL;
- /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
- * Wei Dai <weidai@eskimo.com> for pointing it out. */
- if (l < c->Nl) /* overflow */
- c->Nh++;
- c->Nh+=(len>>29);
- c->Nl=l;
-
- if (c->num != 0)
- {
- p=c->data;
- sw=c->num>>2;
- sc=c->num&0x03;
-
- if ((c->num+len) >= HASH_CBLOCK)
- {
- l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
- for (; sw<HASH_LBLOCK; sw++)
- {
- HOST_c2l(data,l); p[sw]=l;
- }
- HASH_BLOCK_HOST_ORDER (c,p,1);
- len-=(HASH_CBLOCK-c->num);
- c->num=0;
- /* drop through and do the rest */
- }
- else
- {
- c->num+=len;
- if ((sc+len) < 4) /* ugly, add char's to a word */
- {
- l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l;
- }
- else
- {
- ew=(c->num>>2);
- ec=(c->num&0x03);
- l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
- for (; sw < ew; sw++)
- {
- HOST_c2l(data,l); p[sw]=l;
- }
- if (ec)
- {
- HOST_c2l_p(data,l,ec); p[sw]=l;
- }
- }
- return;
- }
- }
-
- sw=len/HASH_CBLOCK;
- if (sw > 0)
- {
-#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
- /*
- * Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined
- * only if sizeof(HASH_LONG)==4.
- */
- if ((((unsigned long)data)%4) == 0)
- {
- /* data is properly aligned so that we can cast it: */
- HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,sw);
- sw*=HASH_CBLOCK;
- data+=sw;
- len-=sw;
- }
- else
-#if !defined(HASH_BLOCK_DATA_ORDER)
- while (sw--)
- {
- memcpy (p=c->data,data,HASH_CBLOCK);
- HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1);
- data+=HASH_CBLOCK;
- len-=HASH_CBLOCK;
- }
-#endif
-#endif
-#if defined(HASH_BLOCK_DATA_ORDER)
- {
- HASH_BLOCK_DATA_ORDER(c,data,sw);
- sw*=HASH_CBLOCK;
- data+=sw;
- len-=sw;
- }
-#endif
- }
-
- if (len!=0)
- {
- p = c->data;
- c->num = len;
- ew=len>>2; /* words to copy */
- ec=len&0x03;
- for (; ew; ew--,p++)
- {
- HOST_c2l(data,l); *p=l;
- }
- HOST_c2l_p(data,l,ec);
- *p=l;
- }
- }
-
-
-void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data)
- {
-#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
- if ((((unsigned long)data)%4) == 0)
- /* data is properly aligned so that we can cast it: */
- HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,1);
- else
-#if !defined(HASH_BLOCK_DATA_ORDER)
- {
- memcpy (c->data,data,HASH_CBLOCK);
- HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1);
- }
-#endif
-#endif
-#if defined(HASH_BLOCK_DATA_ORDER)
- HASH_BLOCK_DATA_ORDER (c,data,1);
-#endif
- }
-
-
-void HASH_FINAL (unsigned char *md, HASH_CTX *c)
- {
- register HASH_LONG *p;
- register unsigned long l;
- register int i,j;
- static const unsigned char end[4]={0x80,0x00,0x00,0x00};
- const unsigned char *cp=end;
-
- /* c->num should definitly have room for at least one more byte. */
- p=c->data;
- i=c->num>>2;
- j=c->num&0x03;
-
-#if 0
- /* purify often complains about the following line as an
- * Uninitialized Memory Read. While this can be true, the
- * following p_c2l macro will reset l when that case is true.
- * This is because j&0x03 contains the number of 'valid' bytes
- * already in p[i]. If and only if j&0x03 == 0, the UMR will
- * occur but this is also the only time p_c2l will do
- * l= *(cp++) instead of l|= *(cp++)
- * Many thanks to Alex Tang <altitude@cic.net> for pickup this
- * 'potential bug' */
-#ifdef PURIFY
- if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */
-#endif
- l=p[i];
-#else
- l = (j==0) ? 0 : p[i];
-#endif
- HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */
-
- if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */
- {
- if (i<HASH_LBLOCK) p[i]=0;
- HASH_BLOCK_HOST_ORDER (c,p,1);
- i=0;
- }
- for (; i<(HASH_LBLOCK-2); i++)
- p[i]=0;
-
-#if defined(DATA_ORDER_IS_BIG_ENDIAN)
- p[HASH_LBLOCK-2]=c->Nh;
- p[HASH_LBLOCK-1]=c->Nl;
-#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
- p[HASH_LBLOCK-2]=c->Nl;
- p[HASH_LBLOCK-1]=c->Nh;
-#endif
- HASH_BLOCK_HOST_ORDER (c,p,1);
-
-#ifndef HASH_MAKE_STRING
-#error "HASH_MAKE_STRING must be defined!"
-#else
- HASH_MAKE_STRING(c,md);
-#endif
-
- c->num=0;
- /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack
- * but I'm not worried :-)
- memset((void *)c,0,sizeof(HASH_CTX));
- */
- }
diff --git a/src/lib/libcrypto/md4/md4.h b/src/lib/libcrypto/md4/md4.h
deleted file mode 100644
index c794e186db..0000000000
--- a/src/lib/libcrypto/md4/md4.h
+++ /dev/null
@@ -1,114 +0,0 @@
-/* crypto/md4/md4.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MD4_H
-#define HEADER_MD4_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef NO_MD4
-#error MD4 is disabled.
-#endif
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! MD4_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! MD4_LONG_LOG2 has to be defined along. !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#if defined(WIN16) || defined(__LP32__)
-#define MD4_LONG unsigned long
-#elif defined(_CRAY) || defined(__ILP64__)
-#define MD4_LONG unsigned long
-#define MD4_LONG_LOG2 3
-/*
- * _CRAY note. I could declare short, but I have no idea what impact
- * does it have on performance on none-T3E machines. I could declare
- * int, but at least on C90 sizeof(int) can be chosen at compile time.
- * So I've chosen long...
- * <appro@fy.chalmers.se>
- */
-#else
-#define MD4_LONG unsigned int
-#endif
-
-#define MD4_CBLOCK 64
-#define MD4_LBLOCK (MD4_CBLOCK/4)
-#define MD4_DIGEST_LENGTH 16
-
-typedef struct MD4state_st
- {
- MD4_LONG A,B,C,D;
- MD4_LONG Nl,Nh;
- MD4_LONG data[MD4_LBLOCK];
- int num;
- } MD4_CTX;
-
-void MD4_Init(MD4_CTX *c);
-void MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
-void MD4_Final(unsigned char *md, MD4_CTX *c);
-unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
-void MD4_Transform(MD4_CTX *c, const unsigned char *b);
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/md4/md4_dgst.c b/src/lib/libcrypto/md4/md4_dgst.c
deleted file mode 100644
index 81488ae2e2..0000000000
--- a/src/lib/libcrypto/md4/md4_dgst.c
+++ /dev/null
@@ -1,285 +0,0 @@
-/* crypto/md4/md4_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "md4_locl.h"
-#include <openssl/opensslv.h>
-
-const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT;
-
-/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
- */
-
-#define INIT_DATA_A (unsigned long)0x67452301L
-#define INIT_DATA_B (unsigned long)0xefcdab89L
-#define INIT_DATA_C (unsigned long)0x98badcfeL
-#define INIT_DATA_D (unsigned long)0x10325476L
-
-void MD4_Init(MD4_CTX *c)
- {
- c->A=INIT_DATA_A;
- c->B=INIT_DATA_B;
- c->C=INIT_DATA_C;
- c->D=INIT_DATA_D;
- c->Nl=0;
- c->Nh=0;
- c->num=0;
- }
-
-#ifndef md4_block_host_order
-void md4_block_host_order (MD4_CTX *c, const void *data, int num)
- {
- const MD4_LONG *X=data;
- register unsigned long A,B,C,D;
- /*
- * In case you wonder why A-D are declared as long and not
- * as MD4_LONG. Doing so results in slight performance
- * boost on LP64 architectures. The catch is we don't
- * really care if 32 MSBs of a 64-bit register get polluted
- * with eventual overflows as we *save* only 32 LSBs in
- * *either* case. Now declaring 'em long excuses the compiler
- * from keeping 32 MSBs zeroed resulting in 13% performance
- * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
- * Well, to be honest it should say that this *prevents*
- * performance degradation.
- *
- * <appro@fy.chalmers.se>
- */
-
- A=c->A;
- B=c->B;
- C=c->C;
- D=c->D;
-
- for (;num--;X+=HASH_LBLOCK)
- {
- /* Round 0 */
- R0(A,B,C,D,X[ 0], 3,0);
- R0(D,A,B,C,X[ 1], 7,0);
- R0(C,D,A,B,X[ 2],11,0);
- R0(B,C,D,A,X[ 3],19,0);
- R0(A,B,C,D,X[ 4], 3,0);
- R0(D,A,B,C,X[ 5], 7,0);
- R0(C,D,A,B,X[ 6],11,0);
- R0(B,C,D,A,X[ 7],19,0);
- R0(A,B,C,D,X[ 8], 3,0);
- R0(D,A,B,C,X[ 9], 7,0);
- R0(C,D,A,B,X[10],11,0);
- R0(B,C,D,A,X[11],19,0);
- R0(A,B,C,D,X[12], 3,0);
- R0(D,A,B,C,X[13], 7,0);
- R0(C,D,A,B,X[14],11,0);
- R0(B,C,D,A,X[15],19,0);
- /* Round 1 */
- R1(A,B,C,D,X[ 0], 3,0x5A827999L);
- R1(D,A,B,C,X[ 4], 5,0x5A827999L);
- R1(C,D,A,B,X[ 8], 9,0x5A827999L);
- R1(B,C,D,A,X[12],13,0x5A827999L);
- R1(A,B,C,D,X[ 1], 3,0x5A827999L);
- R1(D,A,B,C,X[ 5], 5,0x5A827999L);
- R1(C,D,A,B,X[ 9], 9,0x5A827999L);
- R1(B,C,D,A,X[13],13,0x5A827999L);
- R1(A,B,C,D,X[ 2], 3,0x5A827999L);
- R1(D,A,B,C,X[ 6], 5,0x5A827999L);
- R1(C,D,A,B,X[10], 9,0x5A827999L);
- R1(B,C,D,A,X[14],13,0x5A827999L);
- R1(A,B,C,D,X[ 3], 3,0x5A827999L);
- R1(D,A,B,C,X[ 7], 5,0x5A827999L);
- R1(C,D,A,B,X[11], 9,0x5A827999L);
- R1(B,C,D,A,X[15],13,0x5A827999L);
- /* Round 2 */
- R2(A,B,C,D,X[ 0], 3,0x6ED9EBA1);
- R2(D,A,B,C,X[ 8], 9,0x6ED9EBA1);
- R2(C,D,A,B,X[ 4],11,0x6ED9EBA1);
- R2(B,C,D,A,X[12],15,0x6ED9EBA1);
- R2(A,B,C,D,X[ 2], 3,0x6ED9EBA1);
- R2(D,A,B,C,X[10], 9,0x6ED9EBA1);
- R2(C,D,A,B,X[ 6],11,0x6ED9EBA1);
- R2(B,C,D,A,X[14],15,0x6ED9EBA1);
- R2(A,B,C,D,X[ 1], 3,0x6ED9EBA1);
- R2(D,A,B,C,X[ 9], 9,0x6ED9EBA1);
- R2(C,D,A,B,X[ 5],11,0x6ED9EBA1);
- R2(B,C,D,A,X[13],15,0x6ED9EBA1);
- R2(A,B,C,D,X[ 3], 3,0x6ED9EBA1);
- R2(D,A,B,C,X[11], 9,0x6ED9EBA1);
- R2(C,D,A,B,X[ 7],11,0x6ED9EBA1);
- R2(B,C,D,A,X[15],15,0x6ED9EBA1);
-
- A = c->A += A;
- B = c->B += B;
- C = c->C += C;
- D = c->D += D;
- }
- }
-#endif
-
-#ifndef md4_block_data_order
-#ifdef X
-#undef X
-#endif
-void md4_block_data_order (MD4_CTX *c, const void *data_, int num)
- {
- const unsigned char *data=data_;
- register unsigned long A,B,C,D,l;
- /*
- * In case you wonder why A-D are declared as long and not
- * as MD4_LONG. Doing so results in slight performance
- * boost on LP64 architectures. The catch is we don't
- * really care if 32 MSBs of a 64-bit register get polluted
- * with eventual overflows as we *save* only 32 LSBs in
- * *either* case. Now declaring 'em long excuses the compiler
- * from keeping 32 MSBs zeroed resulting in 13% performance
- * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
- * Well, to be honest it should say that this *prevents*
- * performance degradation.
- *
- * <appro@fy.chalmers.se>
- */
-#ifndef MD32_XARRAY
- /* See comment in crypto/sha/sha_locl.h for details. */
- unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
- XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-# define X(i) XX##i
-#else
- MD4_LONG XX[MD4_LBLOCK];
-# define X(i) XX[i]
-#endif
-
- A=c->A;
- B=c->B;
- C=c->C;
- D=c->D;
-
- for (;num--;)
- {
- HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
- /* Round 0 */
- R0(A,B,C,D,X( 0), 3,0); HOST_c2l(data,l); X( 2)=l;
- R0(D,A,B,C,X( 1), 7,0); HOST_c2l(data,l); X( 3)=l;
- R0(C,D,A,B,X( 2),11,0); HOST_c2l(data,l); X( 4)=l;
- R0(B,C,D,A,X( 3),19,0); HOST_c2l(data,l); X( 5)=l;
- R0(A,B,C,D,X( 4), 3,0); HOST_c2l(data,l); X( 6)=l;
- R0(D,A,B,C,X( 5), 7,0); HOST_c2l(data,l); X( 7)=l;
- R0(C,D,A,B,X( 6),11,0); HOST_c2l(data,l); X( 8)=l;
- R0(B,C,D,A,X( 7),19,0); HOST_c2l(data,l); X( 9)=l;
- R0(A,B,C,D,X( 8), 3,0); HOST_c2l(data,l); X(10)=l;
- R0(D,A,B,C,X( 9), 7,0); HOST_c2l(data,l); X(11)=l;
- R0(C,D,A,B,X(10),11,0); HOST_c2l(data,l); X(12)=l;
- R0(B,C,D,A,X(11),19,0); HOST_c2l(data,l); X(13)=l;
- R0(A,B,C,D,X(12), 3,0); HOST_c2l(data,l); X(14)=l;
- R0(D,A,B,C,X(13), 7,0); HOST_c2l(data,l); X(15)=l;
- R0(C,D,A,B,X(14),11,0);
- R0(B,C,D,A,X(15),19,0);
- /* Round 1 */
- R1(A,B,C,D,X( 0), 3,0x5A827999L);
- R1(D,A,B,C,X( 4), 5,0x5A827999L);
- R1(C,D,A,B,X( 8), 9,0x5A827999L);
- R1(B,C,D,A,X(12),13,0x5A827999L);
- R1(A,B,C,D,X( 1), 3,0x5A827999L);
- R1(D,A,B,C,X( 5), 5,0x5A827999L);
- R1(C,D,A,B,X( 9), 9,0x5A827999L);
- R1(B,C,D,A,X(13),13,0x5A827999L);
- R1(A,B,C,D,X( 2), 3,0x5A827999L);
- R1(D,A,B,C,X( 6), 5,0x5A827999L);
- R1(C,D,A,B,X(10), 9,0x5A827999L);
- R1(B,C,D,A,X(14),13,0x5A827999L);
- R1(A,B,C,D,X( 3), 3,0x5A827999L);
- R1(D,A,B,C,X( 7), 5,0x5A827999L);
- R1(C,D,A,B,X(11), 9,0x5A827999L);
- R1(B,C,D,A,X(15),13,0x5A827999L);
- /* Round 2 */
- R2(A,B,C,D,X( 0), 3,0x6ED9EBA1L);
- R2(D,A,B,C,X( 8), 9,0x6ED9EBA1L);
- R2(C,D,A,B,X( 4),11,0x6ED9EBA1L);
- R2(B,C,D,A,X(12),15,0x6ED9EBA1L);
- R2(A,B,C,D,X( 2), 3,0x6ED9EBA1L);
- R2(D,A,B,C,X(10), 9,0x6ED9EBA1L);
- R2(C,D,A,B,X( 6),11,0x6ED9EBA1L);
- R2(B,C,D,A,X(14),15,0x6ED9EBA1L);
- R2(A,B,C,D,X( 1), 3,0x6ED9EBA1L);
- R2(D,A,B,C,X( 9), 9,0x6ED9EBA1L);
- R2(C,D,A,B,X( 5),11,0x6ED9EBA1L);
- R2(B,C,D,A,X(13),15,0x6ED9EBA1L);
- R2(A,B,C,D,X( 3), 3,0x6ED9EBA1L);
- R2(D,A,B,C,X(11), 9,0x6ED9EBA1L);
- R2(C,D,A,B,X( 7),11,0x6ED9EBA1L);
- R2(B,C,D,A,X(15),15,0x6ED9EBA1L);
-
- A = c->A += A;
- B = c->B += B;
- C = c->C += C;
- D = c->D += D;
- }
- }
-#endif
-
-#ifdef undef
-int printit(unsigned long *l)
- {
- int i,ii;
-
- for (i=0; i<2; i++)
- {
- for (ii=0; ii<8; ii++)
- {
- fprintf(stderr,"%08lx ",l[i*8+ii]);
- }
- fprintf(stderr,"\n");
- }
- }
-#endif
diff --git a/src/lib/libcrypto/md4/md4_locl.h b/src/lib/libcrypto/md4/md4_locl.h
deleted file mode 100644
index 0a2b39018d..0000000000
--- a/src/lib/libcrypto/md4/md4_locl.h
+++ /dev/null
@@ -1,154 +0,0 @@
-/* crypto/md4/md4_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#include <openssl/md4.h>
-
-#ifndef MD4_LONG_LOG2
-#define MD4_LONG_LOG2 2 /* default to 32 bits */
-#endif
-
-void md4_block_host_order (MD4_CTX *c, const void *p,int num);
-void md4_block_data_order (MD4_CTX *c, const void *p,int num);
-
-#if defined(__i386) || defined(_M_IX86) || defined(__INTEL__)
-/*
- * *_block_host_order is expected to handle aligned data while
- * *_block_data_order - unaligned. As algorithm and host (x86)
- * are in this case of the same "endianness" these two are
- * otherwise indistinguishable. But normally you don't want to
- * call the same function because unaligned access in places
- * where alignment is expected is usually a "Bad Thing". Indeed,
- * on RISCs you get punished with BUS ERROR signal or *severe*
- * performance degradation. Intel CPUs are in turn perfectly
- * capable of loading unaligned data without such drastic side
- * effect. Yes, they say it's slower than aligned load, but no
- * exception is generated and therefore performance degradation
- * is *incomparable* with RISCs. What we should weight here is
- * costs of unaligned access against costs of aligning data.
- * According to my measurements allowing unaligned access results
- * in ~9% performance improvement on Pentium II operating at
- * 266MHz. I won't be surprised if the difference will be higher
- * on faster systems:-)
- *
- * <appro@fy.chalmers.se>
- */
-#define md4_block_data_order md4_block_host_order
-#endif
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG MD4_LONG
-#define HASH_LONG_LOG2 MD4_LONG_LOG2
-#define HASH_CTX MD4_CTX
-#define HASH_CBLOCK MD4_CBLOCK
-#define HASH_LBLOCK MD4_LBLOCK
-#define HASH_UPDATE MD4_Update
-#define HASH_TRANSFORM MD4_Transform
-#define HASH_FINAL MD4_Final
-#define HASH_MAKE_STRING(c,s) do { \
- unsigned long ll; \
- ll=(c)->A; HOST_l2c(ll,(s)); \
- ll=(c)->B; HOST_l2c(ll,(s)); \
- ll=(c)->C; HOST_l2c(ll,(s)); \
- ll=(c)->D; HOST_l2c(ll,(s)); \
- } while (0)
-#define HASH_BLOCK_HOST_ORDER md4_block_host_order
-#if !defined(L_ENDIAN) || defined(md4_block_data_order)
-#define HASH_BLOCK_DATA_ORDER md4_block_data_order
-/*
- * Little-endians (Intel and Alpha) feel better without this.
- * It looks like memcpy does better job than generic
- * md4_block_data_order on copying-n-aligning input data.
- * But frankly speaking I didn't expect such result on Alpha.
- * On the other hand I've got this with egcs-1.0.2 and if
- * program is compiled with another (better?) compiler it
- * might turn out other way around.
- *
- * <appro@fy.chalmers.se>
- */
-#endif
-
-#include "md32_common.h"
-
-/*
-#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
-#define G(x,y,z) (((x) & (y)) | ((x) & ((z))) | ((y) & ((z))))
-*/
-
-/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
- * simplified to the code below. Wei attributes these optimizations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- */
-#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
-#define G(b,c,d) (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
-#define H(b,c,d) ((b) ^ (c) ^ (d))
-
-#define R0(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+F((b),(c),(d))); \
- a=ROTATE(a,s); };
-
-#define R1(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+G((b),(c),(d))); \
- a=ROTATE(a,s); };\
-
-#define R2(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+H((b),(c),(d))); \
- a=ROTATE(a,s); };
diff --git a/src/lib/libcrypto/md4/md4_one.c b/src/lib/libcrypto/md4/md4_one.c
deleted file mode 100644
index 87a995d38d..0000000000
--- a/src/lib/libcrypto/md4/md4_one.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/md4/md4_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/md4.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md)
- {
- MD4_CTX c;
- static unsigned char m[MD4_DIGEST_LENGTH];
-
- if (md == NULL) md=m;
- MD4_Init(&c);
-#ifndef CHARSET_EBCDIC
- MD4_Update(&c,d,n);
-#else
- {
- char temp[1024];
- unsigned long chunk;
-
- while (n > 0)
- {
- chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
- ebcdic2ascii(temp, d, chunk);
- MD4_Update(&c,temp,chunk);
- n -= chunk;
- d += chunk;
- }
- }
-#endif
- MD4_Final(md,&c);
- memset(&c,0,sizeof(c)); /* security consideration */
- return(md);
- }
-
diff --git a/src/lib/libcrypto/md5/asm/md5-586.pl b/src/lib/libcrypto/md5/asm/md5-586.pl
deleted file mode 100644
index 5fc6a205ce..0000000000
--- a/src/lib/libcrypto/md5/asm/md5-586.pl
+++ /dev/null
@@ -1,306 +0,0 @@
-#!/usr/local/bin/perl
-
-# Normal is the
-# md5_block_x86(MD5_CTX *c, ULONG *X);
-# version, non-normal is the
-# md5_block_x86(MD5_CTX *c, ULONG *X,int blocks);
-
-$normal=0;
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-$A="eax";
-$B="ebx";
-$C="ecx";
-$D="edx";
-$tmp1="edi";
-$tmp2="ebp";
-$X="esi";
-
-# What we need to load into $tmp for the next round
-%Ltmp1=("R0",&Np($C), "R1",&Np($C), "R2",&Np($C), "R3",&Np($D));
-@xo=(
- 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, # R0
- 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, # R1
- 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, # R2
- 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9, # R3
- );
-
-&md5_block("md5_block_asm_host_order");
-&asm_finish();
-
-sub Np
- {
- local($p)=@_;
- local(%n)=($A,$D,$B,$A,$C,$B,$D,$C);
- return($n{$p});
- }
-
-sub R0
- {
- local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
-
- &mov($tmp1,$C) if $pos < 0;
- &mov($tmp2,&DWP($xo[$ki]*4,$K,"",0)) if $pos < 0; # very first one
-
- # body proper
-
- &comment("R0 $ki");
- &xor($tmp1,$d); # F function - part 2
-
- &and($tmp1,$b); # F function - part 3
- &lea($a,&DWP($t,$a,$tmp2,1));
-
- &xor($tmp1,$d); # F function - part 4
-
- &add($a,$tmp1);
- &mov($tmp1,&Np($c)) if $pos < 1; # next tmp1 for R0
- &mov($tmp1,&Np($c)) if $pos == 1; # next tmp1 for R1
-
- &rotl($a,$s);
-
- &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
-
- &add($a,$b);
- }
-
-sub R1
- {
- local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
-
- &comment("R1 $ki");
-
- &lea($a,&DWP($t,$a,$tmp2,1));
-
- &xor($tmp1,$b); # G function - part 2
- &and($tmp1,$d); # G function - part 3
-
- &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
- &xor($tmp1,$c); # G function - part 4
-
- &add($a,$tmp1);
- &mov($tmp1,&Np($c)) if $pos < 1; # G function - part 1
- &mov($tmp1,&Np($c)) if $pos == 1; # G function - part 1
-
- &rotl($a,$s);
-
- &add($a,$b);
- }
-
-sub R2
- {
- local($n,$pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
- # This one is different, only 3 logical operations
-
-if (($n & 1) == 0)
- {
- &comment("R2 $ki");
- # make sure to do 'D' first, not 'B', else we clash with
- # the last add from the previous round.
-
- &xor($tmp1,$d); # H function - part 2
-
- &xor($tmp1,$b); # H function - part 3
- &lea($a,&DWP($t,$a,$tmp2,1));
-
- &add($a,$tmp1);
-
- &rotl($a,$s);
-
- &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0));
- &mov($tmp1,&Np($c));
- }
-else
- {
- &comment("R2 $ki");
- # make sure to do 'D' first, not 'B', else we clash with
- # the last add from the previous round.
-
- &lea($a,&DWP($t,$a,$tmp2,1));
-
- &add($b,$c); # MOVED FORWARD
- &xor($tmp1,$d); # H function - part 2
-
- &xor($tmp1,$b); # H function - part 3
- &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
-
- &add($a,$tmp1);
- &mov($tmp1,&Np($c)) if $pos < 1; # H function - part 1
- &mov($tmp1,-1) if $pos == 1; # I function - part 1
-
- &rotl($a,$s);
-
- &add($a,$b);
- }
- }
-
-sub R3
- {
- local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
-
- &comment("R3 $ki");
-
- # ¬($tmp1)
- &xor($tmp1,$d) if $pos < 0; # I function - part 2
-
- &or($tmp1,$b); # I function - part 3
- &lea($a,&DWP($t,$a,$tmp2,1));
-
- &xor($tmp1,$c); # I function - part 4
- &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if $pos != 2; # load X/k value
- &mov($tmp2,&wparam(0)) if $pos == 2;
-
- &add($a,$tmp1);
- &mov($tmp1,-1) if $pos < 1; # H function - part 1
- &add($K,64) if $pos >=1 && !$normal;
-
- &rotl($a,$s);
-
- &xor($tmp1,&Np($d)) if $pos <= 0; # I function - part = first time
- &mov($tmp1,&DWP( 0,$tmp2,"",0)) if $pos > 0;
- &add($a,$b);
- }
-
-
-sub md5_block
- {
- local($name)=@_;
-
- &function_begin_B($name,"",3);
-
- # parameter 1 is the MD5_CTX structure.
- # A 0
- # B 4
- # C 8
- # D 12
-
- &push("esi");
- &push("edi");
- &mov($tmp1, &wparam(0)); # edi
- &mov($X, &wparam(1)); # esi
- &mov($C, &wparam(2));
- &push("ebp");
- &shl($C, 6);
- &push("ebx");
- &add($C, $X); # offset we end at
- &sub($C, 64);
- &mov($A, &DWP( 0,$tmp1,"",0));
- &push($C); # Put on the TOS
- &mov($B, &DWP( 4,$tmp1,"",0));
- &mov($C, &DWP( 8,$tmp1,"",0));
- &mov($D, &DWP(12,$tmp1,"",0));
-
- &set_label("start") unless $normal;
- &comment("");
- &comment("R0 section");
-
- &R0(-2,$A,$B,$C,$D,$X, 0, 7,0xd76aa478);
- &R0( 0,$D,$A,$B,$C,$X, 1,12,0xe8c7b756);
- &R0( 0,$C,$D,$A,$B,$X, 2,17,0x242070db);
- &R0( 0,$B,$C,$D,$A,$X, 3,22,0xc1bdceee);
- &R0( 0,$A,$B,$C,$D,$X, 4, 7,0xf57c0faf);
- &R0( 0,$D,$A,$B,$C,$X, 5,12,0x4787c62a);
- &R0( 0,$C,$D,$A,$B,$X, 6,17,0xa8304613);
- &R0( 0,$B,$C,$D,$A,$X, 7,22,0xfd469501);
- &R0( 0,$A,$B,$C,$D,$X, 8, 7,0x698098d8);
- &R0( 0,$D,$A,$B,$C,$X, 9,12,0x8b44f7af);
- &R0( 0,$C,$D,$A,$B,$X,10,17,0xffff5bb1);
- &R0( 0,$B,$C,$D,$A,$X,11,22,0x895cd7be);
- &R0( 0,$A,$B,$C,$D,$X,12, 7,0x6b901122);
- &R0( 0,$D,$A,$B,$C,$X,13,12,0xfd987193);
- &R0( 0,$C,$D,$A,$B,$X,14,17,0xa679438e);
- &R0( 1,$B,$C,$D,$A,$X,15,22,0x49b40821);
-
- &comment("");
- &comment("R1 section");
- &R1(-1,$A,$B,$C,$D,$X,16, 5,0xf61e2562);
- &R1( 0,$D,$A,$B,$C,$X,17, 9,0xc040b340);
- &R1( 0,$C,$D,$A,$B,$X,18,14,0x265e5a51);
- &R1( 0,$B,$C,$D,$A,$X,19,20,0xe9b6c7aa);
- &R1( 0,$A,$B,$C,$D,$X,20, 5,0xd62f105d);
- &R1( 0,$D,$A,$B,$C,$X,21, 9,0x02441453);
- &R1( 0,$C,$D,$A,$B,$X,22,14,0xd8a1e681);
- &R1( 0,$B,$C,$D,$A,$X,23,20,0xe7d3fbc8);
- &R1( 0,$A,$B,$C,$D,$X,24, 5,0x21e1cde6);
- &R1( 0,$D,$A,$B,$C,$X,25, 9,0xc33707d6);
- &R1( 0,$C,$D,$A,$B,$X,26,14,0xf4d50d87);
- &R1( 0,$B,$C,$D,$A,$X,27,20,0x455a14ed);
- &R1( 0,$A,$B,$C,$D,$X,28, 5,0xa9e3e905);
- &R1( 0,$D,$A,$B,$C,$X,29, 9,0xfcefa3f8);
- &R1( 0,$C,$D,$A,$B,$X,30,14,0x676f02d9);
- &R1( 1,$B,$C,$D,$A,$X,31,20,0x8d2a4c8a);
-
- &comment("");
- &comment("R2 section");
- &R2( 0,-1,$A,$B,$C,$D,$X,32, 4,0xfffa3942);
- &R2( 1, 0,$D,$A,$B,$C,$X,33,11,0x8771f681);
- &R2( 2, 0,$C,$D,$A,$B,$X,34,16,0x6d9d6122);
- &R2( 3, 0,$B,$C,$D,$A,$X,35,23,0xfde5380c);
- &R2( 4, 0,$A,$B,$C,$D,$X,36, 4,0xa4beea44);
- &R2( 5, 0,$D,$A,$B,$C,$X,37,11,0x4bdecfa9);
- &R2( 6, 0,$C,$D,$A,$B,$X,38,16,0xf6bb4b60);
- &R2( 7, 0,$B,$C,$D,$A,$X,39,23,0xbebfbc70);
- &R2( 8, 0,$A,$B,$C,$D,$X,40, 4,0x289b7ec6);
- &R2( 9, 0,$D,$A,$B,$C,$X,41,11,0xeaa127fa);
- &R2(10, 0,$C,$D,$A,$B,$X,42,16,0xd4ef3085);
- &R2(11, 0,$B,$C,$D,$A,$X,43,23,0x04881d05);
- &R2(12, 0,$A,$B,$C,$D,$X,44, 4,0xd9d4d039);
- &R2(13, 0,$D,$A,$B,$C,$X,45,11,0xe6db99e5);
- &R2(14, 0,$C,$D,$A,$B,$X,46,16,0x1fa27cf8);
- &R2(15, 1,$B,$C,$D,$A,$X,47,23,0xc4ac5665);
-
- &comment("");
- &comment("R3 section");
- &R3(-1,$A,$B,$C,$D,$X,48, 6,0xf4292244);
- &R3( 0,$D,$A,$B,$C,$X,49,10,0x432aff97);
- &R3( 0,$C,$D,$A,$B,$X,50,15,0xab9423a7);
- &R3( 0,$B,$C,$D,$A,$X,51,21,0xfc93a039);
- &R3( 0,$A,$B,$C,$D,$X,52, 6,0x655b59c3);
- &R3( 0,$D,$A,$B,$C,$X,53,10,0x8f0ccc92);
- &R3( 0,$C,$D,$A,$B,$X,54,15,0xffeff47d);
- &R3( 0,$B,$C,$D,$A,$X,55,21,0x85845dd1);
- &R3( 0,$A,$B,$C,$D,$X,56, 6,0x6fa87e4f);
- &R3( 0,$D,$A,$B,$C,$X,57,10,0xfe2ce6e0);
- &R3( 0,$C,$D,$A,$B,$X,58,15,0xa3014314);
- &R3( 0,$B,$C,$D,$A,$X,59,21,0x4e0811a1);
- &R3( 0,$A,$B,$C,$D,$X,60, 6,0xf7537e82);
- &R3( 0,$D,$A,$B,$C,$X,61,10,0xbd3af235);
- &R3( 0,$C,$D,$A,$B,$X,62,15,0x2ad7d2bb);
- &R3( 2,$B,$C,$D,$A,$X,63,21,0xeb86d391);
-
- # &mov($tmp2,&wparam(0)); # done in the last R3
- # &mov($tmp1, &DWP( 0,$tmp2,"",0)); # done is the last R3
-
- &add($A,$tmp1);
- &mov($tmp1, &DWP( 4,$tmp2,"",0));
-
- &add($B,$tmp1);
- &mov($tmp1, &DWP( 8,$tmp2,"",0));
-
- &add($C,$tmp1);
- &mov($tmp1, &DWP(12,$tmp2,"",0));
-
- &add($D,$tmp1);
- &mov(&DWP( 0,$tmp2,"",0),$A);
-
- &mov(&DWP( 4,$tmp2,"",0),$B);
- &mov($tmp1,&swtmp(0)) unless $normal;
-
- &mov(&DWP( 8,$tmp2,"",0),$C);
- &mov(&DWP(12,$tmp2,"",0),$D);
-
- &cmp($tmp1,$X) unless $normal; # check count
- &jge(&label("start")) unless $normal;
-
- &pop("eax"); # pop the temp variable off the stack
- &pop("ebx");
- &pop("ebp");
- &pop("edi");
- &pop("esi");
- &ret();
- &function_end_B($name);
- }
-
diff --git a/src/lib/libcrypto/md5/md5.h b/src/lib/libcrypto/md5/md5.h
deleted file mode 100644
index d10bc8397f..0000000000
--- a/src/lib/libcrypto/md5/md5.h
+++ /dev/null
@@ -1,114 +0,0 @@
-/* crypto/md5/md5.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MD5_H
-#define HEADER_MD5_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef NO_MD5
-#error MD5 is disabled.
-#endif
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! MD5_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! MD5_LONG_LOG2 has to be defined along. !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#if defined(WIN16) || defined(__LP32__)
-#define MD5_LONG unsigned long
-#elif defined(_CRAY) || defined(__ILP64__)
-#define MD5_LONG unsigned long
-#define MD5_LONG_LOG2 3
-/*
- * _CRAY note. I could declare short, but I have no idea what impact
- * does it have on performance on none-T3E machines. I could declare
- * int, but at least on C90 sizeof(int) can be chosen at compile time.
- * So I've chosen long...
- * <appro@fy.chalmers.se>
- */
-#else
-#define MD5_LONG unsigned int
-#endif
-
-#define MD5_CBLOCK 64
-#define MD5_LBLOCK (MD5_CBLOCK/4)
-#define MD5_DIGEST_LENGTH 16
-
-typedef struct MD5state_st
- {
- MD5_LONG A,B,C,D;
- MD5_LONG Nl,Nh;
- MD5_LONG data[MD5_LBLOCK];
- int num;
- } MD5_CTX;
-
-void MD5_Init(MD5_CTX *c);
-void MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
-void MD5_Final(unsigned char *md, MD5_CTX *c);
-unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
-void MD5_Transform(MD5_CTX *c, const unsigned char *b);
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/md5/md5_dgst.c b/src/lib/libcrypto/md5/md5_dgst.c
deleted file mode 100644
index 23d196b8d4..0000000000
--- a/src/lib/libcrypto/md5/md5_dgst.c
+++ /dev/null
@@ -1,319 +0,0 @@
-/* crypto/md5/md5_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "md5_locl.h"
-#include <openssl/opensslv.h>
-
-const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT;
-
-/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
- */
-
-#define INIT_DATA_A (unsigned long)0x67452301L
-#define INIT_DATA_B (unsigned long)0xefcdab89L
-#define INIT_DATA_C (unsigned long)0x98badcfeL
-#define INIT_DATA_D (unsigned long)0x10325476L
-
-void MD5_Init(MD5_CTX *c)
- {
- c->A=INIT_DATA_A;
- c->B=INIT_DATA_B;
- c->C=INIT_DATA_C;
- c->D=INIT_DATA_D;
- c->Nl=0;
- c->Nh=0;
- c->num=0;
- }
-
-#ifndef md5_block_host_order
-void md5_block_host_order (MD5_CTX *c, const void *data, int num)
- {
- const MD5_LONG *X=data;
- register unsigned long A,B,C,D;
- /*
- * In case you wonder why A-D are declared as long and not
- * as MD5_LONG. Doing so results in slight performance
- * boost on LP64 architectures. The catch is we don't
- * really care if 32 MSBs of a 64-bit register get polluted
- * with eventual overflows as we *save* only 32 LSBs in
- * *either* case. Now declaring 'em long excuses the compiler
- * from keeping 32 MSBs zeroed resulting in 13% performance
- * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
- * Well, to be honest it should say that this *prevents*
- * performance degradation.
- *
- * <appro@fy.chalmers.se>
- */
-
- A=c->A;
- B=c->B;
- C=c->C;
- D=c->D;
-
- for (;num--;X+=HASH_LBLOCK)
- {
- /* Round 0 */
- R0(A,B,C,D,X[ 0], 7,0xd76aa478L);
- R0(D,A,B,C,X[ 1],12,0xe8c7b756L);
- R0(C,D,A,B,X[ 2],17,0x242070dbL);
- R0(B,C,D,A,X[ 3],22,0xc1bdceeeL);
- R0(A,B,C,D,X[ 4], 7,0xf57c0fafL);
- R0(D,A,B,C,X[ 5],12,0x4787c62aL);
- R0(C,D,A,B,X[ 6],17,0xa8304613L);
- R0(B,C,D,A,X[ 7],22,0xfd469501L);
- R0(A,B,C,D,X[ 8], 7,0x698098d8L);
- R0(D,A,B,C,X[ 9],12,0x8b44f7afL);
- R0(C,D,A,B,X[10],17,0xffff5bb1L);
- R0(B,C,D,A,X[11],22,0x895cd7beL);
- R0(A,B,C,D,X[12], 7,0x6b901122L);
- R0(D,A,B,C,X[13],12,0xfd987193L);
- R0(C,D,A,B,X[14],17,0xa679438eL);
- R0(B,C,D,A,X[15],22,0x49b40821L);
- /* Round 1 */
- R1(A,B,C,D,X[ 1], 5,0xf61e2562L);
- R1(D,A,B,C,X[ 6], 9,0xc040b340L);
- R1(C,D,A,B,X[11],14,0x265e5a51L);
- R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL);
- R1(A,B,C,D,X[ 5], 5,0xd62f105dL);
- R1(D,A,B,C,X[10], 9,0x02441453L);
- R1(C,D,A,B,X[15],14,0xd8a1e681L);
- R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L);
- R1(A,B,C,D,X[ 9], 5,0x21e1cde6L);
- R1(D,A,B,C,X[14], 9,0xc33707d6L);
- R1(C,D,A,B,X[ 3],14,0xf4d50d87L);
- R1(B,C,D,A,X[ 8],20,0x455a14edL);
- R1(A,B,C,D,X[13], 5,0xa9e3e905L);
- R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L);
- R1(C,D,A,B,X[ 7],14,0x676f02d9L);
- R1(B,C,D,A,X[12],20,0x8d2a4c8aL);
- /* Round 2 */
- R2(A,B,C,D,X[ 5], 4,0xfffa3942L);
- R2(D,A,B,C,X[ 8],11,0x8771f681L);
- R2(C,D,A,B,X[11],16,0x6d9d6122L);
- R2(B,C,D,A,X[14],23,0xfde5380cL);
- R2(A,B,C,D,X[ 1], 4,0xa4beea44L);
- R2(D,A,B,C,X[ 4],11,0x4bdecfa9L);
- R2(C,D,A,B,X[ 7],16,0xf6bb4b60L);
- R2(B,C,D,A,X[10],23,0xbebfbc70L);
- R2(A,B,C,D,X[13], 4,0x289b7ec6L);
- R2(D,A,B,C,X[ 0],11,0xeaa127faL);
- R2(C,D,A,B,X[ 3],16,0xd4ef3085L);
- R2(B,C,D,A,X[ 6],23,0x04881d05L);
- R2(A,B,C,D,X[ 9], 4,0xd9d4d039L);
- R2(D,A,B,C,X[12],11,0xe6db99e5L);
- R2(C,D,A,B,X[15],16,0x1fa27cf8L);
- R2(B,C,D,A,X[ 2],23,0xc4ac5665L);
- /* Round 3 */
- R3(A,B,C,D,X[ 0], 6,0xf4292244L);
- R3(D,A,B,C,X[ 7],10,0x432aff97L);
- R3(C,D,A,B,X[14],15,0xab9423a7L);
- R3(B,C,D,A,X[ 5],21,0xfc93a039L);
- R3(A,B,C,D,X[12], 6,0x655b59c3L);
- R3(D,A,B,C,X[ 3],10,0x8f0ccc92L);
- R3(C,D,A,B,X[10],15,0xffeff47dL);
- R3(B,C,D,A,X[ 1],21,0x85845dd1L);
- R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL);
- R3(D,A,B,C,X[15],10,0xfe2ce6e0L);
- R3(C,D,A,B,X[ 6],15,0xa3014314L);
- R3(B,C,D,A,X[13],21,0x4e0811a1L);
- R3(A,B,C,D,X[ 4], 6,0xf7537e82L);
- R3(D,A,B,C,X[11],10,0xbd3af235L);
- R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL);
- R3(B,C,D,A,X[ 9],21,0xeb86d391L);
-
- A = c->A += A;
- B = c->B += B;
- C = c->C += C;
- D = c->D += D;
- }
- }
-#endif
-
-#ifndef md5_block_data_order
-#ifdef X
-#undef X
-#endif
-void md5_block_data_order (MD5_CTX *c, const void *data_, int num)
- {
- const unsigned char *data=data_;
- register unsigned long A,B,C,D,l;
- /*
- * In case you wonder why A-D are declared as long and not
- * as MD5_LONG. Doing so results in slight performance
- * boost on LP64 architectures. The catch is we don't
- * really care if 32 MSBs of a 64-bit register get polluted
- * with eventual overflows as we *save* only 32 LSBs in
- * *either* case. Now declaring 'em long excuses the compiler
- * from keeping 32 MSBs zeroed resulting in 13% performance
- * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
- * Well, to be honest it should say that this *prevents*
- * performance degradation.
- *
- * <appro@fy.chalmers.se>
- */
-#ifndef MD32_XARRAY
- /* See comment in crypto/sha/sha_locl.h for details. */
- unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
- XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-# define X(i) XX##i
-#else
- MD5_LONG XX[MD5_LBLOCK];
-# define X(i) XX[i]
-#endif
-
- A=c->A;
- B=c->B;
- C=c->C;
- D=c->D;
-
- for (;num--;)
- {
- HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
- /* Round 0 */
- R0(A,B,C,D,X( 0), 7,0xd76aa478L); HOST_c2l(data,l); X( 2)=l;
- R0(D,A,B,C,X( 1),12,0xe8c7b756L); HOST_c2l(data,l); X( 3)=l;
- R0(C,D,A,B,X( 2),17,0x242070dbL); HOST_c2l(data,l); X( 4)=l;
- R0(B,C,D,A,X( 3),22,0xc1bdceeeL); HOST_c2l(data,l); X( 5)=l;
- R0(A,B,C,D,X( 4), 7,0xf57c0fafL); HOST_c2l(data,l); X( 6)=l;
- R0(D,A,B,C,X( 5),12,0x4787c62aL); HOST_c2l(data,l); X( 7)=l;
- R0(C,D,A,B,X( 6),17,0xa8304613L); HOST_c2l(data,l); X( 8)=l;
- R0(B,C,D,A,X( 7),22,0xfd469501L); HOST_c2l(data,l); X( 9)=l;
- R0(A,B,C,D,X( 8), 7,0x698098d8L); HOST_c2l(data,l); X(10)=l;
- R0(D,A,B,C,X( 9),12,0x8b44f7afL); HOST_c2l(data,l); X(11)=l;
- R0(C,D,A,B,X(10),17,0xffff5bb1L); HOST_c2l(data,l); X(12)=l;
- R0(B,C,D,A,X(11),22,0x895cd7beL); HOST_c2l(data,l); X(13)=l;
- R0(A,B,C,D,X(12), 7,0x6b901122L); HOST_c2l(data,l); X(14)=l;
- R0(D,A,B,C,X(13),12,0xfd987193L); HOST_c2l(data,l); X(15)=l;
- R0(C,D,A,B,X(14),17,0xa679438eL);
- R0(B,C,D,A,X(15),22,0x49b40821L);
- /* Round 1 */
- R1(A,B,C,D,X( 1), 5,0xf61e2562L);
- R1(D,A,B,C,X( 6), 9,0xc040b340L);
- R1(C,D,A,B,X(11),14,0x265e5a51L);
- R1(B,C,D,A,X( 0),20,0xe9b6c7aaL);
- R1(A,B,C,D,X( 5), 5,0xd62f105dL);
- R1(D,A,B,C,X(10), 9,0x02441453L);
- R1(C,D,A,B,X(15),14,0xd8a1e681L);
- R1(B,C,D,A,X( 4),20,0xe7d3fbc8L);
- R1(A,B,C,D,X( 9), 5,0x21e1cde6L);
- R1(D,A,B,C,X(14), 9,0xc33707d6L);
- R1(C,D,A,B,X( 3),14,0xf4d50d87L);
- R1(B,C,D,A,X( 8),20,0x455a14edL);
- R1(A,B,C,D,X(13), 5,0xa9e3e905L);
- R1(D,A,B,C,X( 2), 9,0xfcefa3f8L);
- R1(C,D,A,B,X( 7),14,0x676f02d9L);
- R1(B,C,D,A,X(12),20,0x8d2a4c8aL);
- /* Round 2 */
- R2(A,B,C,D,X( 5), 4,0xfffa3942L);
- R2(D,A,B,C,X( 8),11,0x8771f681L);
- R2(C,D,A,B,X(11),16,0x6d9d6122L);
- R2(B,C,D,A,X(14),23,0xfde5380cL);
- R2(A,B,C,D,X( 1), 4,0xa4beea44L);
- R2(D,A,B,C,X( 4),11,0x4bdecfa9L);
- R2(C,D,A,B,X( 7),16,0xf6bb4b60L);
- R2(B,C,D,A,X(10),23,0xbebfbc70L);
- R2(A,B,C,D,X(13), 4,0x289b7ec6L);
- R2(D,A,B,C,X( 0),11,0xeaa127faL);
- R2(C,D,A,B,X( 3),16,0xd4ef3085L);
- R2(B,C,D,A,X( 6),23,0x04881d05L);
- R2(A,B,C,D,X( 9), 4,0xd9d4d039L);
- R2(D,A,B,C,X(12),11,0xe6db99e5L);
- R2(C,D,A,B,X(15),16,0x1fa27cf8L);
- R2(B,C,D,A,X( 2),23,0xc4ac5665L);
- /* Round 3 */
- R3(A,B,C,D,X( 0), 6,0xf4292244L);
- R3(D,A,B,C,X( 7),10,0x432aff97L);
- R3(C,D,A,B,X(14),15,0xab9423a7L);
- R3(B,C,D,A,X( 5),21,0xfc93a039L);
- R3(A,B,C,D,X(12), 6,0x655b59c3L);
- R3(D,A,B,C,X( 3),10,0x8f0ccc92L);
- R3(C,D,A,B,X(10),15,0xffeff47dL);
- R3(B,C,D,A,X( 1),21,0x85845dd1L);
- R3(A,B,C,D,X( 8), 6,0x6fa87e4fL);
- R3(D,A,B,C,X(15),10,0xfe2ce6e0L);
- R3(C,D,A,B,X( 6),15,0xa3014314L);
- R3(B,C,D,A,X(13),21,0x4e0811a1L);
- R3(A,B,C,D,X( 4), 6,0xf7537e82L);
- R3(D,A,B,C,X(11),10,0xbd3af235L);
- R3(C,D,A,B,X( 2),15,0x2ad7d2bbL);
- R3(B,C,D,A,X( 9),21,0xeb86d391L);
-
- A = c->A += A;
- B = c->B += B;
- C = c->C += C;
- D = c->D += D;
- }
- }
-#endif
-
-#ifdef undef
-int printit(unsigned long *l)
- {
- int i,ii;
-
- for (i=0; i<2; i++)
- {
- for (ii=0; ii<8; ii++)
- {
- fprintf(stderr,"%08lx ",l[i*8+ii]);
- }
- fprintf(stderr,"\n");
- }
- }
-#endif
diff --git a/src/lib/libcrypto/md5/md5_locl.h b/src/lib/libcrypto/md5/md5_locl.h
deleted file mode 100644
index c912484122..0000000000
--- a/src/lib/libcrypto/md5/md5_locl.h
+++ /dev/null
@@ -1,172 +0,0 @@
-/* crypto/md5/md5_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#include <openssl/md5.h>
-
-#ifndef MD5_LONG_LOG2
-#define MD5_LONG_LOG2 2 /* default to 32 bits */
-#endif
-
-#ifdef MD5_ASM
-# if defined(__i386) || defined(_M_IX86) || defined(__INTEL__)
-# define md5_block_host_order md5_block_asm_host_order
-# elif defined(__sparc) && defined(ULTRASPARC)
- void md5_block_asm_data_order_aligned (MD5_CTX *c, const MD5_LONG *p,int num);
-# define HASH_BLOCK_DATA_ORDER_ALIGNED md5_block_asm_data_order_aligned
-# endif
-#endif
-
-void md5_block_host_order (MD5_CTX *c, const void *p,int num);
-void md5_block_data_order (MD5_CTX *c, const void *p,int num);
-
-#if defined(__i386) || defined(_M_IX86) || defined(__INTEL__)
-/*
- * *_block_host_order is expected to handle aligned data while
- * *_block_data_order - unaligned. As algorithm and host (x86)
- * are in this case of the same "endianness" these two are
- * otherwise indistinguishable. But normally you don't want to
- * call the same function because unaligned access in places
- * where alignment is expected is usually a "Bad Thing". Indeed,
- * on RISCs you get punished with BUS ERROR signal or *severe*
- * performance degradation. Intel CPUs are in turn perfectly
- * capable of loading unaligned data without such drastic side
- * effect. Yes, they say it's slower than aligned load, but no
- * exception is generated and therefore performance degradation
- * is *incomparable* with RISCs. What we should weight here is
- * costs of unaligned access against costs of aligning data.
- * According to my measurements allowing unaligned access results
- * in ~9% performance improvement on Pentium II operating at
- * 266MHz. I won't be surprised if the difference will be higher
- * on faster systems:-)
- *
- * <appro@fy.chalmers.se>
- */
-#define md5_block_data_order md5_block_host_order
-#endif
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG MD5_LONG
-#define HASH_LONG_LOG2 MD5_LONG_LOG2
-#define HASH_CTX MD5_CTX
-#define HASH_CBLOCK MD5_CBLOCK
-#define HASH_LBLOCK MD5_LBLOCK
-#define HASH_UPDATE MD5_Update
-#define HASH_TRANSFORM MD5_Transform
-#define HASH_FINAL MD5_Final
-#define HASH_MAKE_STRING(c,s) do { \
- unsigned long ll; \
- ll=(c)->A; HOST_l2c(ll,(s)); \
- ll=(c)->B; HOST_l2c(ll,(s)); \
- ll=(c)->C; HOST_l2c(ll,(s)); \
- ll=(c)->D; HOST_l2c(ll,(s)); \
- } while (0)
-#define HASH_BLOCK_HOST_ORDER md5_block_host_order
-#if !defined(L_ENDIAN) || defined(md5_block_data_order)
-#define HASH_BLOCK_DATA_ORDER md5_block_data_order
-/*
- * Little-endians (Intel and Alpha) feel better without this.
- * It looks like memcpy does better job than generic
- * md5_block_data_order on copying-n-aligning input data.
- * But frankly speaking I didn't expect such result on Alpha.
- * On the other hand I've got this with egcs-1.0.2 and if
- * program is compiled with another (better?) compiler it
- * might turn out other way around.
- *
- * <appro@fy.chalmers.se>
- */
-#endif
-
-#include "md32_common.h"
-
-/*
-#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
-#define G(x,y,z) (((x) & (z)) | ((y) & (~(z))))
-*/
-
-/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
- * simplified to the code below. Wei attributes these optimizations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- */
-#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
-#define G(b,c,d) ((((b) ^ (c)) & (d)) ^ (c))
-#define H(b,c,d) ((b) ^ (c) ^ (d))
-#define I(b,c,d) (((~(d)) | (b)) ^ (c))
-
-#define R0(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+F((b),(c),(d))); \
- a=ROTATE(a,s); \
- a+=b; };\
-
-#define R1(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+G((b),(c),(d))); \
- a=ROTATE(a,s); \
- a+=b; };
-
-#define R2(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+H((b),(c),(d))); \
- a=ROTATE(a,s); \
- a+=b; };
-
-#define R3(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+I((b),(c),(d))); \
- a=ROTATE(a,s); \
- a+=b; };
diff --git a/src/lib/libcrypto/md5/md5_one.c b/src/lib/libcrypto/md5/md5_one.c
deleted file mode 100644
index b89dec850d..0000000000
--- a/src/lib/libcrypto/md5/md5_one.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/md5/md5_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/md5.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md)
- {
- MD5_CTX c;
- static unsigned char m[MD5_DIGEST_LENGTH];
-
- if (md == NULL) md=m;
- MD5_Init(&c);
-#ifndef CHARSET_EBCDIC
- MD5_Update(&c,d,n);
-#else
- {
- char temp[1024];
- unsigned long chunk;
-
- while (n > 0)
- {
- chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
- ebcdic2ascii(temp, d, chunk);
- MD5_Update(&c,temp,chunk);
- n -= chunk;
- d += chunk;
- }
- }
-#endif
- MD5_Final(md,&c);
- memset(&c,0,sizeof(c)); /* security consideration */
- return(md);
- }
-
diff --git a/src/lib/libcrypto/mem_dbg.c b/src/lib/libcrypto/mem_dbg.c
deleted file mode 100644
index ef19d8f844..0000000000
--- a/src/lib/libcrypto/mem_dbg.c
+++ /dev/null
@@ -1,756 +0,0 @@
-/* crypto/mem_dbg.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
-#include "cryptlib.h"
-
-static int mh_mode=CRYPTO_MEM_CHECK_OFF;
-/* The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE
- * when the application asks for it (usually after library initialisation
- * for which no book-keeping is desired).
- *
- * State CRYPTO_MEM_CHECK_ON exists only temporarily when the library
- * thinks that certain allocations should not be checked (e.g. the data
- * structures used for memory checking). It is not suitable as an initial
- * state: the library will unexpectedly enable memory checking when it
- * executes one of those sections that want to disable checking
- * temporarily.
- *
- * State CRYPTO_MEM_CHECK_ENABLE without ..._ON makes no sense whatsoever.
- */
-
-static unsigned long order = 0; /* number of memory requests */
-static LHASH *mh=NULL; /* hash-table of memory requests (address as key);
- * access requires MALLOC2 lock */
-
-
-typedef struct app_mem_info_st
-/* For application-defined information (static C-string `info')
- * to be displayed in memory leak list.
- * Each thread has its own stack. For applications, there is
- * CRYPTO_push_info("...") to push an entry,
- * CRYPTO_pop_info() to pop an entry,
- * CRYPTO_remove_all_info() to pop all entries.
- */
- {
- unsigned long thread;
- const char *file;
- int line;
- const char *info;
- struct app_mem_info_st *next; /* tail of thread's stack */
- int references;
- } APP_INFO;
-
-static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's
- * that are at the top of their thread's stack
- * (with `thread' as key);
- * access requires MALLOC2 lock */
-
-typedef struct mem_st
-/* memory-block description */
- {
- void *addr;
- int num;
- const char *file;
- int line;
- unsigned long thread;
- unsigned long order;
- time_t time;
- APP_INFO *app_info;
- } MEM;
-
-static long options = /* extra information to be recorded */
-#if defined(CRYPTO_MDEBUG_TIME) || defined(CRYPTO_MDEBUG_ALL)
- V_CRYPTO_MDEBUG_TIME |
-#endif
-#if defined(CRYPTO_MDEBUG_THREAD) || defined(CRYPTO_MDEBUG_ALL)
- V_CRYPTO_MDEBUG_THREAD |
-#endif
- 0;
-
-
-static unsigned int num_disable = 0; /* num_disable > 0
- * iff
- * mh_mode == CRYPTO_MEM_CHECK_ON (w/o ..._ENABLE)
- */
-static unsigned long disabling_thread = 0; /* Valid iff num_disable > 0.
- * CRYPTO_LOCK_MALLOC2 is locked
- * exactly in this case (by the
- * thread named in disabling_thread).
- */
-
-int CRYPTO_mem_ctrl(int mode)
- {
- int ret=mh_mode;
-
- CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
- switch (mode)
- {
- /* for applications (not to be called while multiple threads
- * use the library): */
- case CRYPTO_MEM_CHECK_ON: /* aka MemCheck_start() */
- mh_mode = CRYPTO_MEM_CHECK_ON|CRYPTO_MEM_CHECK_ENABLE;
- num_disable = 0;
- break;
- case CRYPTO_MEM_CHECK_OFF: /* aka MemCheck_stop() */
- mh_mode = 0;
- num_disable = 0; /* should be true *before* MemCheck_stop is used,
- or there'll be a lot of confusion */
- break;
-
- /* switch off temporarily (for library-internal use): */
- case CRYPTO_MEM_CHECK_DISABLE: /* aka MemCheck_off() */
- if (mh_mode & CRYPTO_MEM_CHECK_ON)
- {
- if (!num_disable || (disabling_thread != CRYPTO_thread_id())) /* otherwise we already have the MALLOC2 lock */
- {
- /* Long-time lock CRYPTO_LOCK_MALLOC2 must not be claimed while
- * we're holding CRYPTO_LOCK_MALLOC, or we'll deadlock if
- * somebody else holds CRYPTO_LOCK_MALLOC2 (and cannot release
- * it because we block entry to this function).
- * Give them a chance, first, and then claim the locks in
- * appropriate order (long-time lock first).
- */
- CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
- /* Note that after we have waited for CRYPTO_LOCK_MALLOC2
- * and CRYPTO_LOCK_MALLOC, we'll still be in the right
- * "case" and "if" branch because MemCheck_start and
- * MemCheck_stop may never be used while there are multiple
- * OpenSSL threads. */
- CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
- CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
- mh_mode &= ~CRYPTO_MEM_CHECK_ENABLE;
- disabling_thread=CRYPTO_thread_id();
- }
- num_disable++;
- }
- break;
- case CRYPTO_MEM_CHECK_ENABLE: /* aka MemCheck_on() */
- if (mh_mode & CRYPTO_MEM_CHECK_ON)
- {
- if (num_disable) /* always true, or something is going wrong */
- {
- num_disable--;
- if (num_disable == 0)
- {
- mh_mode|=CRYPTO_MEM_CHECK_ENABLE;
- CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
- }
- }
- }
- break;
-
- default:
- break;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
- return(ret);
- }
-
-int CRYPTO_is_mem_check_on(void)
- {
- int ret = 0;
-
- if (mh_mode & CRYPTO_MEM_CHECK_ON)
- {
- CRYPTO_r_lock(CRYPTO_LOCK_MALLOC);
-
- ret = (mh_mode & CRYPTO_MEM_CHECK_ENABLE)
- || (disabling_thread != CRYPTO_thread_id());
-
- CRYPTO_r_unlock(CRYPTO_LOCK_MALLOC);
- }
- return(ret);
- }
-
-
-void CRYPTO_dbg_set_options(long bits)
- {
- options = bits;
- }
-
-long CRYPTO_dbg_get_options(void)
- {
- return options;
- }
-
-static int mem_cmp(MEM *a, MEM *b)
- {
- return((char *)a->addr - (char *)b->addr);
- }
-
-static unsigned long mem_hash(MEM *a)
- {
- unsigned long ret;
-
- ret=(unsigned long)a->addr;
-
- ret=ret*17851+(ret>>14)*7+(ret>>4)*251;
- return(ret);
- }
-
-static int app_info_cmp(APP_INFO *a, APP_INFO *b)
- {
- return(a->thread != b->thread);
- }
-
-static unsigned long app_info_hash(APP_INFO *a)
- {
- unsigned long ret;
-
- ret=(unsigned long)a->thread;
-
- ret=ret*17851+(ret>>14)*7+(ret>>4)*251;
- return(ret);
- }
-
-static APP_INFO *pop_info()
- {
- APP_INFO tmp;
- APP_INFO *ret = NULL;
-
- if (amih != NULL)
- {
- tmp.thread=CRYPTO_thread_id();
- if ((ret=(APP_INFO *)lh_delete(amih,&tmp)) != NULL)
- {
- APP_INFO *next=ret->next;
-
- if (next != NULL)
- {
- next->references++;
- lh_insert(amih,(char *)next);
- }
-#ifdef LEVITTE_DEBUG
- if (ret->thread != tmp.thread)
- {
- fprintf(stderr, "pop_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
- ret->thread, tmp.thread);
- abort();
- }
-#endif
- if (--(ret->references) <= 0)
- {
- ret->next = NULL;
- if (next != NULL)
- next->references--;
- OPENSSL_free(ret);
- }
- }
- }
- return(ret);
- }
-
-int CRYPTO_push_info_(const char *info, const char *file, int line)
- {
- APP_INFO *ami, *amim;
- int ret=0;
-
- if (is_MemCheck_on())
- {
- MemCheck_off(); /* obtain MALLOC2 lock */
-
- if ((ami = (APP_INFO *)OPENSSL_malloc(sizeof(APP_INFO))) == NULL)
- {
- ret=0;
- goto err;
- }
- if (amih == NULL)
- {
- if ((amih=lh_new(app_info_hash,app_info_cmp)) == NULL)
- {
- OPENSSL_free(ami);
- ret=0;
- goto err;
- }
- }
-
- ami->thread=CRYPTO_thread_id();
- ami->file=file;
- ami->line=line;
- ami->info=info;
- ami->references=1;
- ami->next=NULL;
-
- if ((amim=(APP_INFO *)lh_insert(amih,(char *)ami)) != NULL)
- {
-#ifdef LEVITTE_DEBUG
- if (ami->thread != amim->thread)
- {
- fprintf(stderr, "CRYPTO_push_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
- amim->thread, ami->thread);
- abort();
- }
-#endif
- ami->next=amim;
- }
- err:
- MemCheck_on(); /* release MALLOC2 lock */
- }
-
- return(ret);
- }
-
-int CRYPTO_pop_info(void)
- {
- int ret=0;
-
- if (is_MemCheck_on()) /* _must_ be true, or something went severely wrong */
- {
- MemCheck_off(); /* obtain MALLOC2 lock */
-
- ret=(pop_info() != NULL);
-
- MemCheck_on(); /* release MALLOC2 lock */
- }
- return(ret);
- }
-
-int CRYPTO_remove_all_info(void)
- {
- int ret=0;
-
- if (is_MemCheck_on()) /* _must_ be true */
- {
- MemCheck_off(); /* obtain MALLOC2 lock */
-
- while(pop_info() != NULL)
- ret++;
-
- MemCheck_on(); /* release MALLOC2 lock */
- }
- return(ret);
- }
-
-
-static unsigned long break_order_num=0;
-void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
- int before_p)
- {
- MEM *m,*mm;
- APP_INFO tmp,*amim;
-
- switch(before_p & 127)
- {
- case 0:
- break;
- case 1:
- if (addr == NULL)
- break;
-
- if (is_MemCheck_on())
- {
- MemCheck_off(); /* make sure we hold MALLOC2 lock */
- if ((m=(MEM *)OPENSSL_malloc(sizeof(MEM))) == NULL)
- {
- OPENSSL_free(addr);
- MemCheck_on(); /* release MALLOC2 lock
- * if num_disabled drops to 0 */
- return;
- }
- if (mh == NULL)
- {
- if ((mh=lh_new(mem_hash,mem_cmp)) == NULL)
- {
- OPENSSL_free(addr);
- OPENSSL_free(m);
- addr=NULL;
- goto err;
- }
- }
-
- m->addr=addr;
- m->file=file;
- m->line=line;
- m->num=num;
- if (options & V_CRYPTO_MDEBUG_THREAD)
- m->thread=CRYPTO_thread_id();
- else
- m->thread=0;
-
- if (order == break_order_num)
- {
- /* BREAK HERE */
- m->order=order;
- }
- m->order=order++;
-#ifdef LEVITTE_DEBUG
- fprintf(stderr, "LEVITTE_DEBUG: [%5d] %c 0x%p (%d)\n",
- m->order,
- (before_p & 128) ? '*' : '+',
- m->addr, m->num);
-#endif
- if (options & V_CRYPTO_MDEBUG_TIME)
- m->time=time(NULL);
- else
- m->time=0;
-
- tmp.thread=CRYPTO_thread_id();
- m->app_info=NULL;
- if (amih != NULL
- && (amim=(APP_INFO *)lh_retrieve(amih,(char *)&tmp)) != NULL)
- {
- m->app_info = amim;
- amim->references++;
- }
-
- if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL)
- {
- /* Not good, but don't sweat it */
- if (mm->app_info != NULL)
- {
- mm->app_info->references--;
- }
- OPENSSL_free(mm);
- }
- err:
- MemCheck_on(); /* release MALLOC2 lock
- * if num_disabled drops to 0 */
- }
- break;
- }
- return;
- }
-
-void CRYPTO_dbg_free(void *addr, int before_p)
- {
- MEM m,*mp;
-
- switch(before_p)
- {
- case 0:
- if (addr == NULL)
- break;
-
- if (is_MemCheck_on() && (mh != NULL))
- {
- MemCheck_off(); /* make sure we hold MALLOC2 lock */
-
- m.addr=addr;
- mp=(MEM *)lh_delete(mh,(char *)&m);
- if (mp != NULL)
- {
-#ifdef LEVITTE_DEBUG
- fprintf(stderr, "LEVITTE_DEBUG: [%5d] - 0x%p (%d)\n",
- mp->order, mp->addr, mp->num);
-#endif
- if (mp->app_info != NULL)
- {
- mp->app_info->references--;
- }
- OPENSSL_free(mp);
- }
-
- MemCheck_on(); /* release MALLOC2 lock
- * if num_disabled drops to 0 */
- }
- break;
- case 1:
- break;
- }
- }
-
-void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num,
- const char *file, int line, int before_p)
- {
- MEM m,*mp;
-
-#ifdef LEVITTE_DEBUG
- fprintf(stderr, "LEVITTE_DEBUG: --> CRYPTO_dbg_malloc(addr1 = %p, addr2 = %p, num = %d, file = \"%s\", line = %d, before_p = %d)\n",
- addr1, addr2, num, file, line, before_p);
-#endif
-
- switch(before_p)
- {
- case 0:
- break;
- case 1:
- if (addr2 == NULL)
- break;
-
- if (addr1 == NULL)
- {
- CRYPTO_dbg_malloc(addr2, num, file, line, 128 | before_p);
- break;
- }
-
- if (is_MemCheck_on())
- {
- MemCheck_off(); /* make sure we hold MALLOC2 lock */
-
- m.addr=addr1;
- mp=(MEM *)lh_delete(mh,(char *)&m);
- if (mp != NULL)
- {
-#ifdef LEVITTE_DEBUG
- fprintf(stderr, "LEVITTE_DEBUG: [%5d] * 0x%p (%d) -> 0x%p (%d)\n",
- mp->order,
- mp->addr, mp->num,
- addr2, num);
-#endif
- mp->addr=addr2;
- mp->num=num;
- lh_insert(mh,(char *)mp);
- }
-
- MemCheck_on(); /* release MALLOC2 lock
- * if num_disabled drops to 0 */
- }
- break;
- }
- return;
- }
-
-
-typedef struct mem_leak_st
- {
- BIO *bio;
- int chunks;
- long bytes;
- } MEM_LEAK;
-
-static void print_leak(MEM *m, MEM_LEAK *l)
- {
- char buf[1024];
- char *bufp = buf;
- APP_INFO *amip;
- int ami_cnt;
- struct tm *lcl = NULL;
- unsigned long ti;
-
- if(m->addr == (char *)l->bio)
- return;
-
- if (options & V_CRYPTO_MDEBUG_TIME)
- {
- lcl = localtime(&m->time);
-
- sprintf(bufp, "[%02d:%02d:%02d] ",
- lcl->tm_hour,lcl->tm_min,lcl->tm_sec);
- bufp += strlen(bufp);
- }
-
- sprintf(bufp, "%5lu file=%s, line=%d, ",
- m->order,m->file,m->line);
- bufp += strlen(bufp);
-
- if (options & V_CRYPTO_MDEBUG_THREAD)
- {
- sprintf(bufp, "thread=%lu, ", m->thread);
- bufp += strlen(bufp);
- }
-
- sprintf(bufp, "number=%d, address=%08lX\n",
- m->num,(unsigned long)m->addr);
- bufp += strlen(bufp);
-
- BIO_puts(l->bio,buf);
-
- l->chunks++;
- l->bytes+=m->num;
-
- amip=m->app_info;
- ami_cnt=0;
- if (!amip)
- return;
- ti=amip->thread;
-
- do
- {
- int buf_len;
- int info_len;
-
- ami_cnt++;
- memset(buf,'>',ami_cnt);
- sprintf(buf + ami_cnt,
- " thread=%lu, file=%s, line=%d, info=\"",
- amip->thread, amip->file, amip->line);
- buf_len=strlen(buf);
- info_len=strlen(amip->info);
- if (128 - buf_len - 3 < info_len)
- {
- memcpy(buf + buf_len, amip->info, 128 - buf_len - 3);
- buf_len = 128 - 3;
- }
- else
- {
- strcpy(buf + buf_len, amip->info);
- buf_len = strlen(buf);
- }
- sprintf(buf + buf_len, "\"\n");
-
- BIO_puts(l->bio,buf);
-
- amip = amip->next;
- }
- while(amip && amip->thread == ti);
-
-#ifdef LEVITTE_DEBUG
- if (amip)
- {
- fprintf(stderr, "Thread switch detected in backtrace!!!!\n");
- abort();
- }
-#endif
- }
-
-void CRYPTO_mem_leaks(BIO *b)
- {
- MEM_LEAK ml;
- char buf[80];
-
- if (mh == NULL && amih == NULL)
- return;
-
- MemCheck_off(); /* obtain MALLOC2 lock */
-
- ml.bio=b;
- ml.bytes=0;
- ml.chunks=0;
- if (mh != NULL)
- lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml);
- if (ml.chunks != 0)
- {
- sprintf(buf,"%ld bytes leaked in %d chunks\n",
- ml.bytes,ml.chunks);
- BIO_puts(b,buf);
- }
- else
- {
- /* Make sure that, if we found no leaks, memory-leak debugging itself
- * does not introduce memory leaks (which might irritate
- * external debugging tools).
- * (When someone enables leak checking, but does not call
- * this function, we declare it to be their fault.)
- *
- * XXX This should be in CRYPTO_mem_leaks_cb,
- * and CRYPTO_mem_leaks should be implemented by
- * using CRYPTO_mem_leaks_cb.
- * (Also their should be a variant of lh_doall_arg
- * that takes a function pointer instead of a void *;
- * this would obviate the ugly and illegal
- * void_fn_to_char kludge in CRYPTO_mem_leaks_cb.
- * Otherwise the code police will come and get us.)
- */
- int old_mh_mode;
-
- CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
-
- /* avoid deadlock when lh_free() uses CRYPTO_dbg_free(),
- * which uses CRYPTO_is_mem_check_on */
- old_mh_mode = mh_mode;
- mh_mode = CRYPTO_MEM_CHECK_OFF;
-
- if (mh != NULL)
- {
- lh_free(mh);
- mh = NULL;
- }
- if (amih != NULL)
- {
- if (lh_num_items(amih) == 0)
- {
- lh_free(amih);
- amih = NULL;
- }
- }
-
- mh_mode = old_mh_mode;
- CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
- }
- MemCheck_on(); /* release MALLOC2 lock */
- }
-
-#ifndef NO_FP_API
-void CRYPTO_mem_leaks_fp(FILE *fp)
- {
- BIO *b;
-
- if (mh == NULL) return;
- if ((b=BIO_new(BIO_s_file())) == NULL)
- return;
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- CRYPTO_mem_leaks(b);
- BIO_free(b);
- }
-#endif
-
-
-
-/* FIXME: We really don't allow much to the callback. For example, it has
- no chance of reaching the info stack for the item it processes. Should
- it really be this way? -- Richard Levitte */
-static void cb_leak(MEM *m,
- void (**cb)(unsigned long, const char *, int, int, void *))
- {
- (**cb)(m->order,m->file,m->line,m->num,m->addr);
- }
-
-void CRYPTO_mem_leaks_cb(void (*cb)(unsigned long, const char *, int, int, void *))
- {
- if (mh == NULL) return;
- CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
- lh_doall_arg(mh,(void (*)())cb_leak,(void *)&cb);
- CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
- }
diff --git a/src/lib/libcrypto/objects/o_names.c b/src/lib/libcrypto/objects/o_names.c
deleted file mode 100644
index dca988230e..0000000000
--- a/src/lib/libcrypto/objects/o_names.c
+++ /dev/null
@@ -1,266 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/safestack.h>
-
-/* I use the ex_data stuff to manage the identifiers for the obj_name_types
- * that applications may define. I only really use the free function field.
- */
-static LHASH *names_lh=NULL;
-static int names_type_num=OBJ_NAME_TYPE_NUM;
-
-typedef struct name_funcs_st
- {
- unsigned long (*hash_func)();
- int (*cmp_func)();
- void (*free_func)();
- } NAME_FUNCS;
-
-DECLARE_STACK_OF(NAME_FUNCS)
-IMPLEMENT_STACK_OF(NAME_FUNCS)
-
-static STACK_OF(NAME_FUNCS) *name_funcs_stack;
-
-static unsigned long obj_name_hash(OBJ_NAME *a);
-static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b);
-
-int OBJ_NAME_init(void)
- {
- if (names_lh != NULL) return(1);
- MemCheck_off();
- names_lh=lh_new(obj_name_hash,obj_name_cmp);
- MemCheck_on();
- return(names_lh != NULL);
- }
-
-int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
- int (*cmp_func)(const void *, const void *),
- void (*free_func)(const char *, int, const char *))
- {
- int ret;
- int i;
- NAME_FUNCS *name_funcs;
-
- if (name_funcs_stack == NULL)
- {
- MemCheck_off();
- name_funcs_stack=sk_NAME_FUNCS_new_null();
- MemCheck_on();
- }
- if ((name_funcs_stack == NULL))
- {
- /* ERROR */
- return(0);
- }
- ret=names_type_num;
- names_type_num++;
- for (i=sk_NAME_FUNCS_num(name_funcs_stack); i<names_type_num; i++)
- {
- MemCheck_off();
- name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS));
- name_funcs->hash_func = lh_strhash;
- name_funcs->cmp_func = (int (*)())strcmp;
- name_funcs->free_func = 0; /* NULL is often declared to
- * ((void *)0), which according
- * to Compaq C is not really
- * compatible with a function
- * pointer. -- Richard Levitte*/
- sk_NAME_FUNCS_push(name_funcs_stack,name_funcs);
- MemCheck_on();
- }
- name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret);
- if (hash_func != NULL)
- name_funcs->hash_func = hash_func;
- if (cmp_func != NULL)
- name_funcs->cmp_func = cmp_func;
- if (free_func != NULL)
- name_funcs->free_func = free_func;
- return(ret);
- }
-
-static int obj_name_cmp(OBJ_NAME *a, OBJ_NAME *b)
- {
- int ret;
-
- ret=a->type-b->type;
- if (ret == 0)
- {
- if ((name_funcs_stack != NULL)
- && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type))
- {
- ret=sk_NAME_FUNCS_value(name_funcs_stack,a->type)
- ->cmp_func(a->name,b->name);
- }
- else
- ret=strcmp(a->name,b->name);
- }
- return(ret);
- }
-
-static unsigned long obj_name_hash(OBJ_NAME *a)
- {
- unsigned long ret;
-
- if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type))
- {
- ret=sk_NAME_FUNCS_value(name_funcs_stack,a->type)
- ->hash_func(a->name);
- }
- else
- {
- ret=lh_strhash(a->name);
- }
- ret^=a->type;
- return(ret);
- }
-
-const char *OBJ_NAME_get(const char *name, int type)
- {
- OBJ_NAME on,*ret;
- int num=0,alias;
-
- if (name == NULL) return(NULL);
- if ((names_lh == NULL) && !OBJ_NAME_init()) return(NULL);
-
- alias=type&OBJ_NAME_ALIAS;
- type&= ~OBJ_NAME_ALIAS;
-
- on.name=name;
- on.type=type;
-
- for (;;)
- {
- ret=(OBJ_NAME *)lh_retrieve(names_lh,&on);
- if (ret == NULL) return(NULL);
- if ((ret->alias) && !alias)
- {
- if (++num > 10) return(NULL);
- on.name=ret->data;
- }
- else
- {
- return(ret->data);
- }
- }
- }
-
-int OBJ_NAME_add(const char *name, int type, const char *data)
- {
- OBJ_NAME *onp,*ret;
- int alias;
-
- if ((names_lh == NULL) && !OBJ_NAME_init()) return(0);
-
- alias=type&OBJ_NAME_ALIAS;
- type&= ~OBJ_NAME_ALIAS;
-
- onp=(OBJ_NAME *)OPENSSL_malloc(sizeof(OBJ_NAME));
- if (onp == NULL)
- {
- /* ERROR */
- return(0);
- }
-
- onp->name=name;
- onp->alias=alias;
- onp->type=type;
- onp->data=data;
-
- ret=(OBJ_NAME *)lh_insert(names_lh,onp);
- if (ret != NULL)
- {
- /* free things */
- if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type))
- {
- /* XXX: I'm not sure I understand why the free
- * function should get three arguments...
- * -- Richard Levitte
- */
- sk_NAME_FUNCS_value(name_funcs_stack,ret->type)
- ->free_func(ret->name,ret->type,ret->data);
- }
- OPENSSL_free(ret);
- }
- else
- {
- if (lh_error(names_lh))
- {
- /* ERROR */
- return(0);
- }
- }
- return(1);
- }
-
-int OBJ_NAME_remove(const char *name, int type)
- {
- OBJ_NAME on,*ret;
-
- if (names_lh == NULL) return(0);
-
- type&= ~OBJ_NAME_ALIAS;
- on.name=name;
- on.type=type;
- ret=(OBJ_NAME *)lh_delete(names_lh,&on);
- if (ret != NULL)
- {
- /* free things */
- if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type))
- {
- /* XXX: I'm not sure I understand why the free
- * function should get three arguments...
- * -- Richard Levitte
- */
- sk_NAME_FUNCS_value(name_funcs_stack,ret->type)
- ->free_func(ret->name,ret->type,ret->data);
- }
- OPENSSL_free(ret);
- return(1);
- }
- else
- return(0);
- }
-
-static int free_type;
-
-static void names_lh_free(OBJ_NAME *onp, int type)
-{
- if(onp == NULL)
- return;
-
- if ((free_type < 0) || (free_type == onp->type))
- {
- OBJ_NAME_remove(onp->name,onp->type);
- }
- }
-
-static void name_funcs_free(NAME_FUNCS *ptr)
- {
- OPENSSL_free(ptr);
- }
-
-void OBJ_NAME_cleanup(int type)
- {
- unsigned long down_load;
-
- if (names_lh == NULL) return;
-
- free_type=type;
- down_load=names_lh->down_load;
- names_lh->down_load=0;
-
- lh_doall(names_lh,names_lh_free);
- if (type < 0)
- {
- lh_free(names_lh);
- sk_NAME_FUNCS_pop_free(name_funcs_stack,name_funcs_free);
- names_lh=NULL;
- name_funcs_stack = NULL;
- }
- else
- names_lh->down_load=down_load;
- }
-
diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c
deleted file mode 100644
index 4b1bb9583a..0000000000
--- a/src/lib/libcrypto/objects/obj_dat.c
+++ /dev/null
@@ -1,657 +0,0 @@
-/* crypto/objects/obj_dat.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-
-/* obj_dat.h is generated from objects.h by obj_dat.pl */
-#ifndef NO_OBJECT
-#include "obj_dat.h"
-#else
-/* You will have to load all the objects needed manually in the application */
-#define NUM_NID 0
-#define NUM_SN 0
-#define NUM_LN 0
-#define NUM_OBJ 0
-static unsigned char lvalues[1];
-static ASN1_OBJECT nid_objs[1];
-static ASN1_OBJECT *sn_objs[1];
-static ASN1_OBJECT *ln_objs[1];
-static ASN1_OBJECT *obj_objs[1];
-#endif
-
-static int sn_cmp(const void *a, const void *b);
-static int ln_cmp(const void *a, const void *b);
-static int obj_cmp(const void *a, const void *b);
-#define ADDED_DATA 0
-#define ADDED_SNAME 1
-#define ADDED_LNAME 2
-#define ADDED_NID 3
-
-typedef struct added_obj_st
- {
- int type;
- ASN1_OBJECT *obj;
- } ADDED_OBJ;
-
-static int new_nid=NUM_NID;
-static LHASH *added=NULL;
-
-static int sn_cmp(const void *a, const void *b)
- {
- const ASN1_OBJECT * const *ap = a, * const *bp = b;
- return(strcmp((*ap)->sn,(*bp)->sn));
- }
-
-static int ln_cmp(const void *a, const void *b)
- {
- const ASN1_OBJECT * const *ap = a, * const *bp = b;
- return(strcmp((*ap)->ln,(*bp)->ln));
- }
-
-static unsigned long add_hash(ADDED_OBJ *ca)
- {
- ASN1_OBJECT *a;
- int i;
- unsigned long ret=0;
- unsigned char *p;
-
- a=ca->obj;
- switch (ca->type)
- {
- case ADDED_DATA:
- ret=a->length<<20L;
- p=(unsigned char *)a->data;
- for (i=0; i<a->length; i++)
- ret^=p[i]<<((i*3)%24);
- break;
- case ADDED_SNAME:
- ret=lh_strhash(a->sn);
- break;
- case ADDED_LNAME:
- ret=lh_strhash(a->ln);
- break;
- case ADDED_NID:
- ret=a->nid;
- break;
- default:
- /* abort(); */
- return 0;
- }
- ret&=0x3fffffffL;
- ret|=ca->type<<30L;
- return(ret);
- }
-
-static int add_cmp(ADDED_OBJ *ca, ADDED_OBJ *cb)
- {
- ASN1_OBJECT *a,*b;
- int i;
-
- i=ca->type-cb->type;
- if (i) return(i);
- a=ca->obj;
- b=cb->obj;
- switch (ca->type)
- {
- case ADDED_DATA:
- i=(a->length - b->length);
- if (i) return(i);
- return(memcmp(a->data,b->data,a->length));
- case ADDED_SNAME:
- if (a->sn == NULL) return(-1);
- else if (b->sn == NULL) return(1);
- else return(strcmp(a->sn,b->sn));
- case ADDED_LNAME:
- if (a->ln == NULL) return(-1);
- else if (b->ln == NULL) return(1);
- else return(strcmp(a->ln,b->ln));
- case ADDED_NID:
- return(a->nid-b->nid);
- default:
- /* abort(); */
- return 0;
- }
- return(1); /* should not get here */
- }
-
-static int init_added(void)
- {
- if (added != NULL) return(1);
- added=lh_new(add_hash,add_cmp);
- return(added != NULL);
- }
-
-static void cleanup1(ADDED_OBJ *a)
- {
- a->obj->nid=0;
- a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC|
- ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
- ASN1_OBJECT_FLAG_DYNAMIC_DATA;
- }
-
-static void cleanup2(ADDED_OBJ *a)
- { a->obj->nid++; }
-
-static void cleanup3(ADDED_OBJ *a)
- {
- if (--a->obj->nid == 0)
- ASN1_OBJECT_free(a->obj);
- OPENSSL_free(a);
- }
-
-void OBJ_cleanup(void)
- {
- if (added == NULL) return;
- added->down_load=0;
- lh_doall(added,cleanup1); /* zero counters */
- lh_doall(added,cleanup2); /* set counters */
- lh_doall(added,cleanup3); /* free objects */
- lh_free(added);
- added=NULL;
- }
-
-int OBJ_new_nid(int num)
- {
- int i;
-
- i=new_nid;
- new_nid+=num;
- return(i);
- }
-
-int OBJ_add_object(ASN1_OBJECT *obj)
- {
- ASN1_OBJECT *o;
- ADDED_OBJ *ao[4]={NULL,NULL,NULL,NULL},*aop;
- int i;
-
- if (added == NULL)
- if (!init_added()) return(0);
- if ((o=OBJ_dup(obj)) == NULL) goto err;
- ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
- if ((o->length != 0) && (obj->data != NULL))
- ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
- if (o->sn != NULL)
- ao[ADDED_SNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
- if (o->ln != NULL)
- ao[ADDED_LNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
-
- for (i=ADDED_DATA; i<=ADDED_NID; i++)
- {
- if (ao[i] != NULL)
- {
- ao[i]->type=i;
- ao[i]->obj=o;
- aop=(ADDED_OBJ *)lh_insert(added,ao[i]);
- /* memory leak, buit should not normally matter */
- if (aop != NULL)
- OPENSSL_free(aop);
- }
- }
- o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
- ASN1_OBJECT_FLAG_DYNAMIC_DATA);
-
- return(o->nid);
-err:
- for (i=ADDED_DATA; i<=ADDED_NID; i++)
- if (ao[i] != NULL) OPENSSL_free(ao[i]);
- if (o != NULL) OPENSSL_free(o);
- return(NID_undef);
- }
-
-ASN1_OBJECT *OBJ_nid2obj(int n)
- {
- ADDED_OBJ ad,*adp;
- ASN1_OBJECT ob;
-
- if ((n >= 0) && (n < NUM_NID))
- {
- if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
- {
- OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
- return(NULL);
- }
- return((ASN1_OBJECT *)&(nid_objs[n]));
- }
- else if (added == NULL)
- return(NULL);
- else
- {
- ad.type=ADDED_NID;
- ad.obj= &ob;
- ob.nid=n;
- adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
- if (adp != NULL)
- return(adp->obj);
- else
- {
- OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
- return(NULL);
- }
- }
- }
-
-const char *OBJ_nid2sn(int n)
- {
- ADDED_OBJ ad,*adp;
- ASN1_OBJECT ob;
-
- if ((n >= 0) && (n < NUM_NID))
- {
- if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
- {
- OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
- return(NULL);
- }
- return(nid_objs[n].sn);
- }
- else if (added == NULL)
- return(NULL);
- else
- {
- ad.type=ADDED_NID;
- ad.obj= &ob;
- ob.nid=n;
- adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
- if (adp != NULL)
- return(adp->obj->sn);
- else
- {
- OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
- return(NULL);
- }
- }
- }
-
-const char *OBJ_nid2ln(int n)
- {
- ADDED_OBJ ad,*adp;
- ASN1_OBJECT ob;
-
- if ((n >= 0) && (n < NUM_NID))
- {
- if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
- {
- OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
- return(NULL);
- }
- return(nid_objs[n].ln);
- }
- else if (added == NULL)
- return(NULL);
- else
- {
- ad.type=ADDED_NID;
- ad.obj= &ob;
- ob.nid=n;
- adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
- if (adp != NULL)
- return(adp->obj->ln);
- else
- {
- OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
- return(NULL);
- }
- }
- }
-
-int OBJ_obj2nid(ASN1_OBJECT *a)
- {
- ASN1_OBJECT **op;
- ADDED_OBJ ad,*adp;
-
- if (a == NULL)
- return(NID_undef);
- if (a->nid != 0)
- return(a->nid);
-
- if (added != NULL)
- {
- ad.type=ADDED_DATA;
- ad.obj=a;
- adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
- if (adp != NULL) return (adp->obj->nid);
- }
- op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ,
- sizeof(ASN1_OBJECT *),obj_cmp);
- if (op == NULL)
- return(NID_undef);
- return((*op)->nid);
- }
-
-/* Convert an object name into an ASN1_OBJECT
- * if "noname" is not set then search for short and long names first.
- * This will convert the "dotted" form into an object: unlike OBJ_txt2nid
- * it can be used with any objects, not just registered ones.
- */
-
-ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name)
- {
- int nid = NID_undef;
- ASN1_OBJECT *op=NULL;
- unsigned char *buf,*p;
- int i, j;
-
- if(!no_name) {
- if( ((nid = OBJ_sn2nid(s)) != NID_undef) ||
- ((nid = OBJ_ln2nid(s)) != NID_undef) )
- return OBJ_nid2obj(nid);
- }
-
- /* Work out size of content octets */
- i=a2d_ASN1_OBJECT(NULL,0,s,-1);
- if (i <= 0) {
- /* Clear the error */
- ERR_get_error();
- return NULL;
- }
- /* Work out total size */
- j = ASN1_object_size(0,i,V_ASN1_OBJECT);
-
- if((buf=(unsigned char *)OPENSSL_malloc(j)) == NULL) return NULL;
-
- p = buf;
- /* Write out tag+length */
- ASN1_put_object(&p,0,i,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
- /* Write out contents */
- a2d_ASN1_OBJECT(p,i,s,-1);
-
- p=buf;
- op=d2i_ASN1_OBJECT(NULL,&p,i);
- OPENSSL_free(buf);
- return op;
- }
-
-int OBJ_obj2txt(char *buf, int buf_len, ASN1_OBJECT *a, int no_name)
-{
- int i,idx=0,n=0,len,nid;
- unsigned long l;
- unsigned char *p;
- const char *s;
- char tbuf[32];
-
- if (buf_len <= 0) return(0);
-
- if ((a == NULL) || (a->data == NULL)) {
- buf[0]='\0';
- return(0);
- }
-
- nid=OBJ_obj2nid(a);
- if ((nid == NID_undef) || no_name) {
- len=a->length;
- p=a->data;
-
- idx=0;
- l=0;
- while (idx < a->length) {
- l|=(p[idx]&0x7f);
- if (!(p[idx] & 0x80)) break;
- l<<=7L;
- idx++;
- }
- idx++;
- i=(int)(l/40);
- if (i > 2) i=2;
- l-=(long)(i*40);
-
- sprintf(tbuf,"%d.%lu",i,l);
- i=strlen(tbuf);
- strncpy(buf,tbuf,buf_len);
- buf_len-=i;
- buf+=i;
- n+=i;
-
- l=0;
- for (; idx<len; idx++) {
- l|=p[idx]&0x7f;
- if (!(p[idx] & 0x80)) {
- sprintf(tbuf,".%lu",l);
- i=strlen(tbuf);
- if (buf_len > 0)
- strncpy(buf,tbuf,buf_len);
- buf_len-=i;
- buf+=i;
- n+=i;
- l=0;
- }
- l<<=7L;
- }
- } else {
- s=OBJ_nid2ln(nid);
- if (s == NULL)
- s=OBJ_nid2sn(nid);
- strncpy(buf,s,buf_len);
- n=strlen(s);
- }
- buf[buf_len-1]='\0';
- return(n);
-}
-
-int OBJ_txt2nid(char *s)
-{
- ASN1_OBJECT *obj;
- int nid;
- obj = OBJ_txt2obj(s, 0);
- nid = OBJ_obj2nid(obj);
- ASN1_OBJECT_free(obj);
- return nid;
-}
-
-int OBJ_ln2nid(const char *s)
- {
- ASN1_OBJECT o,*oo= &o,**op;
- ADDED_OBJ ad,*adp;
-
- o.ln=s;
- if (added != NULL)
- {
- ad.type=ADDED_LNAME;
- ad.obj= &o;
- adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
- if (adp != NULL) return (adp->obj->nid);
- }
- op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN,
- sizeof(ASN1_OBJECT *),ln_cmp);
- if (op == NULL) return(NID_undef);
- return((*op)->nid);
- }
-
-int OBJ_sn2nid(const char *s)
- {
- ASN1_OBJECT o,*oo= &o,**op;
- ADDED_OBJ ad,*adp;
-
- o.sn=s;
- if (added != NULL)
- {
- ad.type=ADDED_SNAME;
- ad.obj= &o;
- adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
- if (adp != NULL) return (adp->obj->nid);
- }
- op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN,
- sizeof(ASN1_OBJECT *),sn_cmp);
- if (op == NULL) return(NID_undef);
- return((*op)->nid);
- }
-
-static int obj_cmp(const void *ap, const void *bp)
- {
- int j;
- ASN1_OBJECT *a= *(ASN1_OBJECT **)ap;
- ASN1_OBJECT *b= *(ASN1_OBJECT **)bp;
-
- j=(a->length - b->length);
- if (j) return(j);
- return(memcmp(a->data,b->data,a->length));
- }
-
-char *OBJ_bsearch(char *key, char *base, int num, int size, int (*cmp)(const void *, const void *))
- {
- int l,h,i,c;
- char *p;
-
- if (num == 0) return(NULL);
- l=0;
- h=num;
- while (l < h)
- {
- i=(l+h)/2;
- p= &(base[i*size]);
- c=(*cmp)(key,p);
- if (c < 0)
- h=i;
- else if (c > 0)
- l=i+1;
- else
- return(p);
- }
-#ifdef CHARSET_EBCDIC
-/* THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and
- * I don't have perl (yet), we revert to a *LINEAR* search
- * when the object wasn't found in the binary search.
- */
- for (i=0; i<num; ++i) {
- p= &(base[i*size]);
- if ((*cmp)(key,p) == 0)
- return p;
- }
-#endif
- return(NULL);
- }
-
-int OBJ_create_objects(BIO *in)
- {
- MS_STATIC char buf[512];
- int i,num=0;
- char *o,*s,*l=NULL;
-
- for (;;)
- {
- s=o=NULL;
- i=BIO_gets(in,buf,512);
- if (i <= 0) return(num);
- buf[i-1]='\0';
- if (!isalnum((unsigned char)buf[0])) return(num);
- o=s=buf;
- while (isdigit((unsigned char)*s) || (*s == '.'))
- s++;
- if (*s != '\0')
- {
- *(s++)='\0';
- while (isspace((unsigned char)*s))
- s++;
- if (*s == '\0')
- s=NULL;
- else
- {
- l=s;
- while ((*l != '\0') && !isspace((unsigned char)*l))
- l++;
- if (*l != '\0')
- {
- *(l++)='\0';
- while (isspace((unsigned char)*l))
- l++;
- if (*l == '\0') l=NULL;
- }
- else
- l=NULL;
- }
- }
- else
- s=NULL;
- if ((o == NULL) || (*o == '\0')) return(num);
- if (!OBJ_create(o,s,l)) return(num);
- num++;
- }
- /* return(num); */
- }
-
-int OBJ_create(char *oid, char *sn, char *ln)
- {
- int ok=0;
- ASN1_OBJECT *op=NULL;
- unsigned char *buf;
- int i;
-
- i=a2d_ASN1_OBJECT(NULL,0,oid,-1);
- if (i <= 0) return(0);
-
- if ((buf=(unsigned char *)OPENSSL_malloc(i)) == NULL)
- {
- OBJerr(OBJ_F_OBJ_CREATE,OBJ_R_MALLOC_FAILURE);
- return(0);
- }
- i=a2d_ASN1_OBJECT(buf,i,oid,-1);
- op=(ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1),buf,i,sn,ln);
- if (op == NULL)
- goto err;
- ok=OBJ_add_object(op);
-err:
- ASN1_OBJECT_free(op);
- OPENSSL_free(buf);
- return(ok);
- }
-
diff --git a/src/lib/libcrypto/objects/obj_dat.pl b/src/lib/libcrypto/objects/obj_dat.pl
deleted file mode 100644
index 11066df680..0000000000
--- a/src/lib/libcrypto/objects/obj_dat.pl
+++ /dev/null
@@ -1,302 +0,0 @@
-#!/usr/local/bin/perl
-
-sub obj_cmp
- {
- local(@a,@b,$_,$r);
-
- $A=$obj_len{$obj{$nid{$a}}};
- $B=$obj_len{$obj{$nid{$b}}};
-
- $r=($A-$B);
- return($r) if $r != 0;
-
- $A=$obj_der{$obj{$nid{$a}}};
- $B=$obj_der{$obj{$nid{$b}}};
-
- return($A cmp $B);
- }
-
-sub expand_obj
- {
- local(*v)=@_;
- local($k,$d);
- local($i);
-
- do {
- $i=0;
- foreach $k (keys %v)
- {
- if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/))
- { $i++; }
- }
- } while($i);
- foreach $k (keys %v)
- {
- @a=split(/,/,$v{$k});
- $objn{$k}=$#a+1;
- }
- return(%objn);
- }
-
-open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
-open (OUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
-
-while (<IN>)
- {
- next unless /^\#define\s+(\S+)\s+(.*)$/;
- $v=$1;
- $d=$2;
- $d =~ s/^\"//;
- $d =~ s/\"$//;
- if ($v =~ /^SN_(.*)$/)
- {
- if(defined $snames{$d})
- {
- print "WARNING: Duplicate short name \"$d\"\n";
- }
- else
- { $snames{$d} = "X"; }
- $sn{$1}=$d;
- }
- elsif ($v =~ /^LN_(.*)$/)
- {
- if(defined $lnames{$d})
- {
- print "WARNING: Duplicate long name \"$d\"\n";
- }
- else
- { $lnames{$d} = "X"; }
- $ln{$1}=$d;
- }
- elsif ($v =~ /^NID_(.*)$/)
- { $nid{$d}=$1; }
- elsif ($v =~ /^OBJ_(.*)$/)
- {
- $obj{$1}=$v;
- $objd{$v}=$d;
- }
- }
-close IN;
-
-%ob=&expand_obj(*objd);
-
-@a=sort { $a <=> $b } keys %nid;
-$n=$a[$#a]+1;
-
-@lvalues=();
-$lvalues=0;
-
-for ($i=0; $i<$n; $i++)
- {
- if (!defined($nid{$i}))
- {
- push(@out,"{NULL,NULL,NID_undef,0,NULL},\n");
- }
- else
- {
- $sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL";
- $ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL";
-
- if ($sn eq "NULL") {
- $sn=$ln;
- $sn{$nid{$i}} = $ln;
- }
-
- if ($ln eq "NULL") {
- $ln=$sn;
- $ln{$nid{$i}} = $sn;
- }
-
- $out ="{";
- $out.="\"$sn\"";
- $out.=","."\"$ln\"";
- $out.=",NID_$nid{$i},";
- if (defined($obj{$nid{$i}}))
- {
- $v=$objd{$obj{$nid{$i}}};
- $v =~ s/L//g;
- $v =~ s/,/ /g;
- $r=&der_it($v);
- $z="";
- $length=0;
- foreach (unpack("C*",$r))
- {
- $z.=sprintf("0x%02X,",$_);
- $length++;
- }
- $obj_der{$obj{$nid{$i}}}=$z;
- $obj_len{$obj{$nid{$i}}}=$length;
-
- push(@lvalues,sprintf("%-45s/* [%3d] %s */\n",
- $z,$lvalues,$obj{$nid{$i}}));
- $out.="$length,&(lvalues[$lvalues]),0";
- $lvalues+=$length;
- }
- else
- {
- $out.="0,NULL";
- }
- $out.="},\n";
- push(@out,$out);
- }
- }
-
-@a=grep(defined($sn{$nid{$_}}),0 .. $n);
-foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
- {
- push(@sn,sprintf("&(nid_objs[%2d]),/* \"$sn{$nid{$_}}\" */\n",$_));
- }
-
-@a=grep(defined($ln{$nid{$_}}),0 .. $n);
-foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
- {
- push(@ln,sprintf("&(nid_objs[%2d]),/* \"$ln{$nid{$_}}\" */\n",$_));
- }
-
-@a=grep(defined($obj{$nid{$_}}),0 .. $n);
-foreach (sort obj_cmp @a)
- {
- $m=$obj{$nid{$_}};
- $v=$objd{$m};
- $v =~ s/L//g;
- $v =~ s/,/ /g;
- push(@ob,sprintf("&(nid_objs[%2d]),/* %-32s %s */\n",$_,$m,$v));
- }
-
-print OUT <<'EOF';
-/* lib/obj/obj_dat.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the
- * following command:
- * perl obj_dat.pl objects.h obj_dat.h
- */
-
-EOF
-
-printf OUT "#define NUM_NID %d\n",$n;
-printf OUT "#define NUM_SN %d\n",$#sn+1;
-printf OUT "#define NUM_LN %d\n",$#ln+1;
-printf OUT "#define NUM_OBJ %d\n\n",$#ob+1;
-
-printf OUT "static unsigned char lvalues[%d]={\n",$lvalues+1;
-print OUT @lvalues;
-print OUT "};\n\n";
-
-printf OUT "static ASN1_OBJECT nid_objs[NUM_NID]={\n";
-foreach (@out)
- {
- if (length($_) > 75)
- {
- $out="";
- foreach (split(/,/))
- {
- $t=$out.$_.",";
- if (length($t) > 70)
- {
- print OUT "$out\n";
- $t="\t$_,";
- }
- $out=$t;
- }
- chop $out;
- print OUT "$out";
- }
- else
- { print OUT $_; }
- }
-print OUT "};\n\n";
-
-printf OUT "static ASN1_OBJECT *sn_objs[NUM_SN]={\n";
-print OUT @sn;
-print OUT "};\n\n";
-
-printf OUT "static ASN1_OBJECT *ln_objs[NUM_LN]={\n";
-print OUT @ln;
-print OUT "};\n\n";
-
-printf OUT "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n";
-print OUT @ob;
-print OUT "};\n\n";
-
-close OUT;
-
-sub der_it
- {
- local($v)=@_;
- local(@a,$i,$ret,@r);
-
- @a=split(/\s+/,$v);
- $ret.=pack("C*",$a[0]*40+$a[1]);
- shift @a;
- shift @a;
- foreach (@a)
- {
- @r=();
- $t=0;
- while ($_ >= 128)
- {
- $x=$_%128;
- $_/=128;
- push(@r,((($t++)?0x80:0)|$x));
- }
- push(@r,((($t++)?0x80:0)|$_));
- $ret.=pack("C*",reverse(@r));
- }
- return($ret);
- }
diff --git a/src/lib/libcrypto/objects/obj_err.c b/src/lib/libcrypto/objects/obj_err.c
deleted file mode 100644
index 7aec0ed47a..0000000000
--- a/src/lib/libcrypto/objects/obj_err.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* crypto/objects/obj_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA OBJ_str_functs[]=
- {
-{ERR_PACK(0,OBJ_F_OBJ_CREATE,0), "OBJ_create"},
-{ERR_PACK(0,OBJ_F_OBJ_DUP,0), "OBJ_dup"},
-{ERR_PACK(0,OBJ_F_OBJ_NID2LN,0), "OBJ_nid2ln"},
-{ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0), "OBJ_nid2obj"},
-{ERR_PACK(0,OBJ_F_OBJ_NID2SN,0), "OBJ_nid2sn"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA OBJ_str_reasons[]=
- {
-{OBJ_R_MALLOC_FAILURE ,"malloc failure"},
-{OBJ_R_UNKNOWN_NID ,"unknown nid"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_OBJ_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs);
- ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/objects/obj_lib.c b/src/lib/libcrypto/objects/obj_lib.c
deleted file mode 100644
index 0c71639eba..0000000000
--- a/src/lib/libcrypto/objects/obj_lib.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/* crypto/objects/obj_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-
-ASN1_OBJECT *OBJ_dup(ASN1_OBJECT *o)
- {
- ASN1_OBJECT *r;
- int i;
- char *ln=NULL;
-
- if (o == NULL) return(NULL);
- if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
- return(o);
-
- r=ASN1_OBJECT_new();
- if (r == NULL)
- {
- OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB);
- return(NULL);
- }
- r->data=OPENSSL_malloc(o->length);
- if (r->data == NULL)
- goto err;
- memcpy(r->data,o->data,o->length);
- r->length=o->length;
- r->nid=o->nid;
- r->ln=r->sn=NULL;
- if (o->ln != NULL)
- {
- i=strlen(o->ln)+1;
- r->ln=ln=OPENSSL_malloc(i);
- if (r->ln == NULL) goto err;
- memcpy(ln,o->ln,i);
- }
-
- if (o->sn != NULL)
- {
- char *s;
-
- i=strlen(o->sn)+1;
- r->sn=s=OPENSSL_malloc(i);
- if (r->sn == NULL) goto err;
- memcpy(s,o->sn,i);
- }
- r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC|
- ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA);
- return(r);
-err:
- OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE);
- if (r != NULL)
- {
- if (ln != NULL) OPENSSL_free(ln);
- if (r->data != NULL) OPENSSL_free(r->data);
- OPENSSL_free(r);
- }
- return(NULL);
- }
-
-int OBJ_cmp(ASN1_OBJECT *a, ASN1_OBJECT *b)
- {
- int ret;
-
- ret=(a->length-b->length);
- if (ret) return(ret);
- return(memcmp(a->data,b->data,a->length));
- }
diff --git a/src/lib/libcrypto/objects/obj_mac.num b/src/lib/libcrypto/objects/obj_mac.num
deleted file mode 100644
index d73a51370f..0000000000
--- a/src/lib/libcrypto/objects/obj_mac.num
+++ /dev/null
@@ -1,392 +0,0 @@
-undef 0
-rsadsi 1
-pkcs 2
-md2 3
-md5 4
-rc4 5
-rsaEncryption 6
-md2WithRSAEncryption 7
-md5WithRSAEncryption 8
-pbeWithMD2AndDES_CBC 9
-pbeWithMD5AndDES_CBC 10
-X500 11
-X509 12
-commonName 13
-countryName 14
-localityName 15
-stateOrProvinceName 16
-organizationName 17
-organizationalUnitName 18
-rsa 19
-pkcs7 20
-pkcs7_data 21
-pkcs7_signed 22
-pkcs7_enveloped 23
-pkcs7_signedAndEnveloped 24
-pkcs7_digest 25
-pkcs7_encrypted 26
-pkcs3 27
-dhKeyAgreement 28
-des_ecb 29
-des_cfb64 30
-des_cbc 31
-des_ede 32
-des_ede3 33
-idea_cbc 34
-idea_cfb64 35
-idea_ecb 36
-rc2_cbc 37
-rc2_ecb 38
-rc2_cfb64 39
-rc2_ofb64 40
-sha 41
-shaWithRSAEncryption 42
-des_ede_cbc 43
-des_ede3_cbc 44
-des_ofb64 45
-idea_ofb64 46
-pkcs9 47
-pkcs9_emailAddress 48
-pkcs9_unstructuredName 49
-pkcs9_contentType 50
-pkcs9_messageDigest 51
-pkcs9_signingTime 52
-pkcs9_countersignature 53
-pkcs9_challengePassword 54
-pkcs9_unstructuredAddress 55
-pkcs9_extCertAttributes 56
-netscape 57
-netscape_cert_extension 58
-netscape_data_type 59
-des_ede_cfb64 60
-des_ede3_cfb64 61
-des_ede_ofb64 62
-des_ede3_ofb64 63
-sha1 64
-sha1WithRSAEncryption 65
-dsaWithSHA 66
-dsa_2 67
-pbeWithSHA1AndRC2_CBC 68
-id_pbkdf2 69
-dsaWithSHA1_2 70
-netscape_cert_type 71
-netscape_base_url 72
-netscape_revocation_url 73
-netscape_ca_revocation_url 74
-netscape_renewal_url 75
-netscape_ca_policy_url 76
-netscape_ssl_server_name 77
-netscape_comment 78
-netscape_cert_sequence 79
-desx_cbc 80
-id_ce 81
-subject_key_identifier 82
-key_usage 83
-private_key_usage_period 84
-subject_alt_name 85
-issuer_alt_name 86
-basic_constraints 87
-crl_number 88
-certificate_policies 89
-authority_key_identifier 90
-bf_cbc 91
-bf_ecb 92
-bf_cfb64 93
-bf_ofb64 94
-mdc2 95
-mdc2WithRSA 96
-rc4_40 97
-rc2_40_cbc 98
-givenName 99
-surname 100
-initials 101
-uniqueIdentifier 102
-crl_distribution_points 103
-md5WithRSA 104
-serialNumber 105
-title 106
-description 107
-cast5_cbc 108
-cast5_ecb 109
-cast5_cfb64 110
-cast5_ofb64 111
-pbeWithMD5AndCast5_CBC 112
-dsaWithSHA1 113
-md5_sha1 114
-sha1WithRSA 115
-dsa 116
-ripemd160 117
-ripemd160WithRSA 119
-rc5_cbc 120
-rc5_ecb 121
-rc5_cfb64 122
-rc5_ofb64 123
-rle_compression 124
-zlib_compression 125
-ext_key_usage 126
-id_pkix 127
-id_kp 128
-server_auth 129
-client_auth 130
-code_sign 131
-email_protect 132
-time_stamp 133
-ms_code_ind 134
-ms_code_com 135
-ms_ctl_sign 136
-ms_sgc 137
-ms_efs 138
-ns_sgc 139
-delta_crl 140
-crl_reason 141
-invalidity_date 142
-sxnet 143
-pbe_WithSHA1And128BitRC4 144
-pbe_WithSHA1And40BitRC4 145
-pbe_WithSHA1And3_Key_TripleDES_CBC 146
-pbe_WithSHA1And2_Key_TripleDES_CBC 147
-pbe_WithSHA1And128BitRC2_CBC 148
-pbe_WithSHA1And40BitRC2_CBC 149
-keyBag 150
-pkcs8ShroudedKeyBag 151
-certBag 152
-crlBag 153
-secretBag 154
-safeContentsBag 155
-friendlyName 156
-localKeyID 157
-x509Certificate 158
-sdsiCertificate 159
-x509Crl 160
-pbes2 161
-pbmac1 162
-hmacWithSHA1 163
-id_qt_cps 164
-id_qt_unotice 165
-rc2_64_cbc 166
-SMIMECapabilities 167
-pbeWithMD2AndRC2_CBC 168
-pbeWithMD5AndRC2_CBC 169
-pbeWithSHA1AndDES_CBC 170
-ms_ext_req 171
-ext_req 172
-name 173
-dnQualifier 174
-id_pe 175
-id_ad 176
-info_access 177
-ad_OCSP 178
-ad_ca_issuers 179
-OCSP_sign 180
-iso 181
-member_body 182
-ISO_US 183
-X9_57 184
-X9cm 185
-pkcs1 186
-pkcs5 187
-SMIME 188
-id_smime_mod 189
-id_smime_ct 190
-id_smime_aa 191
-id_smime_alg 192
-id_smime_cd 193
-id_smime_spq 194
-id_smime_cti 195
-id_smime_mod_cms 196
-id_smime_mod_ess 197
-id_smime_mod_oid 198
-id_smime_mod_msg_v3 199
-id_smime_mod_ets_eSignature_88 200
-id_smime_mod_ets_eSignature_97 201
-id_smime_mod_ets_eSigPolicy_88 202
-id_smime_mod_ets_eSigPolicy_97 203
-id_smime_ct_receipt 204
-id_smime_ct_authData 205
-id_smime_ct_publishCert 206
-id_smime_ct_TSTInfo 207
-id_smime_ct_TDTInfo 208
-id_smime_ct_contentInfo 209
-id_smime_ct_DVCSRequestData 210
-id_smime_ct_DVCSResponseData 211
-id_smime_aa_receiptRequest 212
-id_smime_aa_securityLabel 213
-id_smime_aa_mlExpandHistory 214
-id_smime_aa_contentHint 215
-id_smime_aa_msgSigDigest 216
-id_smime_aa_encapContentType 217
-id_smime_aa_contentIdentifier 218
-id_smime_aa_macValue 219
-id_smime_aa_equivalentLabels 220
-id_smime_aa_contentReference 221
-id_smime_aa_encrypKeyPref 222
-id_smime_aa_signingCertificate 223
-id_smime_aa_smimeEncryptCerts 224
-id_smime_aa_timeStampToken 225
-id_smime_aa_ets_sigPolicyId 226
-id_smime_aa_ets_commitmentType 227
-id_smime_aa_ets_signerLocation 228
-id_smime_aa_ets_signerAttr 229
-id_smime_aa_ets_otherSigCert 230
-id_smime_aa_ets_contentTimestamp 231
-id_smime_aa_ets_CertificateRefs 232
-id_smime_aa_ets_RevocationRefs 233
-id_smime_aa_ets_certValues 234
-id_smime_aa_ets_revocationValues 235
-id_smime_aa_ets_escTimeStamp 236
-id_smime_aa_ets_certCRLTimestamp 237
-id_smime_aa_ets_archiveTimeStamp 238
-id_smime_aa_signatureType 239
-id_smime_aa_dvcs_dvc 240
-id_smime_alg_ESDHwith3DES 241
-id_smime_alg_ESDHwithRC2 242
-id_smime_alg_3DESwrap 243
-id_smime_alg_RC2wrap 244
-id_smime_alg_ESDH 245
-id_smime_alg_CMS3DESwrap 246
-id_smime_alg_CMSRC2wrap 247
-id_smime_cd_ldap 248
-id_smime_spq_ets_sqt_uri 249
-id_smime_spq_ets_sqt_unotice 250
-id_smime_cti_ets_proofOfOrigin 251
-id_smime_cti_ets_proofOfReceipt 252
-id_smime_cti_ets_proofOfDelivery 253
-id_smime_cti_ets_proofOfSender 254
-id_smime_cti_ets_proofOfApproval 255
-id_smime_cti_ets_proofOfCreation 256
-md4 257
-id_pkix_mod 258
-id_qt 259
-id_it 260
-id_pkip 261
-id_alg 262
-id_cmc 263
-id_on 264
-id_pda 265
-id_aca 266
-id_qcs 267
-id_cct 268
-id_pkix1_explicit_88 269
-id_pkix1_implicit_88 270
-id_pkix1_explicit_93 271
-id_pkix1_implicit_93 272
-id_mod_crmf 273
-id_mod_cmc 274
-id_mod_kea_profile_88 275
-id_mod_kea_profile_93 276
-id_mod_cmp 277
-id_mod_qualified_cert_88 278
-id_mod_qualified_cert_93 279
-id_mod_attribute_cert 280
-id_mod_timestamp_protocol 281
-id_mod_ocsp 282
-id_mod_dvcs 283
-id_mod_cmp2000 284
-biometricInfo 285
-qcStatements 286
-ac_auditEntity 287
-ac_targeting 288
-aaControls 289
-sbqp_ipAddrBlock 290
-sbqp_autonomousSysNum 291
-sbqp_routerIdentifier 292
-textNotice 293
-ipsecEndSystem 294
-ipsecTunnel 295
-ipsecUser 296
-dvcs 297
-id_it_caProtEncCert 298
-id_it_signKeyPairTypes 299
-id_it_encKeyPairTypes 300
-id_it_preferredSymmAlg 301
-id_it_caKeyUpdateInfo 302
-id_it_currentCRL 303
-id_it_unsupportedOIDs 304
-id_it_subscriptionRequest 305
-id_it_subscriptionResponse 306
-id_it_keyPairParamReq 307
-id_it_keyPairParamRep 308
-id_it_revPassphrase 309
-id_it_implicitConfirm 310
-id_it_confirmWaitTime 311
-id_it_origPKIMessage 312
-id_regCtrl 313
-id_regInfo 314
-id_regCtrl_regToken 315
-id_regCtrl_authenticator 316
-id_regCtrl_pkiPublicationInfo 317
-id_regCtrl_pkiArchiveOptions 318
-id_regCtrl_oldCertID 319
-id_regCtrl_protocolEncrKey 320
-id_regInfo_utf8Pairs 321
-id_regInfo_certReq 322
-id_alg_des40 323
-id_alg_noSignature 324
-id_alg_dh_sig_hmac_sha1 325
-id_alg_dh_pop 326
-id_cmc_statusInfo 327
-id_cmc_identification 328
-id_cmc_identityProof 329
-id_cmc_dataReturn 330
-id_cmc_transactionId 331
-id_cmc_senderNonce 332
-id_cmc_recipientNonce 333
-id_cmc_addExtensions 334
-id_cmc_encryptedPOP 335
-id_cmc_decryptedPOP 336
-id_cmc_lraPOPWitness 337
-id_cmc_getCert 338
-id_cmc_getCRL 339
-id_cmc_revokeRequest 340
-id_cmc_regInfo 341
-id_cmc_responseInfo 342
-id_cmc_queryPending 343
-id_cmc_popLinkRandom 344
-id_cmc_popLinkWitness 345
-id_cmc_confirmCertAcceptance 346
-id_on_personalData 347
-id_pda_dateOfBirth 348
-id_pda_placeOfBirth 349
-id_pda_pseudonym 350
-id_pda_gender 351
-id_pda_countryOfCitizenship 352
-id_pda_countryOfResidence 353
-id_aca_authenticationInfo 354
-id_aca_accessIdentity 355
-id_aca_chargingIdentity 356
-id_aca_group 357
-id_aca_role 358
-id_qcs_pkixQCSyntax_v1 359
-id_cct_crs 360
-id_cct_PKIData 361
-id_cct_PKIResponse 362
-ad_timeStamping 363
-ad_dvcs 364
-id_pkix_OCSP_basic 365
-id_pkix_OCSP_Nonce 366
-id_pkix_OCSP_CrlID 367
-id_pkix_OCSP_acceptableResponses 368
-id_pkix_OCSP_noCheck 369
-id_pkix_OCSP_archiveCutoff 370
-id_pkix_OCSP_serviceLocator 371
-id_pkix_OCSP_extendedStatus 372
-id_pkix_OCSP_valid 373
-id_pkix_OCSP_path 374
-id_pkix_OCSP_trustRoot 375
-algorithm 376
-rsaSignature 377
-X500algorithms 378
-org 379
-dod 380
-iana 381
-Directory 382
-Management 383
-Experimental 384
-Private 385
-Security 386
-SNMPv2 387
-Mail 388
-Enterprises 389
-dcObject 390
-domainComponent 391
-Domain 392
diff --git a/src/lib/libcrypto/objects/objects.README b/src/lib/libcrypto/objects/objects.README
deleted file mode 100644
index 4d745508d8..0000000000
--- a/src/lib/libcrypto/objects/objects.README
+++ /dev/null
@@ -1,44 +0,0 @@
-objects.txt syntax
-------------------
-
-To cover all the naming hacks that were previously in objects.h needed some
-kind of hacks in objects.txt.
-
-The basic syntax for adding an object is as follows:
-
- 1 2 3 4 : shortName : Long Name
-
- If the long name doesn't contain spaces, or no short name
- exists, the long name is used as basis for the base name
- in C. Otherwise, the short name is used.
-
- The base name (let's call it 'base') will then be used to
- create the C macros SN_base, LN_base, NID_base and OBJ_base.
-
- Note that if the base name contains spaces, dashes or periods,
- those will be converte to underscore.
-
-Then there are some extra commands:
-
- !Alias foo 1 2 3 4
-
- This juts makes a name foo for an OID. The C macro
- OBJ_foo will be created as a result.
-
- !Cname foo
-
- This makes sure that the name foo will be used as base name
- in C.
-
- !module foo
- 1 2 3 4 : shortName : Long Name
- !global
-
- The !module command was meant to define a kind of modularity.
- What it does is to make sure the module name is prepended
- to the base name. !global turns this off. This construction
- is not recursive.
-
-Lines starting with # are treated as comments, as well as any line starting
-with ! and not matching the commands above.
-
diff --git a/src/lib/libcrypto/objects/objects.h b/src/lib/libcrypto/objects/objects.h
deleted file mode 100644
index c099e2e84e..0000000000
--- a/src/lib/libcrypto/objects/objects.h
+++ /dev/null
@@ -1,1038 +0,0 @@
-/* crypto/objects/objects.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_OBJECTS_H
-#define HEADER_OBJECTS_H
-
-#define USE_OBJ_MAC
-
-#ifdef USE_OBJ_MAC
-#include <openssl/obj_mac.h>
-#else
-#define SN_undef "UNDEF"
-#define LN_undef "undefined"
-#define NID_undef 0
-#define OBJ_undef 0L
-
-#define SN_Algorithm "Algorithm"
-#define LN_algorithm "algorithm"
-#define NID_algorithm 38
-#define OBJ_algorithm 1L,3L,14L,3L,2L
-
-#define LN_rsadsi "rsadsi"
-#define NID_rsadsi 1
-#define OBJ_rsadsi 1L,2L,840L,113549L
-
-#define LN_pkcs "pkcs"
-#define NID_pkcs 2
-#define OBJ_pkcs OBJ_rsadsi,1L
-
-#define SN_md2 "MD2"
-#define LN_md2 "md2"
-#define NID_md2 3
-#define OBJ_md2 OBJ_rsadsi,2L,2L
-
-#define SN_md5 "MD5"
-#define LN_md5 "md5"
-#define NID_md5 4
-#define OBJ_md5 OBJ_rsadsi,2L,5L
-
-#define SN_rc4 "RC4"
-#define LN_rc4 "rc4"
-#define NID_rc4 5
-#define OBJ_rc4 OBJ_rsadsi,3L,4L
-
-#define LN_rsaEncryption "rsaEncryption"
-#define NID_rsaEncryption 6
-#define OBJ_rsaEncryption OBJ_pkcs,1L,1L
-
-#define SN_md2WithRSAEncryption "RSA-MD2"
-#define LN_md2WithRSAEncryption "md2WithRSAEncryption"
-#define NID_md2WithRSAEncryption 7
-#define OBJ_md2WithRSAEncryption OBJ_pkcs,1L,2L
-
-#define SN_md5WithRSAEncryption "RSA-MD5"
-#define LN_md5WithRSAEncryption "md5WithRSAEncryption"
-#define NID_md5WithRSAEncryption 8
-#define OBJ_md5WithRSAEncryption OBJ_pkcs,1L,4L
-
-#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES"
-#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC"
-#define NID_pbeWithMD2AndDES_CBC 9
-#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs,5L,1L
-
-#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES"
-#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC"
-#define NID_pbeWithMD5AndDES_CBC 10
-#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs,5L,3L
-
-#define LN_X500 "X500"
-#define NID_X500 11
-#define OBJ_X500 2L,5L
-
-#define LN_X509 "X509"
-#define NID_X509 12
-#define OBJ_X509 OBJ_X500,4L
-
-#define SN_commonName "CN"
-#define LN_commonName "commonName"
-#define NID_commonName 13
-#define OBJ_commonName OBJ_X509,3L
-
-#define SN_countryName "C"
-#define LN_countryName "countryName"
-#define NID_countryName 14
-#define OBJ_countryName OBJ_X509,6L
-
-#define SN_localityName "L"
-#define LN_localityName "localityName"
-#define NID_localityName 15
-#define OBJ_localityName OBJ_X509,7L
-
-/* Postal Address? PA */
-
-/* should be "ST" (rfc1327) but MS uses 'S' */
-#define SN_stateOrProvinceName "ST"
-#define LN_stateOrProvinceName "stateOrProvinceName"
-#define NID_stateOrProvinceName 16
-#define OBJ_stateOrProvinceName OBJ_X509,8L
-
-#define SN_organizationName "O"
-#define LN_organizationName "organizationName"
-#define NID_organizationName 17
-#define OBJ_organizationName OBJ_X509,10L
-
-#define SN_organizationalUnitName "OU"
-#define LN_organizationalUnitName "organizationalUnitName"
-#define NID_organizationalUnitName 18
-#define OBJ_organizationalUnitName OBJ_X509,11L
-
-#define SN_rsa "RSA"
-#define LN_rsa "rsa"
-#define NID_rsa 19
-#define OBJ_rsa OBJ_X500,8L,1L,1L
-
-#define LN_pkcs7 "pkcs7"
-#define NID_pkcs7 20
-#define OBJ_pkcs7 OBJ_pkcs,7L
-
-#define LN_pkcs7_data "pkcs7-data"
-#define NID_pkcs7_data 21
-#define OBJ_pkcs7_data OBJ_pkcs7,1L
-
-#define LN_pkcs7_signed "pkcs7-signedData"
-#define NID_pkcs7_signed 22
-#define OBJ_pkcs7_signed OBJ_pkcs7,2L
-
-#define LN_pkcs7_enveloped "pkcs7-envelopedData"
-#define NID_pkcs7_enveloped 23
-#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L
-
-#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData"
-#define NID_pkcs7_signedAndEnveloped 24
-#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L
-
-#define LN_pkcs7_digest "pkcs7-digestData"
-#define NID_pkcs7_digest 25
-#define OBJ_pkcs7_digest OBJ_pkcs7,5L
-
-#define LN_pkcs7_encrypted "pkcs7-encryptedData"
-#define NID_pkcs7_encrypted 26
-#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L
-
-#define LN_pkcs3 "pkcs3"
-#define NID_pkcs3 27
-#define OBJ_pkcs3 OBJ_pkcs,3L
-
-#define LN_dhKeyAgreement "dhKeyAgreement"
-#define NID_dhKeyAgreement 28
-#define OBJ_dhKeyAgreement OBJ_pkcs3,1L
-
-#define SN_des_ecb "DES-ECB"
-#define LN_des_ecb "des-ecb"
-#define NID_des_ecb 29
-#define OBJ_des_ecb OBJ_algorithm,6L
-
-#define SN_des_cfb64 "DES-CFB"
-#define LN_des_cfb64 "des-cfb"
-#define NID_des_cfb64 30
-/* IV + num */
-#define OBJ_des_cfb64 OBJ_algorithm,9L
-
-#define SN_des_cbc "DES-CBC"
-#define LN_des_cbc "des-cbc"
-#define NID_des_cbc 31
-/* IV */
-#define OBJ_des_cbc OBJ_algorithm,7L
-
-#define SN_des_ede "DES-EDE"
-#define LN_des_ede "des-ede"
-#define NID_des_ede 32
-/* ?? */
-#define OBJ_des_ede OBJ_algorithm,17L
-
-#define SN_des_ede3 "DES-EDE3"
-#define LN_des_ede3 "des-ede3"
-#define NID_des_ede3 33
-
-#define SN_idea_cbc "IDEA-CBC"
-#define LN_idea_cbc "idea-cbc"
-#define NID_idea_cbc 34
-#define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
-
-#define SN_idea_cfb64 "IDEA-CFB"
-#define LN_idea_cfb64 "idea-cfb"
-#define NID_idea_cfb64 35
-
-#define SN_idea_ecb "IDEA-ECB"
-#define LN_idea_ecb "idea-ecb"
-#define NID_idea_ecb 36
-
-#define SN_rc2_cbc "RC2-CBC"
-#define LN_rc2_cbc "rc2-cbc"
-#define NID_rc2_cbc 37
-#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L
-
-#define SN_rc2_ecb "RC2-ECB"
-#define LN_rc2_ecb "rc2-ecb"
-#define NID_rc2_ecb 38
-
-#define SN_rc2_cfb64 "RC2-CFB"
-#define LN_rc2_cfb64 "rc2-cfb"
-#define NID_rc2_cfb64 39
-
-#define SN_rc2_ofb64 "RC2-OFB"
-#define LN_rc2_ofb64 "rc2-ofb"
-#define NID_rc2_ofb64 40
-
-#define SN_sha "SHA"
-#define LN_sha "sha"
-#define NID_sha 41
-#define OBJ_sha OBJ_algorithm,18L
-
-#define SN_shaWithRSAEncryption "RSA-SHA"
-#define LN_shaWithRSAEncryption "shaWithRSAEncryption"
-#define NID_shaWithRSAEncryption 42
-#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L
-
-#define SN_des_ede_cbc "DES-EDE-CBC"
-#define LN_des_ede_cbc "des-ede-cbc"
-#define NID_des_ede_cbc 43
-
-#define SN_des_ede3_cbc "DES-EDE3-CBC"
-#define LN_des_ede3_cbc "des-ede3-cbc"
-#define NID_des_ede3_cbc 44
-#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L
-
-#define SN_des_ofb64 "DES-OFB"
-#define LN_des_ofb64 "des-ofb"
-#define NID_des_ofb64 45
-#define OBJ_des_ofb64 OBJ_algorithm,8L
-
-#define SN_idea_ofb64 "IDEA-OFB"
-#define LN_idea_ofb64 "idea-ofb"
-#define NID_idea_ofb64 46
-
-#define LN_pkcs9 "pkcs9"
-#define NID_pkcs9 47
-#define OBJ_pkcs9 OBJ_pkcs,9L
-
-#define SN_pkcs9_emailAddress "Email"
-#define LN_pkcs9_emailAddress "emailAddress"
-#define NID_pkcs9_emailAddress 48
-#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L
-
-#define LN_pkcs9_unstructuredName "unstructuredName"
-#define NID_pkcs9_unstructuredName 49
-#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L
-
-#define LN_pkcs9_contentType "contentType"
-#define NID_pkcs9_contentType 50
-#define OBJ_pkcs9_contentType OBJ_pkcs9,3L
-
-#define LN_pkcs9_messageDigest "messageDigest"
-#define NID_pkcs9_messageDigest 51
-#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L
-
-#define LN_pkcs9_signingTime "signingTime"
-#define NID_pkcs9_signingTime 52
-#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L
-
-#define LN_pkcs9_countersignature "countersignature"
-#define NID_pkcs9_countersignature 53
-#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L
-
-#define LN_pkcs9_challengePassword "challengePassword"
-#define NID_pkcs9_challengePassword 54
-#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L
-
-#define LN_pkcs9_unstructuredAddress "unstructuredAddress"
-#define NID_pkcs9_unstructuredAddress 55
-#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L
-
-#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes"
-#define NID_pkcs9_extCertAttributes 56
-#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L
-
-#define SN_netscape "Netscape"
-#define LN_netscape "Netscape Communications Corp."
-#define NID_netscape 57
-#define OBJ_netscape 2L,16L,840L,1L,113730L
-
-#define SN_netscape_cert_extension "nsCertExt"
-#define LN_netscape_cert_extension "Netscape Certificate Extension"
-#define NID_netscape_cert_extension 58
-#define OBJ_netscape_cert_extension OBJ_netscape,1L
-
-#define SN_netscape_data_type "nsDataType"
-#define LN_netscape_data_type "Netscape Data Type"
-#define NID_netscape_data_type 59
-#define OBJ_netscape_data_type OBJ_netscape,2L
-
-#define SN_des_ede_cfb64 "DES-EDE-CFB"
-#define LN_des_ede_cfb64 "des-ede-cfb"
-#define NID_des_ede_cfb64 60
-
-#define SN_des_ede3_cfb64 "DES-EDE3-CFB"
-#define LN_des_ede3_cfb64 "des-ede3-cfb"
-#define NID_des_ede3_cfb64 61
-
-#define SN_des_ede_ofb64 "DES-EDE-OFB"
-#define LN_des_ede_ofb64 "des-ede-ofb"
-#define NID_des_ede_ofb64 62
-
-#define SN_des_ede3_ofb64 "DES-EDE3-OFB"
-#define LN_des_ede3_ofb64 "des-ede3-ofb"
-#define NID_des_ede3_ofb64 63
-
-/* I'm not sure about the object ID */
-#define SN_sha1 "SHA1"
-#define LN_sha1 "sha1"
-#define NID_sha1 64
-#define OBJ_sha1 OBJ_algorithm,26L
-/* 28 Jun 1996 - eay */
-/* #define OBJ_sha1 1L,3L,14L,2L,26L,05L <- wrong */
-
-#define SN_sha1WithRSAEncryption "RSA-SHA1"
-#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption"
-#define NID_sha1WithRSAEncryption 65
-#define OBJ_sha1WithRSAEncryption OBJ_pkcs,1L,5L
-
-#define SN_dsaWithSHA "DSA-SHA"
-#define LN_dsaWithSHA "dsaWithSHA"
-#define NID_dsaWithSHA 66
-#define OBJ_dsaWithSHA OBJ_algorithm,13L
-
-#define SN_dsa_2 "DSA-old"
-#define LN_dsa_2 "dsaEncryption-old"
-#define NID_dsa_2 67
-#define OBJ_dsa_2 OBJ_algorithm,12L
-
-/* proposed by microsoft to RSA */
-#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64"
-#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC"
-#define NID_pbeWithSHA1AndRC2_CBC 68
-#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs,5L,11L
-
-/* proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now
- * defined explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something
- * completely different.
- */
-#define LN_id_pbkdf2 "PBKDF2"
-#define NID_id_pbkdf2 69
-#define OBJ_id_pbkdf2 OBJ_pkcs,5L,12L
-
-#define SN_dsaWithSHA1_2 "DSA-SHA1-old"
-#define LN_dsaWithSHA1_2 "dsaWithSHA1-old"
-#define NID_dsaWithSHA1_2 70
-/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */
-#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L
-
-#define SN_netscape_cert_type "nsCertType"
-#define LN_netscape_cert_type "Netscape Cert Type"
-#define NID_netscape_cert_type 71
-#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L
-
-#define SN_netscape_base_url "nsBaseUrl"
-#define LN_netscape_base_url "Netscape Base Url"
-#define NID_netscape_base_url 72
-#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L
-
-#define SN_netscape_revocation_url "nsRevocationUrl"
-#define LN_netscape_revocation_url "Netscape Revocation Url"
-#define NID_netscape_revocation_url 73
-#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L
-
-#define SN_netscape_ca_revocation_url "nsCaRevocationUrl"
-#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url"
-#define NID_netscape_ca_revocation_url 74
-#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L
-
-#define SN_netscape_renewal_url "nsRenewalUrl"
-#define LN_netscape_renewal_url "Netscape Renewal Url"
-#define NID_netscape_renewal_url 75
-#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L
-
-#define SN_netscape_ca_policy_url "nsCaPolicyUrl"
-#define LN_netscape_ca_policy_url "Netscape CA Policy Url"
-#define NID_netscape_ca_policy_url 76
-#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L
-
-#define SN_netscape_ssl_server_name "nsSslServerName"
-#define LN_netscape_ssl_server_name "Netscape SSL Server Name"
-#define NID_netscape_ssl_server_name 77
-#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L
-
-#define SN_netscape_comment "nsComment"
-#define LN_netscape_comment "Netscape Comment"
-#define NID_netscape_comment 78
-#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L
-
-#define SN_netscape_cert_sequence "nsCertSequence"
-#define LN_netscape_cert_sequence "Netscape Certificate Sequence"
-#define NID_netscape_cert_sequence 79
-#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L
-
-#define SN_desx_cbc "DESX-CBC"
-#define LN_desx_cbc "desx-cbc"
-#define NID_desx_cbc 80
-
-#define SN_ld_ce "ld-ce"
-#define NID_ld_ce 81
-#define OBJ_ld_ce 2L,5L,29L
-
-#define SN_subject_key_identifier "subjectKeyIdentifier"
-#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
-#define NID_subject_key_identifier 82
-#define OBJ_subject_key_identifier OBJ_ld_ce,14L
-
-#define SN_key_usage "keyUsage"
-#define LN_key_usage "X509v3 Key Usage"
-#define NID_key_usage 83
-#define OBJ_key_usage OBJ_ld_ce,15L
-
-#define SN_private_key_usage_period "privateKeyUsagePeriod"
-#define LN_private_key_usage_period "X509v3 Private Key Usage Period"
-#define NID_private_key_usage_period 84
-#define OBJ_private_key_usage_period OBJ_ld_ce,16L
-
-#define SN_subject_alt_name "subjectAltName"
-#define LN_subject_alt_name "X509v3 Subject Alternative Name"
-#define NID_subject_alt_name 85
-#define OBJ_subject_alt_name OBJ_ld_ce,17L
-
-#define SN_issuer_alt_name "issuerAltName"
-#define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
-#define NID_issuer_alt_name 86
-#define OBJ_issuer_alt_name OBJ_ld_ce,18L
-
-#define SN_basic_constraints "basicConstraints"
-#define LN_basic_constraints "X509v3 Basic Constraints"
-#define NID_basic_constraints 87
-#define OBJ_basic_constraints OBJ_ld_ce,19L
-
-#define SN_crl_number "crlNumber"
-#define LN_crl_number "X509v3 CRL Number"
-#define NID_crl_number 88
-#define OBJ_crl_number OBJ_ld_ce,20L
-
-#define SN_certificate_policies "certificatePolicies"
-#define LN_certificate_policies "X509v3 Certificate Policies"
-#define NID_certificate_policies 89
-#define OBJ_certificate_policies OBJ_ld_ce,32L
-
-#define SN_authority_key_identifier "authorityKeyIdentifier"
-#define LN_authority_key_identifier "X509v3 Authority Key Identifier"
-#define NID_authority_key_identifier 90
-#define OBJ_authority_key_identifier OBJ_ld_ce,35L
-
-#define SN_bf_cbc "BF-CBC"
-#define LN_bf_cbc "bf-cbc"
-#define NID_bf_cbc 91
-#define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L
-
-#define SN_bf_ecb "BF-ECB"
-#define LN_bf_ecb "bf-ecb"
-#define NID_bf_ecb 92
-
-#define SN_bf_cfb64 "BF-CFB"
-#define LN_bf_cfb64 "bf-cfb"
-#define NID_bf_cfb64 93
-
-#define SN_bf_ofb64 "BF-OFB"
-#define LN_bf_ofb64 "bf-ofb"
-#define NID_bf_ofb64 94
-
-#define SN_mdc2 "MDC2"
-#define LN_mdc2 "mdc2"
-#define NID_mdc2 95
-#define OBJ_mdc2 2L,5L,8L,3L,101L
-/* An alternative? 1L,3L,14L,3L,2L,19L */
-
-#define SN_mdc2WithRSA "RSA-MDC2"
-#define LN_mdc2WithRSA "mdc2withRSA"
-#define NID_mdc2WithRSA 96
-#define OBJ_mdc2WithRSA 2L,5L,8L,3L,100L
-
-#define SN_rc4_40 "RC4-40"
-#define LN_rc4_40 "rc4-40"
-#define NID_rc4_40 97
-
-#define SN_rc2_40_cbc "RC2-40-CBC"
-#define LN_rc2_40_cbc "rc2-40-cbc"
-#define NID_rc2_40_cbc 98
-
-#define SN_givenName "G"
-#define LN_givenName "givenName"
-#define NID_givenName 99
-#define OBJ_givenName OBJ_X509,42L
-
-#define SN_surname "S"
-#define LN_surname "surname"
-#define NID_surname 100
-#define OBJ_surname OBJ_X509,4L
-
-#define SN_initials "I"
-#define LN_initials "initials"
-#define NID_initials 101
-#define OBJ_initials OBJ_X509,43L
-
-#define SN_uniqueIdentifier "UID"
-#define LN_uniqueIdentifier "uniqueIdentifier"
-#define NID_uniqueIdentifier 102
-#define OBJ_uniqueIdentifier OBJ_X509,45L
-
-#define SN_crl_distribution_points "crlDistributionPoints"
-#define LN_crl_distribution_points "X509v3 CRL Distribution Points"
-#define NID_crl_distribution_points 103
-#define OBJ_crl_distribution_points OBJ_ld_ce,31L
-
-#define SN_md5WithRSA "RSA-NP-MD5"
-#define LN_md5WithRSA "md5WithRSA"
-#define NID_md5WithRSA 104
-#define OBJ_md5WithRSA OBJ_algorithm,3L
-
-#define SN_serialNumber "SN"
-#define LN_serialNumber "serialNumber"
-#define NID_serialNumber 105
-#define OBJ_serialNumber OBJ_X509,5L
-
-#define SN_title "T"
-#define LN_title "title"
-#define NID_title 106
-#define OBJ_title OBJ_X509,12L
-
-#define SN_description "D"
-#define LN_description "description"
-#define NID_description 107
-#define OBJ_description OBJ_X509,13L
-
-/* CAST5 is CAST-128, I'm just sticking with the documentation */
-#define SN_cast5_cbc "CAST5-CBC"
-#define LN_cast5_cbc "cast5-cbc"
-#define NID_cast5_cbc 108
-#define OBJ_cast5_cbc 1L,2L,840L,113533L,7L,66L,10L
-
-#define SN_cast5_ecb "CAST5-ECB"
-#define LN_cast5_ecb "cast5-ecb"
-#define NID_cast5_ecb 109
-
-#define SN_cast5_cfb64 "CAST5-CFB"
-#define LN_cast5_cfb64 "cast5-cfb"
-#define NID_cast5_cfb64 110
-
-#define SN_cast5_ofb64 "CAST5-OFB"
-#define LN_cast5_ofb64 "cast5-ofb"
-#define NID_cast5_ofb64 111
-
-#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC"
-#define NID_pbeWithMD5AndCast5_CBC 112
-#define OBJ_pbeWithMD5AndCast5_CBC 1L,2L,840L,113533L,7L,66L,12L
-
-/* This is one sun will soon be using :-(
- * id-dsa-with-sha1 ID ::= {
- * iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 }
- */
-#define SN_dsaWithSHA1 "DSA-SHA1"
-#define LN_dsaWithSHA1 "dsaWithSHA1"
-#define NID_dsaWithSHA1 113
-#define OBJ_dsaWithSHA1 1L,2L,840L,10040L,4L,3L
-
-#define NID_md5_sha1 114
-#define SN_md5_sha1 "MD5-SHA1"
-#define LN_md5_sha1 "md5-sha1"
-
-#define SN_sha1WithRSA "RSA-SHA1-2"
-#define LN_sha1WithRSA "sha1WithRSA"
-#define NID_sha1WithRSA 115
-#define OBJ_sha1WithRSA OBJ_algorithm,29L
-
-#define SN_dsa "DSA"
-#define LN_dsa "dsaEncryption"
-#define NID_dsa 116
-#define OBJ_dsa 1L,2L,840L,10040L,4L,1L
-
-#define SN_ripemd160 "RIPEMD160"
-#define LN_ripemd160 "ripemd160"
-#define NID_ripemd160 117
-#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L
-
-/* The name should actually be rsaSignatureWithripemd160, but I'm going
- * to continue using the convention I'm using with the other ciphers */
-#define SN_ripemd160WithRSA "RSA-RIPEMD160"
-#define LN_ripemd160WithRSA "ripemd160WithRSA"
-#define NID_ripemd160WithRSA 119
-#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
-
-/* Taken from rfc2040
- * RC5_CBC_Parameters ::= SEQUENCE {
- * version INTEGER (v1_0(16)),
- * rounds INTEGER (8..127),
- * blockSizeInBits INTEGER (64, 128),
- * iv OCTET STRING OPTIONAL
- * }
- */
-#define SN_rc5_cbc "RC5-CBC"
-#define LN_rc5_cbc "rc5-cbc"
-#define NID_rc5_cbc 120
-#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L
-
-#define SN_rc5_ecb "RC5-ECB"
-#define LN_rc5_ecb "rc5-ecb"
-#define NID_rc5_ecb 121
-
-#define SN_rc5_cfb64 "RC5-CFB"
-#define LN_rc5_cfb64 "rc5-cfb"
-#define NID_rc5_cfb64 122
-
-#define SN_rc5_ofb64 "RC5-OFB"
-#define LN_rc5_ofb64 "rc5-ofb"
-#define NID_rc5_ofb64 123
-
-#define SN_rle_compression "RLE"
-#define LN_rle_compression "run length compression"
-#define NID_rle_compression 124
-#define OBJ_rle_compression 1L,1L,1L,1L,666L,1L
-
-#define SN_zlib_compression "ZLIB"
-#define LN_zlib_compression "zlib compression"
-#define NID_zlib_compression 125
-#define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L
-
-#define SN_ext_key_usage "extendedKeyUsage"
-#define LN_ext_key_usage "X509v3 Extended Key Usage"
-#define NID_ext_key_usage 126
-#define OBJ_ext_key_usage OBJ_ld_ce,37
-
-#define SN_id_pkix "PKIX"
-#define NID_id_pkix 127
-#define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L
-
-#define SN_id_kp "id-kp"
-#define NID_id_kp 128
-#define OBJ_id_kp OBJ_id_pkix,3L
-
-/* PKIX extended key usage OIDs */
-
-#define SN_server_auth "serverAuth"
-#define LN_server_auth "TLS Web Server Authentication"
-#define NID_server_auth 129
-#define OBJ_server_auth OBJ_id_kp,1L
-
-#define SN_client_auth "clientAuth"
-#define LN_client_auth "TLS Web Client Authentication"
-#define NID_client_auth 130
-#define OBJ_client_auth OBJ_id_kp,2L
-
-#define SN_code_sign "codeSigning"
-#define LN_code_sign "Code Signing"
-#define NID_code_sign 131
-#define OBJ_code_sign OBJ_id_kp,3L
-
-#define SN_email_protect "emailProtection"
-#define LN_email_protect "E-mail Protection"
-#define NID_email_protect 132
-#define OBJ_email_protect OBJ_id_kp,4L
-
-#define SN_time_stamp "timeStamping"
-#define LN_time_stamp "Time Stamping"
-#define NID_time_stamp 133
-#define OBJ_time_stamp OBJ_id_kp,8L
-
-/* Additional extended key usage OIDs: Microsoft */
-
-#define SN_ms_code_ind "msCodeInd"
-#define LN_ms_code_ind "Microsoft Individual Code Signing"
-#define NID_ms_code_ind 134
-#define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
-
-#define SN_ms_code_com "msCodeCom"
-#define LN_ms_code_com "Microsoft Commercial Code Signing"
-#define NID_ms_code_com 135
-#define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
-
-#define SN_ms_ctl_sign "msCTLSign"
-#define LN_ms_ctl_sign "Microsoft Trust List Signing"
-#define NID_ms_ctl_sign 136
-#define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
-
-#define SN_ms_sgc "msSGC"
-#define LN_ms_sgc "Microsoft Server Gated Crypto"
-#define NID_ms_sgc 137
-#define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
-
-#define SN_ms_efs "msEFS"
-#define LN_ms_efs "Microsoft Encrypted File System"
-#define NID_ms_efs 138
-#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
-
-/* Additional usage: Netscape */
-
-#define SN_ns_sgc "nsSGC"
-#define LN_ns_sgc "Netscape Server Gated Crypto"
-#define NID_ns_sgc 139
-#define OBJ_ns_sgc OBJ_netscape,4L,1L
-
-#define SN_delta_crl "deltaCRL"
-#define LN_delta_crl "X509v3 Delta CRL Indicator"
-#define NID_delta_crl 140
-#define OBJ_delta_crl OBJ_ld_ce,27L
-
-#define SN_crl_reason "CRLReason"
-#define LN_crl_reason "CRL Reason Code"
-#define NID_crl_reason 141
-#define OBJ_crl_reason OBJ_ld_ce,21L
-
-#define SN_invalidity_date "invalidityDate"
-#define LN_invalidity_date "Invalidity Date"
-#define NID_invalidity_date 142
-#define OBJ_invalidity_date OBJ_ld_ce,24L
-
-#define SN_sxnet "SXNetID"
-#define LN_sxnet "Strong Extranet ID"
-#define NID_sxnet 143
-#define OBJ_sxnet 1L,3L,101L,1L,4L,1L
-
-/* PKCS12 and related OBJECT IDENTIFIERS */
-
-#define OBJ_pkcs12 OBJ_pkcs,12L
-#define OBJ_pkcs12_pbeids OBJ_pkcs12, 1
-
-#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128"
-#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4"
-#define NID_pbe_WithSHA1And128BitRC4 144
-#define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids, 1L
-
-#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40"
-#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4"
-#define NID_pbe_WithSHA1And40BitRC4 145
-#define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids, 2L
-
-#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES"
-#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146
-#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 3L
-
-#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES"
-#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147
-#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 4L
-
-#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128"
-#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC"
-#define NID_pbe_WithSHA1And128BitRC2_CBC 148
-#define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids, 5L
-
-#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40"
-#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC"
-#define NID_pbe_WithSHA1And40BitRC2_CBC 149
-#define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids, 6L
-
-#define OBJ_pkcs12_Version1 OBJ_pkcs12, 10L
-
-#define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1, 1L
-
-#define LN_keyBag "keyBag"
-#define NID_keyBag 150
-#define OBJ_keyBag OBJ_pkcs12_BagIds, 1L
-
-#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag"
-#define NID_pkcs8ShroudedKeyBag 151
-#define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds, 2L
-
-#define LN_certBag "certBag"
-#define NID_certBag 152
-#define OBJ_certBag OBJ_pkcs12_BagIds, 3L
-
-#define LN_crlBag "crlBag"
-#define NID_crlBag 153
-#define OBJ_crlBag OBJ_pkcs12_BagIds, 4L
-
-#define LN_secretBag "secretBag"
-#define NID_secretBag 154
-#define OBJ_secretBag OBJ_pkcs12_BagIds, 5L
-
-#define LN_safeContentsBag "safeContentsBag"
-#define NID_safeContentsBag 155
-#define OBJ_safeContentsBag OBJ_pkcs12_BagIds, 6L
-
-#define LN_friendlyName "friendlyName"
-#define NID_friendlyName 156
-#define OBJ_friendlyName OBJ_pkcs9, 20L
-
-#define LN_localKeyID "localKeyID"
-#define NID_localKeyID 157
-#define OBJ_localKeyID OBJ_pkcs9, 21L
-
-#define OBJ_certTypes OBJ_pkcs9, 22L
-
-#define LN_x509Certificate "x509Certificate"
-#define NID_x509Certificate 158
-#define OBJ_x509Certificate OBJ_certTypes, 1L
-
-#define LN_sdsiCertificate "sdsiCertificate"
-#define NID_sdsiCertificate 159
-#define OBJ_sdsiCertificate OBJ_certTypes, 2L
-
-#define OBJ_crlTypes OBJ_pkcs9, 23L
-
-#define LN_x509Crl "x509Crl"
-#define NID_x509Crl 160
-#define OBJ_x509Crl OBJ_crlTypes, 1L
-
-/* PKCS#5 v2 OIDs */
-
-#define LN_pbes2 "PBES2"
-#define NID_pbes2 161
-#define OBJ_pbes2 OBJ_pkcs,5L,13L
-
-#define LN_pbmac1 "PBMAC1"
-#define NID_pbmac1 162
-#define OBJ_pbmac1 OBJ_pkcs,5L,14L
-
-#define LN_hmacWithSHA1 "hmacWithSHA1"
-#define NID_hmacWithSHA1 163
-#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L
-
-/* Policy Qualifier Ids */
-
-#define LN_id_qt_cps "Policy Qualifier CPS"
-#define SN_id_qt_cps "id-qt-cps"
-#define NID_id_qt_cps 164
-#define OBJ_id_qt_cps OBJ_id_pkix,2L,1L
-
-#define LN_id_qt_unotice "Policy Qualifier User Notice"
-#define SN_id_qt_unotice "id-qt-unotice"
-#define NID_id_qt_unotice 165
-#define OBJ_id_qt_unotice OBJ_id_pkix,2L,2L
-
-#define SN_rc2_64_cbc "RC2-64-CBC"
-#define LN_rc2_64_cbc "rc2-64-cbc"
-#define NID_rc2_64_cbc 166
-
-#define SN_SMIMECapabilities "SMIME-CAPS"
-#define LN_SMIMECapabilities "S/MIME Capabilities"
-#define NID_SMIMECapabilities 167
-#define OBJ_SMIMECapabilities OBJ_pkcs9,15L
-
-#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64"
-#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC"
-#define NID_pbeWithMD2AndRC2_CBC 168
-#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs,5L,4L
-
-#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64"
-#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC"
-#define NID_pbeWithMD5AndRC2_CBC 169
-#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs,5L,6L
-
-#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES"
-#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC"
-#define NID_pbeWithSHA1AndDES_CBC 170
-#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs,5L,10L
-
-/* Extension request OIDs */
-
-#define LN_ms_ext_req "Microsoft Extension Request"
-#define SN_ms_ext_req "msExtReq"
-#define NID_ms_ext_req 171
-#define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
-
-#define LN_ext_req "Extension Request"
-#define SN_ext_req "extReq"
-#define NID_ext_req 172
-#define OBJ_ext_req OBJ_pkcs9,14L
-
-#define SN_name "name"
-#define LN_name "name"
-#define NID_name 173
-#define OBJ_name OBJ_X509,41L
-
-#define SN_dnQualifier "dnQualifier"
-#define LN_dnQualifier "dnQualifier"
-#define NID_dnQualifier 174
-#define OBJ_dnQualifier OBJ_X509,46L
-
-#define SN_id_pe "id-pe"
-#define NID_id_pe 175
-#define OBJ_id_pe OBJ_id_pkix,1L
-
-#define SN_id_ad "id-ad"
-#define NID_id_ad 176
-#define OBJ_id_ad OBJ_id_pkix,48L
-
-#define SN_info_access "authorityInfoAccess"
-#define LN_info_access "Authority Information Access"
-#define NID_info_access 177
-#define OBJ_info_access OBJ_id_pe,1L
-
-#define SN_ad_OCSP "OCSP"
-#define LN_ad_OCSP "OCSP"
-#define NID_ad_OCSP 178
-#define OBJ_ad_OCSP OBJ_id_ad,1L
-
-#define SN_ad_ca_issuers "caIssuers"
-#define LN_ad_ca_issuers "CA Issuers"
-#define NID_ad_ca_issuers 179
-#define OBJ_ad_ca_issuers OBJ_id_ad,2L
-
-#define SN_OCSP_sign "OCSPSigning"
-#define LN_OCSP_sign "OCSP Signing"
-#define NID_OCSP_sign 180
-#define OBJ_OCSP_sign OBJ_id_kp,9L
-#endif /* USE_OBJ_MAC */
-
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-
-#define OBJ_NAME_TYPE_UNDEF 0x00
-#define OBJ_NAME_TYPE_MD_METH 0x01
-#define OBJ_NAME_TYPE_CIPHER_METH 0x02
-#define OBJ_NAME_TYPE_PKEY_METH 0x03
-#define OBJ_NAME_TYPE_COMP_METH 0x04
-#define OBJ_NAME_TYPE_NUM 0x05
-
-#define OBJ_NAME_ALIAS 0x8000
-
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct obj_name_st
- {
- int type;
- int alias;
- const char *name;
- const char *data;
- } OBJ_NAME;
-
-#define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
-
-
-int OBJ_NAME_init(void);
-int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),int (*cmp_func)(const void *, const void *),
- void (*free_func)(const char *, int, const char *));
-const char *OBJ_NAME_get(const char *name,int type);
-int OBJ_NAME_add(const char *name,int type,const char *data);
-int OBJ_NAME_remove(const char *name,int type);
-void OBJ_NAME_cleanup(int type); /* -1 for everything */
-
-ASN1_OBJECT * OBJ_dup(ASN1_OBJECT *o);
-ASN1_OBJECT * OBJ_nid2obj(int n);
-const char * OBJ_nid2ln(int n);
-const char * OBJ_nid2sn(int n);
-int OBJ_obj2nid(ASN1_OBJECT *o);
-ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name);
-int OBJ_obj2txt(char *buf, int buf_len, ASN1_OBJECT *a, int no_name);
-int OBJ_txt2nid(char *s);
-int OBJ_ln2nid(const char *s);
-int OBJ_sn2nid(const char *s);
-int OBJ_cmp(ASN1_OBJECT *a,ASN1_OBJECT *b);
-char * OBJ_bsearch(char *key,char *base,int num,int size,int (*cmp)(const void *, const void *));
-
-void ERR_load_OBJ_strings(void );
-
-int OBJ_new_nid(int num);
-int OBJ_add_object(ASN1_OBJECT *obj);
-int OBJ_create(char *oid,char *sn,char *ln);
-void OBJ_cleanup(void );
-int OBJ_create_objects(BIO *in);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the OBJ functions. */
-
-/* Function codes. */
-#define OBJ_F_OBJ_CREATE 100
-#define OBJ_F_OBJ_DUP 101
-#define OBJ_F_OBJ_NID2LN 102
-#define OBJ_F_OBJ_NID2OBJ 103
-#define OBJ_F_OBJ_NID2SN 104
-
-/* Reason codes. */
-#define OBJ_R_MALLOC_FAILURE 100
-#define OBJ_R_UNKNOWN_NID 101
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/objects/objects.pl b/src/lib/libcrypto/objects/objects.pl
deleted file mode 100644
index c956bbb841..0000000000
--- a/src/lib/libcrypto/objects/objects.pl
+++ /dev/null
@@ -1,224 +0,0 @@
-#!/usr/local/bin/perl
-
-open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]";
-$max_nid=0;
-$o=0;
-while(<NUMIN>)
- {
- chop;
- $o++;
- s/#.*$//;
- next if /^\s*$/;
- ($Cname,$mynum) = split;
- if (defined($nidn{$mynum}))
- { die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; }
- $nid{$Cname} = $mynum;
- $nidn{$mynum} = $Cname;
- $order{$mynum} = $o;
- $max_nid = $mynum if $mynum > $max_nid;
- }
-close NUMIN;
-
-open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
-$Cname="";
-$o=0;
-while (<IN>)
- {
- chop;
- $o++;
- if (/^!module\s+(.*)$/)
- {
- $module = $1."-";
- $module =~ s/\./_/g;
- $module =~ s/-/_/g;
- }
- if (/^!global$/)
- { $module = ""; }
- if (/^!Cname\s+(.*)$/)
- { $Cname = $1; }
- if (/^!Alias\s+(.+?)\s+(.*)$/)
- {
- $Cname = $module.$1;
- $myoid = $2;
- $myoid = &process_oid($myoid);
- $Cname =~ s/-/_/g;
- $ordern{$o} = $Cname;
- $order{$Cname} = $o;
- $obj{$Cname} = $myoid;
- $_ = "";
- $Cname = "";
- }
- s/!.*$//;
- s/#.*$//;
- next if /^\s*$/;
- ($myoid,$mysn,$myln) = split ':';
- $mysn =~ s/^\s*//;
- $mysn =~ s/\s*$//;
- $myln =~ s/^\s*//;
- $myln =~ s/\s*$//;
- $myoid =~ s/^\s*//;
- $myoid =~ s/\s*$//;
- if ($myoid ne "")
- {
- $myoid = &process_oid($myoid);
- }
-
- if ($Cname eq "" && !($myln =~ / /))
- {
- $Cname = $myln;
- $Cname =~ s/\./_/g;
- $Cname =~ s/-/_/g;
- if ($Cname ne "" && defined($ln{$module.$Cname}))
- { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
- }
- if ($Cname eq "")
- {
- $Cname = $mysn;
- $Cname =~ s/-/_/g;
- if ($Cname ne "" && defined($sn{$module.$Cname}))
- { die "objects.txt:$o:There's already an object with short name ",$sn{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
- }
- if ($Cname eq "")
- {
- $Cname = $myln;
- $Cname =~ s/-/_/g;
- $Cname =~ s/\./_/g;
- $Cname =~ s/ /_/g;
- if ($Cname ne "" && defined($ln{$module.$Cname}))
- { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
- }
- $Cname =~ s/\./_/g;
- $Cname =~ s/-/_/g;
- $Cname = $module.$Cname;
- $ordern{$o} = $Cname;
- $order{$Cname} = $o;
- $sn{$Cname} = $mysn;
- $ln{$Cname} = $myln;
- $obj{$Cname} = $myoid;
- if (!defined($nid{$Cname}))
- {
- $max_nid++;
- $nid{$Cname} = $max_nid;
- $nidn{$max_nid} = $Cname;
- }
- $Cname="";
- }
-close IN;
-
-open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
-foreach (sort { $a <=> $b } keys %nidn)
- {
- print NUMOUT $nidn{$_},"\t\t",$_,"\n";
- }
-close NUMOUT;
-
-open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
-print OUT <<'EOF';
-/* lib/obj/obj_mac.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
- * following command:
- * perl objects.pl objects.txt obj_mac.num obj_mac.h
- */
-
-#define SN_undef "UNDEF"
-#define LN_undef "undefined"
-#define NID_undef 0
-#define OBJ_undef 0L
-
-EOF
-
-foreach (sort { $a <=> $b } keys %ordern)
- {
- $Cname=$ordern{$_};
- print OUT "#define SN_",$Cname,"\t\t\"",$sn{$Cname},"\"\n" if $sn{$Cname} ne "";
- print OUT "#define LN_",$Cname,"\t\t\"",$ln{$Cname},"\"\n" if $ln{$Cname} ne "";
- print OUT "#define NID_",$Cname,"\t\t",$nid{$Cname},"\n" if $nid{$Cname} ne "";
- print OUT "#define OBJ_",$Cname,"\t\t",$obj{$Cname},"\n" if $obj{$Cname} ne "";
- print OUT "\n";
- }
-
-close OUT;
-
-sub process_oid
- {
- local($oid)=@_;
- local(@a,$oid_pref);
-
- @a = split(/\s+/,$myoid);
- $pref_oid = "";
- $pref_sep = "";
- if (!($a[0] =~ /^[0-9]+$/))
- {
- $a[0] =~ s/-/_/g;
- $pref_oid = "OBJ_" . $a[0];
- $pref_sep = ",";
- shift @a;
- }
- $oids = join('L,',@a) . "L";
- if ($oids ne "L")
- {
- $oids = $pref_oid . $pref_sep . $oids;
- }
- else
- {
- $oids = $pref_oid;
- }
- return($oids);
- }
diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt
deleted file mode 100644
index 3d443cf884..0000000000
--- a/src/lib/libcrypto/objects/objects.txt
+++ /dev/null
@@ -1,593 +0,0 @@
-1 : ISO : iso
-
-iso 2 : member-body : ISO Member Body
-
-member-body 840 : ISO-US : ISO US Member Body
-ISO-US 10040 : X9-57 : X9.57
-X9-57 4 : X9cm : X9.57 CM ?
-
-!Cname dsa
-X9cm 1 : DSA : dsaEncryption
-X9cm 3 : DSA-SHA1 : dsaWithSHA1
-
-ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc
- : CAST5-ECB : cast5-ecb
-!Cname cast5-cfb64
- : CAST5-CFB : cast5-cfb
-!Cname cast5-ofb64
- : CAST5-OFB : cast5-ofb
-!Cname pbeWithMD5AndCast5-CBC
-ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC
-
-ISO-US 113549 : rsadsi : RSA Data Security, Inc.
-
-rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS
-
-pkcs 1 : pkcs1
-pkcs1 1 : : rsaEncryption
-pkcs1 2 : RSA-MD2 : md2WithRSAEncryption
-pkcs1 4 : RSA-MD5 : md5WithRSAEncryption
-pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption
-
-pkcs 3 : pkcs3
-pkcs3 1 : : dhKeyAgreement
-
-pkcs 5 : pkcs5
-pkcs5 1 : PBE-MD2-DES : pbeWithMD2AndDES-CBC
-pkcs5 3 : PBE-MD5-DES : pbeWithMD5AndDES-CBC
-pkcs5 4 : PBE-MD2-RC2-64 : pbeWithMD2AndRC2-CBC
-pkcs5 6 : PBE-MD5-RC2-64 : pbeWithMD5AndRC2-CBC
-pkcs5 10 : PBE-SHA1-DES : pbeWithSHA1AndDES-CBC
-pkcs5 11 : PBE-SHA1-RC2-64 : pbeWithSHA1AndRC2-CBC
-!Cname id_pbkdf2
-pkcs5 12 : : PBKDF2
-!Cname pbes2
-pkcs5 13 : : PBES2
-!Cname pbmac1
-pkcs5 14 : : PBMAC1
-
-pkcs 7 : pkcs7
-pkcs7 1 : : pkcs7-data
-!Cname pkcs7-signed
-pkcs7 2 : : pkcs7-signedData
-!Cname pkcs7-enveloped
-pkcs7 3 : : pkcs7-envelopedData
-!Cname pkcs7-signedAndEnveloped
-pkcs7 4 : : pkcs7-signedAndEnvelopedData
-!Cname pkcs7-digest
-pkcs7 5 : : pkcs7-digestData
-!Cname pkcs7-encrypted
-pkcs7 6 : : pkcs7-encryptedData
-
-pkcs 9 : pkcs9
-!module pkcs9
-pkcs9 1 : Email : emailAddress
-pkcs9 2 : : unstructuredName
-pkcs9 3 : : contentType
-pkcs9 4 : : messageDigest
-pkcs9 5 : : signingTime
-pkcs9 6 : : countersignature
-pkcs9 7 : : challengePassword
-pkcs9 8 : : unstructuredAddress
-!Cname extCertAttributes
-pkcs9 9 : : extendedCertificateAttributes
-!global
-
-!Cname ext-req
-pkcs9 14 : extReq : Extension Request
-
-!Cname SMIMECapabilities
-pkcs9 15 : SMIME-CAPS : S/MIME Capabilities
-
-# S/MIME
-!Cname SMIME
-pkcs9 16 : SMIME : S/MIME
-SMIME 0 : id-smime-mod
-SMIME 1 : id-smime-ct
-SMIME 2 : id-smime-aa
-SMIME 3 : id-smime-alg
-SMIME 4 : id-smime-cd
-SMIME 5 : id-smime-spq
-SMIME 6 : id-smime-cti
-
-# S/MIME Modules
-id-smime-mod 1 : id-smime-mod-cms
-id-smime-mod 2 : id-smime-mod-ess
-id-smime-mod 3 : id-smime-mod-oid
-id-smime-mod 4 : id-smime-mod-msg-v3
-id-smime-mod 5 : id-smime-mod-ets-eSignature-88
-id-smime-mod 6 : id-smime-mod-ets-eSignature-97
-id-smime-mod 7 : id-smime-mod-ets-eSigPolicy-88
-id-smime-mod 8 : id-smime-mod-ets-eSigPolicy-97
-
-# S/MIME Content Types
-id-smime-ct 1 : id-smime-ct-receipt
-id-smime-ct 2 : id-smime-ct-authData
-id-smime-ct 3 : id-smime-ct-publishCert
-id-smime-ct 4 : id-smime-ct-TSTInfo
-id-smime-ct 5 : id-smime-ct-TDTInfo
-id-smime-ct 6 : id-smime-ct-contentInfo
-id-smime-ct 7 : id-smime-ct-DVCSRequestData
-id-smime-ct 8 : id-smime-ct-DVCSResponseData
-
-# S/MIME Attributes
-id-smime-aa 1 : id-smime-aa-receiptRequest
-id-smime-aa 2 : id-smime-aa-securityLabel
-id-smime-aa 3 : id-smime-aa-mlExpandHistory
-id-smime-aa 4 : id-smime-aa-contentHint
-id-smime-aa 5 : id-smime-aa-msgSigDigest
-# obsolete
-id-smime-aa 6 : id-smime-aa-encapContentType
-id-smime-aa 7 : id-smime-aa-contentIdentifier
-# obsolete
-id-smime-aa 8 : id-smime-aa-macValue
-id-smime-aa 9 : id-smime-aa-equivalentLabels
-id-smime-aa 10 : id-smime-aa-contentReference
-id-smime-aa 11 : id-smime-aa-encrypKeyPref
-id-smime-aa 12 : id-smime-aa-signingCertificate
-id-smime-aa 13 : id-smime-aa-smimeEncryptCerts
-id-smime-aa 14 : id-smime-aa-timeStampToken
-id-smime-aa 15 : id-smime-aa-ets-sigPolicyId
-id-smime-aa 16 : id-smime-aa-ets-commitmentType
-id-smime-aa 17 : id-smime-aa-ets-signerLocation
-id-smime-aa 18 : id-smime-aa-ets-signerAttr
-id-smime-aa 19 : id-smime-aa-ets-otherSigCert
-id-smime-aa 20 : id-smime-aa-ets-contentTimestamp
-id-smime-aa 21 : id-smime-aa-ets-CertificateRefs
-id-smime-aa 22 : id-smime-aa-ets-RevocationRefs
-id-smime-aa 23 : id-smime-aa-ets-certValues
-id-smime-aa 24 : id-smime-aa-ets-revocationValues
-id-smime-aa 25 : id-smime-aa-ets-escTimeStamp
-id-smime-aa 26 : id-smime-aa-ets-certCRLTimestamp
-id-smime-aa 27 : id-smime-aa-ets-archiveTimeStamp
-id-smime-aa 28 : id-smime-aa-signatureType
-id-smime-aa 29 : id-smime-aa-dvcs-dvc
-
-# S/MIME Algorithm Identifiers
-# obsolete
-id-smime-alg 1 : id-smime-alg-ESDHwith3DES
-# obsolete
-id-smime-alg 2 : id-smime-alg-ESDHwithRC2
-# obsolete
-id-smime-alg 3 : id-smime-alg-3DESwrap
-# obsolete
-id-smime-alg 4 : id-smime-alg-RC2wrap
-id-smime-alg 5 : id-smime-alg-ESDH
-id-smime-alg 6 : id-smime-alg-CMS3DESwrap
-id-smime-alg 7 : id-smime-alg-CMSRC2wrap
-
-# S/MIME Certificate Distribution
-id-smime-cd 1 : id-smime-cd-ldap
-
-# S/MIME Signature Policy Qualifier
-id-smime-spq 1 : id-smime-spq-ets-sqt-uri
-id-smime-spq 2 : id-smime-spq-ets-sqt-unotice
-
-# S/MIME Commitment Type Identifier
-id-smime-cti 1 : id-smime-cti-ets-proofOfOrigin
-id-smime-cti 2 : id-smime-cti-ets-proofOfReceipt
-id-smime-cti 3 : id-smime-cti-ets-proofOfDelivery
-id-smime-cti 4 : id-smime-cti-ets-proofOfSender
-id-smime-cti 5 : id-smime-cti-ets-proofOfApproval
-id-smime-cti 6 : id-smime-cti-ets-proofOfCreation
-
-pkcs9 20 : : friendlyName
-pkcs9 21 : : localKeyID
-!Alias certTypes pkcs9 22
-certTypes 1 : : x509Certificate
-certTypes 2 : : sdsiCertificate
-!Alias crlTypes pkcs9 23
-crlTypes 1 : : x509Crl
-
-!Alias pkcs12 pkcs 12
-!Alias pkcs12-pbeids pkcs12 1
-
-!Cname pbe-WithSHA1And128BitRC4
-pkcs12-pbeids 1 : PBE-SHA1-RC4-128 : pbeWithSHA1And128BitRC4
-!Cname pbe-WithSHA1And40BitRC4
-pkcs12-pbeids 2 : PBE-SHA1-RC4-40 : pbeWithSHA1And40BitRC4
-!Cname pbe-WithSHA1And3_Key_TripleDES-CBC
-pkcs12-pbeids 3 : PBE-SHA1-3DES : pbeWithSHA1And3-KeyTripleDES-CBC
-!Cname pbe-WithSHA1And2_Key_TripleDES-CBC
-pkcs12-pbeids 4 : PBE-SHA1-2DES : pbeWithSHA1And2-KeyTripleDES-CBC
-!Cname pbe-WithSHA1And128BitRC2-CBC
-pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC
-!Cname pbe-WithSHA1And40BitRC2-CBC
-pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC
-
-!Alias pkcs12-Version1 pkcs12 10
-!Alias pkcs12-BagIds pkcs12-Version1 1
-pkcs12-BagIds 1 : : keyBag
-pkcs12-BagIds 2 : : pkcs8ShroudedKeyBag
-pkcs12-BagIds 3 : : certBag
-pkcs12-BagIds 4 : : crlBag
-pkcs12-BagIds 5 : : secretBag
-pkcs12-BagIds 6 : : safeContentsBag
-
-rsadsi 2 2 : MD2 : md2
-rsadsi 2 4 : MD4 : md4
-rsadsi 2 5 : MD5 : md5
- : MD5-SHA1 : md5-sha1
-rsadsi 2 7 : : hmacWithSHA1
-rsadsi 3 2 : RC2-CBC : rc2-cbc
- : RC2-ECB : rc2-ecb
-!Cname rc2-cfb64
- : RC2-CFB : rc2-cfb
-!Cname rc2-ofb64
- : RC2-OFB : rc2-ofb
- : RC2-40-CBC : rc2-40-cbc
- : RC2-64-CBC : rc2-64-cbc
-rsadsi 3 4 : RC4 : rc4
- : RC4-40 : rc4-40
-rsadsi 3 7 : DES-EDE3-CBC : des-ede3-cbc
-rsadsi 3 8 : RC5-CBC : rc5-cbc
- : RC5-ECB : rc5-ecb
-!Cname rc5-cfb64
- : RC5-CFB : rc5-cfb
-!Cname rc5-ofb64
- : RC5-OFB : rc5-ofb
-
-!Cname ms-ext-req
-1 3 6 1 4 1 311 2 1 14 : msExtReq : Microsoft Extension Request
-!Cname ms-code-ind
-1 3 6 1 4 1 311 2 1 21 : msCodeInd : Microsoft Individual Code Signing
-!Cname ms-code-com
-1 3 6 1 4 1 311 2 1 22 : msCodeCom : Microsoft Commercial Code Signing
-!Cname ms-ctl-sign
-1 3 6 1 4 1 311 10 3 1 : msCTLSign : Microsoft Trust List Signing
-!Cname ms-sgc
-1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto
-!Cname ms-efs
-1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System
-
-1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc
- : IDEA-ECB : idea-ecb
-!Cname idea-cfb64
- : IDEA-CFB : idea-cfb
-!Cname idea-ofb64
- : IDEA-OFB : idea-ofb
-
-1 3 6 1 4 1 3029 1 2 : BF-CBC : bf-cbc
- : BF-ECB : bf-ecb
-!Cname bf-cfb64
- : BF-CFB : bf-cfb
-!Cname bf-ofb64
- : BF-OFB : bf-ofb
-
-!Cname id-pkix
-1 3 6 1 5 5 7 : PKIX
-
-# PKIX Arcs
-id-pkix 0 : id-pkix-mod
-id-pkix 1 : id-pe
-id-pkix 2 : id-qt
-id-pkix 3 : id-kp
-id-pkix 4 : id-it
-id-pkix 5 : id-pkip
-id-pkix 6 : id-alg
-id-pkix 7 : id-cmc
-id-pkix 8 : id-on
-id-pkix 9 : id-pda
-id-pkix 10 : id-aca
-id-pkix 11 : id-qcs
-id-pkix 12 : id-cct
-id-pkix 48 : id-ad
-
-# PKIX Modules
-id-pkix-mod 1 : id-pkix1-explicit-88
-id-pkix-mod 2 : id-pkix1-implicit-88
-id-pkix-mod 3 : id-pkix1-explicit-93
-id-pkix-mod 4 : id-pkix1-implicit-93
-id-pkix-mod 5 : id-mod-crmf
-id-pkix-mod 6 : id-mod-cmc
-id-pkix-mod 7 : id-mod-kea-profile-88
-id-pkix-mod 8 : id-mod-kea-profile-93
-id-pkix-mod 9 : id-mod-cmp
-id-pkix-mod 10 : id-mod-qualified-cert-88
-id-pkix-mod 11 : id-mod-qualified-cert-93
-id-pkix-mod 12 : id-mod-attribute-cert
-id-pkix-mod 13 : id-mod-timestamp-protocol
-id-pkix-mod 14 : id-mod-ocsp
-id-pkix-mod 15 : id-mod-dvcs
-id-pkix-mod 16 : id-mod-cmp2000
-
-# PKIX Private Extensions
-!Cname info-access
-id-pe 1 : authorityInfoAccess : Authority Information Access
-id-pe 2 : biometricInfo : Biometric Info
-id-pe 3 : qcStatements
-id-pe 4 : ac-auditEntity
-id-pe 5 : ac-targeting
-id-pe 6 : aaControls
-id-pe 7 : sbqp-ipAddrBlock
-id-pe 8 : sbqp-autonomousSysNum
-id-pe 9 : sbqp-routerIdentifier
-
-# PKIX policyQualifiers for Internet policy qualifiers
-id-qt 1 : id-qt-cps : Policy Qualifier CPS
-id-qt 2 : id-qt-unotice : Policy Qualifier User Notice
-id-qt 3 : textNotice
-
-# PKIX key purpose identifiers
-!Cname server-auth
-id-kp 1 : serverAuth : TLS Web Server Authentication
-!Cname client-auth
-id-kp 2 : clientAuth : TLS Web Client Authentication
-!Cname code-sign
-id-kp 3 : codeSigning : Code Signing
-!Cname email-protect
-id-kp 4 : emailProtection : E-mail Protection
-id-kp 5 : ipsecEndSystem : IPSec End System
-id-kp 6 : ipsecTunnel : IPSec Tunnel
-id-kp 7 : ipsecUser : IPSec User
-!Cname time-stamp
-id-kp 8 : timeStamping : Time Stamping
-# From OCSP spec RFC2560
-!Cname OCSP-sign
-id-kp 9 : OCSPSigning : OCSP Signing
-id-kp 10 : DVCS : dvcs
-
-# CMP information types
-id-it 1 : id-it-caProtEncCert
-id-it 2 : id-it-signKeyPairTypes
-id-it 3 : id-it-encKeyPairTypes
-id-it 4 : id-it-preferredSymmAlg
-id-it 5 : id-it-caKeyUpdateInfo
-id-it 6 : id-it-currentCRL
-id-it 7 : id-it-unsupportedOIDs
-# obsolete
-id-it 8 : id-it-subscriptionRequest
-# obsolete
-id-it 9 : id-it-subscriptionResponse
-id-it 10 : id-it-keyPairParamReq
-id-it 11 : id-it-keyPairParamRep
-id-it 12 : id-it-revPassphrase
-id-it 13 : id-it-implicitConfirm
-id-it 14 : id-it-confirmWaitTime
-id-it 15 : id-it-origPKIMessage
-
-# CRMF registration
-id-pkip 1 : id-regCtrl
-id-pkip 2 : id-regInfo
-
-# CRMF registration controls
-id-regCtrl 1 : id-regCtrl-regToken
-id-regCtrl 2 : id-regCtrl-authenticator
-id-regCtrl 3 : id-regCtrl-pkiPublicationInfo
-id-regCtrl 4 : id-regCtrl-pkiArchiveOptions
-id-regCtrl 5 : id-regCtrl-oldCertID
-id-regCtrl 6 : id-regCtrl-protocolEncrKey
-
-# CRMF registration information
-id-regInfo 1 : id-regInfo-utf8Pairs
-id-regInfo 2 : id-regInfo-certReq
-
-# algorithms
-id-alg 1 : id-alg-des40
-id-alg 2 : id-alg-noSignature
-id-alg 3 : id-alg-dh-sig-hmac-sha1
-id-alg 4 : id-alg-dh-pop
-
-# CMC controls
-id-cmc 1 : id-cmc-statusInfo
-id-cmc 2 : id-cmc-identification
-id-cmc 3 : id-cmc-identityProof
-id-cmc 4 : id-cmc-dataReturn
-id-cmc 5 : id-cmc-transactionId
-id-cmc 6 : id-cmc-senderNonce
-id-cmc 7 : id-cmc-recipientNonce
-id-cmc 8 : id-cmc-addExtensions
-id-cmc 9 : id-cmc-encryptedPOP
-id-cmc 10 : id-cmc-decryptedPOP
-id-cmc 11 : id-cmc-lraPOPWitness
-id-cmc 15 : id-cmc-getCert
-id-cmc 16 : id-cmc-getCRL
-id-cmc 17 : id-cmc-revokeRequest
-id-cmc 18 : id-cmc-regInfo
-id-cmc 19 : id-cmc-responseInfo
-id-cmc 21 : id-cmc-queryPending
-id-cmc 22 : id-cmc-popLinkRandom
-id-cmc 23 : id-cmc-popLinkWitness
-id-cmc 24 : id-cmc-confirmCertAcceptance
-
-# other names
-id-on 1 : id-on-personalData
-
-# personal data attributes
-id-pda 1 : id-pda-dateOfBirth
-id-pda 2 : id-pda-placeOfBirth
-id-pda 3 : id-pda-pseudonym
-id-pda 4 : id-pda-gender
-id-pda 5 : id-pda-countryOfCitizenship
-id-pda 6 : id-pda-countryOfResidence
-
-# attribute certificate attributes
-id-aca 1 : id-aca-authenticationInfo
-id-aca 2 : id-aca-accessIdentity
-id-aca 3 : id-aca-chargingIdentity
-id-aca 4 : id-aca-group
-id-aca 5 : id-aca-role
-
-# qualified certificate statements
-id-qcs 1 : id-qcs-pkixQCSyntax-v1
-
-# CMC content types
-id-cct 1 : id-cct-crs
-id-cct 2 : id-cct-PKIData
-id-cct 3 : id-cct-PKIResponse
-
-# access descriptors for authority info access extension
-!Cname ad-OCSP
-id-ad 1 : OCSP : OCSP
-!Cname ad-ca-issuers
-id-ad 2 : caIssuers : CA Issuers
-!Cname ad-timeStamping
-id-ad 3 : ad_timestamping : AD Time Stamping
-!Cname ad-dvcs
-id-ad 4 : AD_DVCS : ad dvcs
-
-
-!Alias id-pkix-OCSP ad-OCSP
-!module id-pkix-OCSP
-!Cname basic
-id-pkix-OCSP 1 : basicOCSPResponse : Basic OCSP Response
-id-pkix-OCSP 2 : Nonce : OCSP Nonce
-id-pkix-OCSP 3 : CrlID : OCSP CRL ID
-id-pkix-OCSP 4 : acceptableResponses : Acceptable OCSP Responses
-id-pkix-OCSP 5 : noCheck
-id-pkix-OCSP 6 : archiveCutoff : OCSP Archive Cutoff
-id-pkix-OCSP 7 : serviceLocator : OCSP Service Locator
-id-pkix-OCSP 8 : extendedStatus : Extended OCSP Status
-id-pkix-OCSP 9 : valid
-id-pkix-OCSP 10 : path
-id-pkix-OCSP 11 : trustRoot : Trust Root
-!global
-
-1 3 14 3 2 : algorithm : algorithm
-algorithm 3 : RSA-NP-MD5 : md5WithRSA
-algorithm 6 : DES-ECB : des-ecb
-algorithm 7 : DES-CBC : des-cbc
-!Cname des-ofb64
-algorithm 8 : DES-OFB : des-ofb
-!Cname des-cfb64
-algorithm 9 : DES-CFB : des-cfb
-algorithm 11 : rsaSignature
-!Cname dsa-2
-algorithm 12 : DSA-old : dsaEncryption-old
-algorithm 13 : DSA-SHA : dsaWithSHA
-algorithm 15 : RSA-SHA : shaWithRSAEncryption
-algorithm 17 : DES-EDE : des-ede
- : DES-EDE3 : des-ede3
- : DES-EDE-CBC : des-ede-cbc
-!Cname des-ede-cfb64
- : DES-EDE-CFB : des-ede-cfb
-!Cname des-ede3-cfb64
- : DES-EDE3-CFB : des-ede3-cfb
-!Cname des-ede-ofb64
- : DES-EDE-OFB : des-ede-ofb
-!Cname des-ede3-ofb64
- : DES-EDE3-OFB : des-ede3-ofb
- : DESX-CBC : desx-cbc
-algorithm 18 : SHA : sha
-algorithm 26 : SHA1 : sha1
-!Cname dsaWithSHA1-2
-algorithm 27 : DSA-SHA1-old : dsaWithSHA1-old
-algorithm 29 : RSA-SHA1-2 : sha1WithRSA
-
-1 3 36 3 2 1 : RIPEMD160 : ripemd160
-1 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA
-
-!Cname sxnet
-1 3 101 1 4 1 : SXNetID : Strong Extranet ID
-
-2 5 : X500 : directory services (X.500)
-
-X500 4 : X509
-X509 3 : CN : commonName
-X509 4 : S : surname
-X509 5 : SN : serialNumber
-X509 6 : C : countryName
-X509 7 : L : localityName
-X509 8 : ST : stateOrProvinceName
-X509 10 : O : organizationName
-X509 11 : OU : organizationalUnitName
-X509 12 : T : title
-X509 13 : D : description
-X509 41 : name : name
-X509 42 : G : givenName
-X509 43 : I : initials
-X509 45 : UID : uniqueIdentifier
-X509 46 : dnQualifier : dnQualifier
-
-X500 8 : X500algorithms : directory services - algorithms
-X500algorithms 1 1 : RSA : rsa
-X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA
-X500algorithms 3 101 : MDC2 : mdc2
-
-X500 29 : id-ce
-!Cname subject-key-identifier
-id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier
-!Cname key-usage
-id-ce 15 : keyUsage : X509v3 Key Usage
-!Cname private-key-usage-period
-id-ce 16 : privateKeyUsagePeriod : X509v3 Private Key Usage Period
-!Cname subject-alt-name
-id-ce 17 : subjectAltName : X509v3 Subject Alternative Name
-!Cname issuer-alt-name
-id-ce 18 : issuerAltName : X509v3 Issuer Alternative Name
-!Cname basic-constraints
-id-ce 19 : basicConstraints : X509v3 Basic Constraints
-!Cname crl-number
-id-ce 20 : crlNumber : X509v3 CRL Number
-!Cname crl-reason
-id-ce 21 : CRLReason : X509v3 CRL Reason Code
-!Cname invalidity-date
-id-ce 24 : invalidityDate : Invalidity Date
-!Cname delta-crl
-id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator
-!Cname crl-distribution-points
-id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points
-!Cname certificate-policies
-id-ce 32 : certificatePolicies : X509v3 Certificate Policies
-!Cname authority-key-identifier
-id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier
-!Cname ext-key-usage
-id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage
-
-!Cname netscape
-2 16 840 1 113730 : Netscape : Netscape Communications Corp.
-!Cname netscape-cert-extension
-netscape 1 : nsCertExt : Netscape Certificate Extension
-!Cname netscape-data-type
-netscape 2 : nsDataType : Netscape Data Type
-!Cname netscape-cert-type
-netscape-cert-extension 1 : nsCertType : Netscape Cert Type
-!Cname netscape-base-url
-netscape-cert-extension 2 : nsBaseUrl : Netscape Base Url
-!Cname netscape-revocation-url
-netscape-cert-extension 3 : nsRevocationUrl : Netscape Revocation Url
-!Cname netscape-ca-revocation-url
-netscape-cert-extension 4 : nsCaRevocationUrl : Netscape CA Revocation Url
-!Cname netscape-renewal-url
-netscape-cert-extension 7 : nsRenewalUrl : Netscape Renewal Url
-!Cname netscape-ca-policy-url
-netscape-cert-extension 8 : nsCaPolicyUrl : Netscape CA Policy Url
-!Cname netscape-ssl-server-name
-netscape-cert-extension 12 : nsSslServerName : Netscape SSL Server Name
-!Cname netscape-comment
-netscape-cert-extension 13 : nsComment : Netscape Comment
-!Cname netscape-cert-sequence
-netscape-data-type 5 : nsCertSequence : Netscape Certificate Sequence
-!Cname ns-sgc
-netscape 4 1 : nsSGC : Netscape Server Gated Crypto
-
-# iso(1)
-iso 3 : ORG : org
-org 6 : DOD : dod
-dod 1 : IANA : iana
-!Alias internet iana
-
-internet 1 : directory : Directory
-internet 2 : mgmt : Management
-internet 3 : experimental : Experimental
-internet 4 : private : Private
-internet 5 : security : Security
-internet 6 : snmpv2 : SNMPv2
-internet 7 : mail : Mail
-
-private 1 : enterprises : Enterprises
-
-# RFC 2247
-enterprises 1466 344 : dcobject : dcObject
-
-# Stray OIDs we don't know the full name of each step for
-# RFC 2247
-0 9 2342 19200300 100 1 25 : DC : domainComponent
-0 9 2342 19200300 100 4 13 : domain : Domain
-
-# What the hell are these OIDs, really?
-!Cname rle-compression
-1 1 1 1 666 1 : RLE : run length compression
-!Cname zlib-compression
-1 1 1 1 666 2 : ZLIB : zlib compression
-
diff --git a/src/lib/libcrypto/opensslv.h b/src/lib/libcrypto/opensslv.h
deleted file mode 100644
index 4b25018e49..0000000000
--- a/src/lib/libcrypto/opensslv.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef HEADER_OPENSSLV_H
-#define HEADER_OPENSSLV_H
-
-/* Numeric release version identifier:
- * MNNFFPPS: major minor fix patch status
- * The status nibble has one of the values 0 for development, 1 to e for betas
- * 1 to 14, and f for release. The patch level is exactly that.
- * For example:
- * 0.9.3-dev 0x00903000
- * 0.9.3-beta1 0x00903001
- * 0.9.3-beta2-dev 0x00903002
- * 0.9.3-beta2 0x00903002 (same as ...beta2-dev)
- * 0.9.3 0x0090300f
- * 0.9.3a 0x0090301f
- * 0.9.4 0x0090400f
- * 1.2.3z 0x102031af
- *
- * For continuity reasons (because 0.9.5 is already out, and is coded
- * 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level
- * part is slightly different, by setting the highest bit. This means
- * that 0.9.5a looks like this: 0x0090581f. At 0.9.6, we can start
- * with 0x0090600S...
- *
- * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
- * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
- * major minor fix final patch/beta)
- */
-#define OPENSSL_VERSION_NUMBER 0x0090602fL
-#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6b [engine] 9 Jul 2001"
-#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
-
-
-/* The macros below are to be used for shared library (.so, .dll, ...)
- * versioning. That kind of versioning works a bit differently between
- * operating systems. The most usual scheme is to set a major and a minor
- * number, and have the runtime loader check that the major number is equal
- * to what it was at application link time, while the minor number has to
- * be greater or equal to what it was at application link time. With this
- * scheme, the version number is usually part of the file name, like this:
- *
- * libcrypto.so.0.9
- *
- * Some unixen also make a softlink with the major verson number only:
- *
- * libcrypto.so.0
- *
- * On True64 it works a little bit differently. There, the shared library
- * version is stored in the file, and is actually a series of versions,
- * separated by colons. The rightmost version present in the library when
- * linking an application is stored in the application to be matched at
- * run time. When the application is run, a check is done to see if the
- * library version stored in the application matches any of the versions
- * in the version string of the library itself.
- * This version string can be constructed in any way, depending on what
- * kind of matching is desired. However, to implement the same scheme as
- * the one used in the other unixen, all compatible versions, from lowest
- * to highest, should be part of the string. Consecutive builds would
- * give the following versions strings:
- *
- * 3.0
- * 3.0:3.1
- * 3.0:3.1:3.2
- * 4.0
- * 4.0:4.1
- *
- * Notice how version 4 is completely incompatible with version, and
- * therefore give the breach you can see.
- *
- * There may be other schemes as well that I haven't yet discovered.
- *
- * So, here's the way it works here: first of all, the library version
- * number doesn't need at all to match the overall OpenSSL version.
- * However, it's nice and more understandable if it actually does.
- * The current library version is stored in the macro SHLIB_VERSION_NUMBER,
- * which is just a piece of text in the format "M.m.e" (Major, minor, edit).
- * For the sake of True64 and any other OS that behaves in similar ways,
- * we need to keep a history of version numbers, which is done in the
- * macro SHLIB_VERSION_HISTORY. The numbers are separated by colons and
- * should only keep the versions that are binary compatible with the current.
- */
-#define SHLIB_VERSION_HISTORY ""
-#define SHLIB_VERSION_NUMBER "0.9.6"
-
-
-#endif /* HEADER_OPENSSLV_H */
diff --git a/src/lib/libcrypto/pem/message b/src/lib/libcrypto/pem/message
deleted file mode 100644
index e8bf9d7592..0000000000
--- a/src/lib/libcrypto/pem/message
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PRIVACY-ENHANCED MESSAGE-----
-Proc-Type: 4,ENCRYPTED
-Proc-Type: 4,MIC-ONLY
-Proc-Type: 4,MIC-CLEAR
-Content-Domain: RFC822
-DEK-Info: DES-CBC,0123456789abcdef
-Originator-Certificate
- xxxx
-Issuer-Certificate
- xxxx
-MIC-Info: RSA-MD5,RSA,
- xxxx
-
-
------END PRIVACY-ENHANCED MESSAGE-----
-
diff --git a/src/lib/libcrypto/pem/pem.h b/src/lib/libcrypto/pem/pem.h
deleted file mode 100644
index 6d3c446577..0000000000
--- a/src/lib/libcrypto/pem/pem.h
+++ /dev/null
@@ -1,667 +0,0 @@
-/* crypto/pem/pem.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_PEM_H
-#define HEADER_PEM_H
-
-#ifndef NO_BIO
-#include <openssl/bio.h>
-#endif
-#ifndef NO_STACK
-#include <openssl/stack.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem2.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define PEM_BUFSIZE 1024
-
-#define PEM_OBJ_UNDEF 0
-#define PEM_OBJ_X509 1
-#define PEM_OBJ_X509_REQ 2
-#define PEM_OBJ_CRL 3
-#define PEM_OBJ_SSL_SESSION 4
-#define PEM_OBJ_PRIV_KEY 10
-#define PEM_OBJ_PRIV_RSA 11
-#define PEM_OBJ_PRIV_DSA 12
-#define PEM_OBJ_PRIV_DH 13
-#define PEM_OBJ_PUB_RSA 14
-#define PEM_OBJ_PUB_DSA 15
-#define PEM_OBJ_PUB_DH 16
-#define PEM_OBJ_DHPARAMS 17
-#define PEM_OBJ_DSAPARAMS 18
-#define PEM_OBJ_PRIV_RSA_PUBLIC 19
-
-#define PEM_ERROR 30
-#define PEM_DEK_DES_CBC 40
-#define PEM_DEK_IDEA_CBC 45
-#define PEM_DEK_DES_EDE 50
-#define PEM_DEK_DES_ECB 60
-#define PEM_DEK_RSA 70
-#define PEM_DEK_RSA_MD2 80
-#define PEM_DEK_RSA_MD5 90
-
-#define PEM_MD_MD2 NID_md2
-#define PEM_MD_MD5 NID_md5
-#define PEM_MD_SHA NID_sha
-#define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
-#define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
-#define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
-
-#define PEM_STRING_X509_OLD "X509 CERTIFICATE"
-#define PEM_STRING_X509 "CERTIFICATE"
-#define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
-#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
-#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
-#define PEM_STRING_X509_CRL "X509 CRL"
-#define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
-#define PEM_STRING_PUBLIC "PUBLIC KEY"
-#define PEM_STRING_RSA "RSA PRIVATE KEY"
-#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
-#define PEM_STRING_DSA "DSA PRIVATE KEY"
-#define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
-#define PEM_STRING_PKCS7 "PKCS7"
-#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
-#define PEM_STRING_PKCS8INF "PRIVATE KEY"
-#define PEM_STRING_DHPARAMS "DH PARAMETERS"
-#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
-#define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
-
-
-typedef struct PEM_Encode_Seal_st
- {
- EVP_ENCODE_CTX encode;
- EVP_MD_CTX md;
- EVP_CIPHER_CTX cipher;
- } PEM_ENCODE_SEAL_CTX;
-
-/* enc_type is one off */
-#define PEM_TYPE_ENCRYPTED 10
-#define PEM_TYPE_MIC_ONLY 20
-#define PEM_TYPE_MIC_CLEAR 30
-#define PEM_TYPE_CLEAR 40
-
-typedef struct pem_recip_st
- {
- char *name;
- X509_NAME *dn;
-
- int cipher;
- int key_enc;
- char iv[8];
- } PEM_USER;
-
-typedef struct pem_ctx_st
- {
- int type; /* what type of object */
-
- struct {
- int version;
- int mode;
- } proc_type;
-
- char *domain;
-
- struct {
- int cipher;
- unsigned char iv[8];
- } DEK_info;
-
- PEM_USER *originator;
-
- int num_recipient;
- PEM_USER **recipient;
-
-#ifndef NO_STACK
- STACK *x509_chain; /* certificate chain */
-#else
- char *x509_chain; /* certificate chain */
-#endif
- EVP_MD *md; /* signature type */
-
- int md_enc; /* is the md encrypted or not? */
- int md_len; /* length of md_data */
- char *md_data; /* message digest, could be pkey encrypted */
-
- EVP_CIPHER *dec; /* date encryption cipher */
- int key_len; /* key length */
- unsigned char *key; /* key */
- unsigned char iv[8]; /* the iv */
-
-
- int data_enc; /* is the data encrypted */
- int data_len;
- unsigned char *data;
- } PEM_CTX;
-
-/* These macros make the PEM_read/PEM_write functions easier to maintain and
- * write. Now they are all implemented with either:
- * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...)
- */
-
-#ifdef NO_FP_API
-
-#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
-#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
-#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
-
-#else
-
-#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
-type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
-{ \
-return((type *)PEM_ASN1_read((char *(*)())d2i_##asn1, str,fp,(char **)x,\
- cb,u)); \
-} \
-
-#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x) \
-{ \
-return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, (char *)x, \
- NULL,NULL,0,NULL,NULL)); \
-}
-
-#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, \
- void *u) \
- { \
- return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, \
- (char *)x,enc,kstr,klen,cb,u)); \
- }
-
-#endif
-
-#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
-type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
-{ \
-return((type *)PEM_ASN1_read_bio((char *(*)())d2i_##asn1, str,bp,\
- (char **)x,cb,u)); \
-}
-
-#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x) \
-{ \
-return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, (char *)x, \
- NULL,NULL,0,NULL,NULL)); \
-}
-
-#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
- { \
- return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, \
- (char *)x,enc,kstr,klen,cb,u)); \
- }
-
-#define IMPLEMENT_PEM_write(name, type, str, asn1) \
- IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
- IMPLEMENT_PEM_write_fp(name, type, str, asn1)
-
-#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
-
-#define IMPLEMENT_PEM_read(name, type, str, asn1) \
- IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
- IMPLEMENT_PEM_read_fp(name, type, str, asn1)
-
-#define IMPLEMENT_PEM_rw(name, type, str, asn1) \
- IMPLEMENT_PEM_read(name, type, str, asn1) \
- IMPLEMENT_PEM_write(name, type, str, asn1)
-
-#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
- IMPLEMENT_PEM_read(name, type, str, asn1) \
- IMPLEMENT_PEM_write_cb(name, type, str, asn1)
-
-/* These are the same except they are for the declarations */
-
-#if defined(WIN16) || defined(NO_FP_API)
-
-#define DECLARE_PEM_read_fp(name, type) /**/
-#define DECLARE_PEM_write_fp(name, type) /**/
-#define DECLARE_PEM_write_cb_fp(name, type) /**/
-
-#else
-
-#define DECLARE_PEM_read_fp(name, type) \
- type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
-
-#define DECLARE_PEM_write_fp(name, type) \
- int PEM_write_##name(FILE *fp, type *x);
-
-#define DECLARE_PEM_write_cb_fp(name, type) \
- int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
-
-#endif
-
-#ifndef NO_BIO
-#define DECLARE_PEM_read_bio(name, type) \
- type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
-
-#define DECLARE_PEM_write_bio(name, type) \
- int PEM_write_bio_##name(BIO *bp, type *x);
-
-#define DECLARE_PEM_write_cb_bio(name, type) \
- int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
- unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
-
-#else
-
-#define DECLARE_PEM_read_bio(name, type) /**/
-#define DECLARE_PEM_write_bio(name, type) /**/
-#define DECLARE_PEM_write_cb_bio(name, type) /**/
-
-#endif
-
-#define DECLARE_PEM_write(name, type) \
- DECLARE_PEM_write_bio(name, type) \
- DECLARE_PEM_write_fp(name, type)
-
-#define DECLARE_PEM_write_cb(name, type) \
- DECLARE_PEM_write_cb_bio(name, type) \
- DECLARE_PEM_write_cb_fp(name, type)
-
-#define DECLARE_PEM_read(name, type) \
- DECLARE_PEM_read_bio(name, type) \
- DECLARE_PEM_read_fp(name, type)
-
-#define DECLARE_PEM_rw(name, type) \
- DECLARE_PEM_read(name, type) \
- DECLARE_PEM_write(name, type)
-
-#define DECLARE_PEM_rw_cb(name, type) \
- DECLARE_PEM_read(name, type) \
- DECLARE_PEM_write_cb(name, type)
-
-#ifdef SSLEAY_MACROS
-
-#define PEM_write_SSL_SESSION(fp,x) \
- PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
- PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_X509(fp,x) \
- PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
- (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
- (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
- NULL,NULL,0,NULL,NULL)
-#define PEM_write_X509_CRL(fp,x) \
- PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
- fp,(char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
- PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
- (char *)x,enc,kstr,klen,cb,u)
-#define PEM_write_RSAPublicKey(fp,x) \
- PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
- PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
-#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
- PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
- (char *)x,enc,kstr,klen,cb,u)
-#define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
- PEM_ASN1_write((int (*)())i2d_PrivateKey,\
- (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
- bp,(char *)x,enc,kstr,klen,cb,u)
-#define PEM_write_PKCS7(fp,x) \
- PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
- (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_DHparams(fp,x) \
- PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
- (char *)x,NULL,NULL,0,NULL,NULL)
-
-#define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \
- PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
- PEM_STRING_X509,fp, \
- (char *)x, NULL,NULL,0,NULL,NULL)
-
-#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
- (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
-#define PEM_read_X509(fp,x,cb,u) (X509 *)PEM_ASN1_read( \
- (char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb,u)
-#define PEM_read_X509_REQ(fp,x,cb,u) (X509_REQ *)PEM_ASN1_read( \
- (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb,u)
-#define PEM_read_X509_CRL(fp,x,cb,u) (X509_CRL *)PEM_ASN1_read( \
- (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb,u)
-#define PEM_read_RSAPrivateKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
- (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb,u)
-#define PEM_read_RSAPublicKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
- (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb,u)
-#define PEM_read_DSAPrivateKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
- (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb,u)
-#define PEM_read_PrivateKey(fp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read( \
- (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb,u)
-#define PEM_read_PKCS7(fp,x,cb,u) (PKCS7 *)PEM_ASN1_read( \
- (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb,u)
-#define PEM_read_DHparams(fp,x,cb,u) (DH *)PEM_ASN1_read( \
- (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb,u)
-
-#define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb,u) \
- (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \
- (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\
- (char **)x,cb,u)
-
-#define PEM_write_bio_SSL_SESSION(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
- PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_X509(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
- (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
- (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
- NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_X509_CRL(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
- bp,(char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
- PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
- bp,(char *)x,enc,kstr,klen,cb,u)
-#define PEM_write_bio_RSAPublicKey(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
- PEM_STRING_RSA_PUBLIC,\
- bp,(char *)x,NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
- PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
- bp,(char *)x,enc,kstr,klen,cb,u)
-#define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
- PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
- (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
- bp,(char *)x,enc,kstr,klen,cb,u)
-#define PEM_write_bio_PKCS7(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
- (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_DHparams(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
- bp,(char *)x,NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_DSAparams(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
- PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL,NULL)
-
-#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
- PEM_STRING_X509,bp, \
- (char *)x, NULL,NULL,0,NULL,NULL)
-
-#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
-#define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u)
-#define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb,u)
-#define PEM_read_bio_X509_CRL(bp,x,cb,u) (X509_CRL *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb,u)
-#define PEM_read_bio_RSAPrivateKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb,u)
-#define PEM_read_bio_RSAPublicKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb,u)
-#define PEM_read_bio_DSAPrivateKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb,u)
-#define PEM_read_bio_PrivateKey(bp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb,u)
-
-#define PEM_read_bio_PKCS7(bp,x,cb,u) (PKCS7 *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb,u)
-#define PEM_read_bio_DHparams(bp,x,cb,u) (DH *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb,u)
-#define PEM_read_bio_DSAparams(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb,u)
-
-#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb,u) \
- (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\
- (char **)x,cb,u)
-
-#endif
-
-#if 1
-/* "userdata": new with OpenSSL 0.9.4 */
-typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata);
-#else
-/* OpenSSL 0.9.3, 0.9.3a */
-typedef int pem_password_cb(char *buf, int size, int rwflag);
-#endif
-
-int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
-int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
- pem_password_cb *callback,void *u);
-
-#ifndef NO_BIO
-int PEM_read_bio(BIO *bp, char **name, char **header,
- unsigned char **data,long *len);
-int PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data,
- long len);
-char * PEM_ASN1_read_bio(char *(*d2i)(),const char *name,BIO *bp,char **x,
- pem_password_cb *cb, void *u);
-int PEM_ASN1_write_bio(int (*i2d)(),const char *name,BIO *bp,char *x,
- const EVP_CIPHER *enc,unsigned char *kstr,int klen,
- pem_password_cb *cb, void *u);
-STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
-int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
- unsigned char *kstr, int klen, pem_password_cb *cd, void *u);
-#endif
-
-#ifndef WIN16
-int PEM_read(FILE *fp, char **name, char **header,
- unsigned char **data,long *len);
-int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
-char * PEM_ASN1_read(char *(*d2i)(),const char *name,FILE *fp,char **x,
- pem_password_cb *cb, void *u);
-int PEM_ASN1_write(int (*i2d)(),const char *name,FILE *fp,char *x,
- const EVP_CIPHER *enc,unsigned char *kstr,int klen,
- pem_password_cb *callback, void *u);
-STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
- pem_password_cb *cb, void *u);
-#endif
-
-int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
- EVP_MD *md_type, unsigned char **ek, int *ekl,
- unsigned char *iv, EVP_PKEY **pubk, int npubk);
-void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
- unsigned char *in, int inl);
-int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl,
- unsigned char *out, int *outl, EVP_PKEY *priv);
-
-void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
-void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
-int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
- unsigned int *siglen, EVP_PKEY *pkey);
-
-void ERR_load_PEM_strings(void);
-
-void PEM_proc_type(char *buf, int type);
-void PEM_dek_info(char *buf, const char *type, int len, char *str);
-
-#ifndef SSLEAY_MACROS
-
-#include <openssl/symhacks.h>
-
-DECLARE_PEM_rw(X509, X509)
-
-DECLARE_PEM_rw(X509_AUX, X509)
-
-DECLARE_PEM_rw(X509_REQ, X509_REQ)
-DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
-
-DECLARE_PEM_rw(X509_CRL, X509_CRL)
-
-DECLARE_PEM_rw(PKCS7, PKCS7)
-
-DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
-
-DECLARE_PEM_rw(PKCS8, X509_SIG)
-
-DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
-
-#ifndef NO_RSA
-
-DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
-
-DECLARE_PEM_rw(RSAPublicKey, RSA)
-DECLARE_PEM_rw(RSA_PUBKEY, RSA)
-
-#endif
-
-#ifndef NO_DSA
-
-DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
-
-DECLARE_PEM_rw(DSA_PUBKEY, DSA)
-
-DECLARE_PEM_rw(DSAparams, DSA)
-
-#endif
-
-#ifndef NO_DH
-
-DECLARE_PEM_rw(DHparams, DH)
-
-#endif
-
-DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
-
-DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
-
-int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
- char *, int, pem_password_cb *, void *);
-int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
-
-int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-
-EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
-
-int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
- char *kstr,int klen, pem_password_cb *cd, void *u);
-
-#endif /* SSLEAY_MACROS */
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the PEM functions. */
-
-/* Function codes. */
-#define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
-#define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
-#define PEM_F_DEF_CALLBACK 100
-#define PEM_F_LOAD_IV 101
-#define PEM_F_PEM_ASN1_READ 102
-#define PEM_F_PEM_ASN1_READ_BIO 103
-#define PEM_F_PEM_ASN1_WRITE 104
-#define PEM_F_PEM_ASN1_WRITE_BIO 105
-#define PEM_F_PEM_DO_HEADER 106
-#define PEM_F_PEM_F_DO_PK8KEY_FP 122
-#define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
-#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
-#define PEM_F_PEM_READ 108
-#define PEM_F_PEM_READ_BIO 109
-#define PEM_F_PEM_SEALFINAL 110
-#define PEM_F_PEM_SEALINIT 111
-#define PEM_F_PEM_SIGNFINAL 112
-#define PEM_F_PEM_WRITE 113
-#define PEM_F_PEM_WRITE_BIO 114
-#define PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY 119
-#define PEM_F_PEM_X509_INFO_READ 115
-#define PEM_F_PEM_X509_INFO_READ_BIO 116
-#define PEM_F_PEM_X509_INFO_WRITE_BIO 117
-
-/* Reason codes. */
-#define PEM_R_BAD_BASE64_DECODE 100
-#define PEM_R_BAD_DECRYPT 101
-#define PEM_R_BAD_END_LINE 102
-#define PEM_R_BAD_IV_CHARS 103
-#define PEM_R_BAD_PASSWORD_READ 104
-#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
-#define PEM_R_NOT_DEK_INFO 105
-#define PEM_R_NOT_ENCRYPTED 106
-#define PEM_R_NOT_PROC_TYPE 107
-#define PEM_R_NO_START_LINE 108
-#define PEM_R_PROBLEMS_GETTING_PASSWORD 109
-#define PEM_R_PUBLIC_KEY_NO_RSA 110
-#define PEM_R_READ_KEY 111
-#define PEM_R_SHORT_HEADER 112
-#define PEM_R_UNSUPPORTED_CIPHER 113
-#define PEM_R_UNSUPPORTED_ENCRYPTION 114
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/pem/pem2.h b/src/lib/libcrypto/pem/pem2.h
deleted file mode 100644
index 4e484bcd82..0000000000
--- a/src/lib/libcrypto/pem/pem2.h
+++ /dev/null
@@ -1,68 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * This header only exists to break a circular dependency between pem and err
- * Ben 30 Jan 1999.
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-void ERR_load_PEM_strings(void);
-
-#ifdef __cplusplus
-}
-#endif
diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c
deleted file mode 100644
index dc9c35b4b4..0000000000
--- a/src/lib/libcrypto/pem/pem_all.c
+++ /dev/null
@@ -1,203 +0,0 @@
-/* crypto/pem/pem_all.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#undef SSLEAY_MACROS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-
-#ifndef NO_RSA
-static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);
-#endif
-#ifndef NO_DSA
-static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa);
-#endif
-
-IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509)
-
-IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX)
-
-IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ)
-
-IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ)
-
-IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL)
-
-IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7)
-
-IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE,
- PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE)
-
-IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)
-IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF,
- PKCS8_PRIV_KEY_INFO)
-
-#ifndef NO_RSA
-
-/* We treat RSA or DSA private keys as a special case.
- *
- * For private keys we read in an EVP_PKEY structure with
- * PEM_read_bio_PrivateKey() and extract the relevant private
- * key: this means can handle "traditional" and PKCS#8 formats
- * transparently.
- */
-
-static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa)
-{
- RSA *rtmp;
- if(!key) return NULL;
- rtmp = EVP_PKEY_get1_RSA(key);
- EVP_PKEY_free(key);
- if(!rtmp) return NULL;
- if(rsa) {
- RSA_free(*rsa);
- *rsa = rtmp;
- }
- return rtmp;
-}
-
-RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb,
- void *u)
-{
- EVP_PKEY *pktmp;
- pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
- return pkey_get_rsa(pktmp, rsa);
-}
-
-#ifndef NO_FP_API
-
-RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb,
- void *u)
-{
- EVP_PKEY *pktmp;
- pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
- return pkey_get_rsa(pktmp, rsa);
-}
-
-#endif
-
-IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
-IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
-IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
-
-#endif
-
-#ifndef NO_DSA
-
-static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa)
-{
- DSA *dtmp;
- if(!key) return NULL;
- dtmp = EVP_PKEY_get1_DSA(key);
- EVP_PKEY_free(key);
- if(!dtmp) return NULL;
- if(dsa) {
- DSA_free(*dsa);
- *dsa = dtmp;
- }
- return dtmp;
-}
-
-DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
- void *u)
-{
- EVP_PKEY *pktmp;
- pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
- return pkey_get_dsa(pktmp, dsa);
-}
-
-IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
-IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
-
-#ifndef NO_FP_API
-
-DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb,
- void *u)
-{
- EVP_PKEY *pktmp;
- pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
- return pkey_get_dsa(pktmp, dsa);
-}
-
-#endif
-
-IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
-
-#endif
-
-#ifndef NO_DH
-
-IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
-
-#endif
-
-
-/* The PrivateKey case is not that straightforward.
- * IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
- * does not work, RSA and DSA keys have specific strings.
- * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything
- * appropriate.)
- */
-IMPLEMENT_PEM_read(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
-IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), PrivateKey)
-
-IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
diff --git a/src/lib/libcrypto/pem/pem_err.c b/src/lib/libcrypto/pem/pem_err.c
deleted file mode 100644
index 8b1789b11c..0000000000
--- a/src/lib/libcrypto/pem/pem_err.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* crypto/pem/pem_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA PEM_str_functs[]=
- {
-{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_BIO,0), "d2i_PKCS8PrivateKey_bio"},
-{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_FP,0), "d2i_PKCS8PrivateKey_fp"},
-{ERR_PACK(0,PEM_F_DEF_CALLBACK,0), "DEF_CALLBACK"},
-{ERR_PACK(0,PEM_F_LOAD_IV,0), "LOAD_IV"},
-{ERR_PACK(0,PEM_F_PEM_ASN1_READ,0), "PEM_ASN1_read"},
-{ERR_PACK(0,PEM_F_PEM_ASN1_READ_BIO,0), "PEM_ASN1_read_bio"},
-{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE,0), "PEM_ASN1_write"},
-{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE_BIO,0), "PEM_ASN1_write_bio"},
-{ERR_PACK(0,PEM_F_PEM_DO_HEADER,0), "PEM_do_header"},
-{ERR_PACK(0,PEM_F_PEM_F_DO_PK8KEY_FP,0), "PEM_F_DO_PK8KEY_FP"},
-{ERR_PACK(0,PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY,0), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
-{ERR_PACK(0,PEM_F_PEM_GET_EVP_CIPHER_INFO,0), "PEM_get_EVP_CIPHER_INFO"},
-{ERR_PACK(0,PEM_F_PEM_READ,0), "PEM_read"},
-{ERR_PACK(0,PEM_F_PEM_READ_BIO,0), "PEM_read_bio"},
-{ERR_PACK(0,PEM_F_PEM_SEALFINAL,0), "PEM_SealFinal"},
-{ERR_PACK(0,PEM_F_PEM_SEALINIT,0), "PEM_SealInit"},
-{ERR_PACK(0,PEM_F_PEM_SIGNFINAL,0), "PEM_SignFinal"},
-{ERR_PACK(0,PEM_F_PEM_WRITE,0), "PEM_write"},
-{ERR_PACK(0,PEM_F_PEM_WRITE_BIO,0), "PEM_write_bio"},
-{ERR_PACK(0,PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,0), "PEM_write_bio_PKCS8PrivateKey"},
-{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ,0), "PEM_X509_INFO_read"},
-{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ_BIO,0), "PEM_X509_INFO_read_bio"},
-{ERR_PACK(0,PEM_F_PEM_X509_INFO_WRITE_BIO,0), "PEM_X509_INFO_write_bio"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA PEM_str_reasons[]=
- {
-{PEM_R_BAD_BASE64_DECODE ,"bad base64 decode"},
-{PEM_R_BAD_DECRYPT ,"bad decrypt"},
-{PEM_R_BAD_END_LINE ,"bad end line"},
-{PEM_R_BAD_IV_CHARS ,"bad iv chars"},
-{PEM_R_BAD_PASSWORD_READ ,"bad password read"},
-{PEM_R_ERROR_CONVERTING_PRIVATE_KEY ,"error converting private key"},
-{PEM_R_NOT_DEK_INFO ,"not dek info"},
-{PEM_R_NOT_ENCRYPTED ,"not encrypted"},
-{PEM_R_NOT_PROC_TYPE ,"not proc type"},
-{PEM_R_NO_START_LINE ,"no start line"},
-{PEM_R_PROBLEMS_GETTING_PASSWORD ,"problems getting password"},
-{PEM_R_PUBLIC_KEY_NO_RSA ,"public key no rsa"},
-{PEM_R_READ_KEY ,"read key"},
-{PEM_R_SHORT_HEADER ,"short header"},
-{PEM_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
-{PEM_R_UNSUPPORTED_ENCRYPTION ,"unsupported encryption"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_PEM_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_PEM,PEM_str_functs);
- ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c
deleted file mode 100644
index f1694f1125..0000000000
--- a/src/lib/libcrypto/pem/pem_info.c
+++ /dev/null
@@ -1,364 +0,0 @@
-/* crypto/pem/pem_info.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#ifndef NO_FP_API
-STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
- {
- BIO *b;
- STACK_OF(X509_INFO) *ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- PEMerr(PEM_F_PEM_X509_INFO_READ,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=PEM_X509_INFO_read_bio(b,sk,cb,u);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
- {
- X509_INFO *xi=NULL;
- char *name=NULL,*header=NULL,**pp;
- unsigned char *data=NULL,*p;
- long len,error=0;
- int ok=0;
- STACK_OF(X509_INFO) *ret=NULL;
- unsigned int i,raw;
- char *(*d2i)();
-
- if (sk == NULL)
- {
- if ((ret=sk_X509_INFO_new_null()) == NULL)
- {
- PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
- else
- ret=sk;
-
- if ((xi=X509_INFO_new()) == NULL) goto err;
- for (;;)
- {
- raw=0;
- i=PEM_read_bio(bp,&name,&header,&data,&len);
- if (i == 0)
- {
- error=ERR_GET_REASON(ERR_peek_error());
- if (error == PEM_R_NO_START_LINE)
- {
- ERR_clear_error();
- break;
- }
- goto err;
- }
-start:
- if ( (strcmp(name,PEM_STRING_X509) == 0) ||
- (strcmp(name,PEM_STRING_X509_OLD) == 0))
- {
- d2i=(char *(*)())d2i_X509;
- if (xi->x509 != NULL)
- {
- if (!sk_X509_INFO_push(ret,xi)) goto err;
- if ((xi=X509_INFO_new()) == NULL) goto err;
- goto start;
- }
- pp=(char **)&(xi->x509);
- }
- else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0))
- {
- d2i=(char *(*)())d2i_X509_AUX;
- if (xi->x509 != NULL)
- {
- if (!sk_X509_INFO_push(ret,xi)) goto err;
- if ((xi=X509_INFO_new()) == NULL) goto err;
- goto start;
- }
- pp=(char **)&(xi->x509);
- }
- else if (strcmp(name,PEM_STRING_X509_CRL) == 0)
- {
- d2i=(char *(*)())d2i_X509_CRL;
- if (xi->crl != NULL)
- {
- if (!sk_X509_INFO_push(ret,xi)) goto err;
- if ((xi=X509_INFO_new()) == NULL) goto err;
- goto start;
- }
- pp=(char **)&(xi->crl);
- }
- else
-#ifndef NO_RSA
- if (strcmp(name,PEM_STRING_RSA) == 0)
- {
- d2i=(char *(*)())d2i_RSAPrivateKey;
- if (xi->x_pkey != NULL)
- {
- if (!sk_X509_INFO_push(ret,xi)) goto err;
- if ((xi=X509_INFO_new()) == NULL) goto err;
- goto start;
- }
-
- xi->enc_data=NULL;
- xi->enc_len=0;
-
- xi->x_pkey=X509_PKEY_new();
- if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
- goto err;
- xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA;
- pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa);
- if ((int)strlen(header) > 10) /* assume encrypted */
- raw=1;
- }
- else
-#endif
-#ifndef NO_DSA
- if (strcmp(name,PEM_STRING_DSA) == 0)
- {
- d2i=(char *(*)())d2i_DSAPrivateKey;
- if (xi->x_pkey != NULL)
- {
- if (!sk_X509_INFO_push(ret,xi)) goto err;
- if ((xi=X509_INFO_new()) == NULL) goto err;
- goto start;
- }
-
- xi->enc_data=NULL;
- xi->enc_len=0;
-
- xi->x_pkey=X509_PKEY_new();
- if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
- goto err;
- xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA;
- pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa);
- if ((int)strlen(header) > 10) /* assume encrypted */
- raw=1;
- }
- else
-#endif
- {
- d2i=NULL;
- pp=NULL;
- }
-
- if (d2i != NULL)
- {
- if (!raw)
- {
- EVP_CIPHER_INFO cipher;
-
- if (!PEM_get_EVP_CIPHER_INFO(header,&cipher))
- goto err;
- if (!PEM_do_header(&cipher,data,&len,cb,u))
- goto err;
- p=data;
- if (d2i(pp,&p,len) == NULL)
- {
- PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
- goto err;
- }
- }
- else
- { /* encrypted RSA data */
- if (!PEM_get_EVP_CIPHER_INFO(header,
- &xi->enc_cipher)) goto err;
- xi->enc_data=(char *)data;
- xi->enc_len=(int)len;
- data=NULL;
- }
- }
- else {
- /* unknown */
- }
- if (name != NULL) OPENSSL_free(name);
- if (header != NULL) OPENSSL_free(header);
- if (data != NULL) OPENSSL_free(data);
- name=NULL;
- header=NULL;
- data=NULL;
- }
-
- /* if the last one hasn't been pushed yet and there is anything
- * in it then add it to the stack ...
- */
- if ((xi->x509 != NULL) || (xi->crl != NULL) ||
- (xi->x_pkey != NULL) || (xi->enc_data != NULL))
- {
- if (!sk_X509_INFO_push(ret,xi)) goto err;
- xi=NULL;
- }
- ok=1;
-err:
- if (xi != NULL) X509_INFO_free(xi);
- if (!ok)
- {
- for (i=0; ((int)i)<sk_X509_INFO_num(ret); i++)
- {
- xi=sk_X509_INFO_value(ret,i);
- X509_INFO_free(xi);
- }
- if (ret != sk) sk_X509_INFO_free(ret);
- ret=NULL;
- }
-
- if (name != NULL) OPENSSL_free(name);
- if (header != NULL) OPENSSL_free(header);
- if (data != NULL) OPENSSL_free(data);
- return(ret);
- }
-
-
-/* A TJH addition */
-int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
- unsigned char *kstr, int klen, pem_password_cb *cb, void *u)
- {
- EVP_CIPHER_CTX ctx;
- int i,ret=0;
- unsigned char *data=NULL;
- const char *objstr=NULL;
- char buf[PEM_BUFSIZE];
- unsigned char *iv=NULL;
-
- if (enc != NULL)
- {
- objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
- if (objstr == NULL)
- {
- PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
- goto err;
- }
- }
-
- /* now for the fun part ... if we have a private key then
- * we have to be able to handle a not-yet-decrypted key
- * being written out correctly ... if it is decrypted or
- * it is non-encrypted then we use the base code
- */
- if (xi->x_pkey!=NULL)
- {
- if ( (xi->enc_data!=NULL) && (xi->enc_len>0) )
- {
- /* copy from weirdo names into more normal things */
- iv=xi->enc_cipher.iv;
- data=(unsigned char *)xi->enc_data;
- i=xi->enc_len;
-
- /* we take the encryption data from the
- * internal stuff rather than what the
- * user has passed us ... as we have to
- * match exactly for some strange reason
- */
- objstr=OBJ_nid2sn(
- EVP_CIPHER_nid(xi->enc_cipher.cipher));
- if (objstr == NULL)
- {
- PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
- goto err;
- }
-
- /* create the right magic header stuff */
- buf[0]='\0';
- PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
- PEM_dek_info(buf,objstr,8,(char *)iv);
-
- /* use the normal code to write things out */
- i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
- if (i <= 0) goto err;
- }
- else
- {
- /* Add DSA/DH */
-#ifndef NO_RSA
- /* normal optionally encrypted stuff */
- if (PEM_write_bio_RSAPrivateKey(bp,
- xi->x_pkey->dec_pkey->pkey.rsa,
- enc,kstr,klen,cb,u)<=0)
- goto err;
-#endif
- }
- }
-
- /* if we have a certificate then write it out now */
- if ((xi->x509 != NULL) || (PEM_write_bio_X509(bp,xi->x509) <= 0))
- goto err;
-
- /* we are ignoring anything else that is loaded into the X509_INFO
- * structure for the moment ... as I don't need it so I'm not
- * coding it here and Eric can do it when this makes it into the
- * base library --tjh
- */
-
- ret=1;
-
-err:
- memset((char *)&ctx,0,sizeof(ctx));
- memset(buf,0,PEM_BUFSIZE);
- return(ret);
- }
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
deleted file mode 100644
index a17c3ed57f..0000000000
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ /dev/null
@@ -1,963 +0,0 @@
-/* crypto/pem/pem_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs12.h>
-#ifndef NO_DES
-#include <openssl/des.h>
-#endif
-
-const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
-
-#define MIN_LENGTH 4
-
-static int def_callback(char *buf, int num, int w, void *userdata);
-static int load_iv(unsigned char **fromp,unsigned char *to, int num);
-static int check_pem(const char *nm, const char *name);
-static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder,
- int nid, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder,
- int nid, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u);
-
-static int def_callback(char *buf, int num, int w, void *key)
- {
-#ifdef NO_FP_API
- /* We should not ever call the default callback routine from
- * windows. */
- PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return(-1);
-#else
- int i,j;
- const char *prompt;
- if(key) {
- i=strlen(key);
- i=(i > num)?num:i;
- memcpy(buf,key,i);
- return(i);
- }
-
- prompt=EVP_get_pw_prompt();
- if (prompt == NULL)
- prompt="Enter PEM pass phrase:";
-
- for (;;)
- {
- i=EVP_read_pw_string(buf,num,prompt,w);
- if (i != 0)
- {
- PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
- memset(buf,0,(unsigned int)num);
- return(-1);
- }
- j=strlen(buf);
- if (j < MIN_LENGTH)
- {
- fprintf(stderr,"phrase is too short, needs to be at least %d chars\n",MIN_LENGTH);
- }
- else
- break;
- }
- return(j);
-#endif
- }
-
-void PEM_proc_type(char *buf, int type)
- {
- const char *str;
-
- if (type == PEM_TYPE_ENCRYPTED)
- str="ENCRYPTED";
- else if (type == PEM_TYPE_MIC_CLEAR)
- str="MIC-CLEAR";
- else if (type == PEM_TYPE_MIC_ONLY)
- str="MIC-ONLY";
- else
- str="BAD-TYPE";
-
- strcat(buf,"Proc-Type: 4,");
- strcat(buf,str);
- strcat(buf,"\n");
- }
-
-void PEM_dek_info(char *buf, const char *type, int len, char *str)
- {
- static unsigned char map[17]="0123456789ABCDEF";
- long i;
- int j;
-
- strcat(buf,"DEK-Info: ");
- strcat(buf,type);
- strcat(buf,",");
- j=strlen(buf);
- for (i=0; i<len; i++)
- {
- buf[j+i*2] =map[(str[i]>>4)&0x0f];
- buf[j+i*2+1]=map[(str[i] )&0x0f];
- }
- buf[j+i*2]='\n';
- buf[j+i*2+1]='\0';
- }
-
-#ifndef NO_FP_API
-char *PEM_ASN1_read(char *(*d2i)(), const char *name, FILE *fp, char **x,
- pem_password_cb *cb, void *u)
- {
- BIO *b;
- char *ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=PEM_ASN1_read_bio(d2i,name,b,x,cb,u);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-static int check_pem(const char *nm, const char *name)
-{
- /* Normal matching nm and name */
- if (!strcmp(nm,name)) return 1;
-
- /* Make PEM_STRING_EVP_PKEY match any private key */
-
- if(!strcmp(nm,PEM_STRING_PKCS8) &&
- !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-
- if(!strcmp(nm,PEM_STRING_PKCS8INF) &&
- !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-
- if(!strcmp(nm,PEM_STRING_RSA) &&
- !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-
- if(!strcmp(nm,PEM_STRING_DSA) &&
- !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-
- /* Permit older strings */
-
- if(!strcmp(nm,PEM_STRING_X509_OLD) &&
- !strcmp(name,PEM_STRING_X509)) return 1;
-
- if(!strcmp(nm,PEM_STRING_X509_REQ_OLD) &&
- !strcmp(name,PEM_STRING_X509_REQ)) return 1;
-
- /* Allow normal certs to be read as trusted certs */
- if(!strcmp(nm,PEM_STRING_X509) &&
- !strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
-
- if(!strcmp(nm,PEM_STRING_X509_OLD) &&
- !strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
-
- /* Some CAs use PKCS#7 with CERTIFICATE headers */
- if(!strcmp(nm, PEM_STRING_X509) &&
- !strcmp(name, PEM_STRING_PKCS7)) return 1;
-
- return 0;
-}
-
-char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x,
- pem_password_cb *cb, void *u)
- {
- EVP_CIPHER_INFO cipher;
- char *nm=NULL,*header=NULL;
- unsigned char *p=NULL,*data=NULL;
- long len;
- char *ret=NULL;
-
- for (;;)
- {
- if (!PEM_read_bio(bp,&nm,&header,&data,&len)) {
- if(ERR_GET_REASON(ERR_peek_error()) ==
- PEM_R_NO_START_LINE)
- ERR_add_error_data(2, "Expecting: ", name);
- return(NULL);
- }
- if(check_pem(nm, name)) break;
- OPENSSL_free(nm);
- OPENSSL_free(header);
- OPENSSL_free(data);
- }
- if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
- if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err;
- p=data;
- if (strcmp(name,PEM_STRING_EVP_PKEY) == 0) {
- if (strcmp(nm,PEM_STRING_RSA) == 0)
- ret=d2i(EVP_PKEY_RSA,x,&p,len);
- else if (strcmp(nm,PEM_STRING_DSA) == 0)
- ret=d2i(EVP_PKEY_DSA,x,&p,len);
- else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
- PKCS8_PRIV_KEY_INFO *p8inf;
- p8inf=d2i_PKCS8_PRIV_KEY_INFO(
- (PKCS8_PRIV_KEY_INFO **) x, &p, len);
- ret = (char *)EVP_PKCS82PKEY(p8inf);
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
- PKCS8_PRIV_KEY_INFO *p8inf;
- X509_SIG *p8;
- int klen;
- char psbuf[PEM_BUFSIZE];
- p8 = d2i_X509_SIG(NULL, &p, len);
- if(!p8) goto p8err;
- if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
- else klen=def_callback(psbuf,PEM_BUFSIZE,0,u);
- if (klen <= 0) {
- PEMerr(PEM_F_PEM_ASN1_READ_BIO,
- PEM_R_BAD_PASSWORD_READ);
- goto err;
- }
- p8inf = M_PKCS8_decrypt(p8, psbuf, klen);
- X509_SIG_free(p8);
- if(!p8inf) goto p8err;
- ret = (char *)EVP_PKCS82PKEY(p8inf);
- if(x) {
- if(*x) EVP_PKEY_free((EVP_PKEY *)*x);
- *x = ret;
- }
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- }
- } else ret=d2i(x,&p,len);
-p8err:
- if (ret == NULL)
- PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
-err:
- OPENSSL_free(nm);
- OPENSSL_free(header);
- OPENSSL_free(data);
- return(ret);
- }
-
-#ifndef NO_FP_API
-int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x,
- const EVP_CIPHER *enc, unsigned char *kstr, int klen,
- pem_password_cb *callback, void *u)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback,u);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
- const EVP_CIPHER *enc, unsigned char *kstr, int klen,
- pem_password_cb *callback, void *u)
- {
- EVP_CIPHER_CTX ctx;
- int dsize=0,i,j,ret=0;
- unsigned char *p,*data=NULL;
- const char *objstr=NULL;
- char buf[PEM_BUFSIZE];
- unsigned char key[EVP_MAX_KEY_LENGTH];
- unsigned char iv[EVP_MAX_IV_LENGTH];
-
- if (enc != NULL)
- {
- objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
- if (objstr == NULL)
- {
- PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
- goto err;
- }
- }
-
- if ((dsize=i2d(x,NULL)) < 0)
- {
- PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
- dsize=0;
- goto err;
- }
- /* dzise + 8 bytes are needed */
- data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20);
- if (data == NULL)
- {
- PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- p=data;
- i=i2d(x,&p);
-
- if (enc != NULL)
- {
- if (kstr == NULL)
- {
- if (callback == NULL)
- klen=def_callback(buf,PEM_BUFSIZE,1,u);
- else
- klen=(*callback)(buf,PEM_BUFSIZE,1,u);
- if (klen <= 0)
- {
- PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);
- goto err;
- }
-#ifdef CHARSET_EBCDIC
- /* Convert the pass phrase from EBCDIC */
- ebcdic2ascii(buf, buf, klen);
-#endif
- kstr=(unsigned char *)buf;
- }
- RAND_add(data,i,0);/* put in the RSA key. */
- if (RAND_pseudo_bytes(iv,8) < 0) /* Generate a salt */
- goto err;
- /* The 'iv' is used as the iv and as a salt. It is
- * NOT taken from the BytesToKey function */
- EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
-
- if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE);
-
- buf[0]='\0';
- PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
- PEM_dek_info(buf,objstr,8,(char *)iv);
- /* k=strlen(buf); */
-
- EVP_EncryptInit(&ctx,enc,key,iv);
- EVP_EncryptUpdate(&ctx,data,&j,data,i);
- EVP_EncryptFinal(&ctx,&(data[j]),&i);
- i+=j;
- ret=1;
- }
- else
- {
- ret=1;
- buf[0]='\0';
- }
- i=PEM_write_bio(bp,name,buf,data,i);
- if (i <= 0) ret=0;
-err:
- memset(key,0,sizeof(key));
- memset(iv,0,sizeof(iv));
- memset((char *)&ctx,0,sizeof(ctx));
- memset(buf,0,PEM_BUFSIZE);
- memset(data,0,(unsigned int)dsize);
- OPENSSL_free(data);
- return(ret);
- }
-
-int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
- pem_password_cb *callback,void *u)
- {
- int i,j,o,klen;
- long len;
- EVP_CIPHER_CTX ctx;
- unsigned char key[EVP_MAX_KEY_LENGTH];
- char buf[PEM_BUFSIZE];
-
- len= *plen;
-
- if (cipher->cipher == NULL) return(1);
- if (callback == NULL)
- klen=def_callback(buf,PEM_BUFSIZE,0,u);
- else
- klen=callback(buf,PEM_BUFSIZE,0,u);
- if (klen <= 0)
- {
- PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);
- return(0);
- }
-#ifdef CHARSET_EBCDIC
- /* Convert the pass phrase from EBCDIC */
- ebcdic2ascii(buf, buf, klen);
-#endif
-
- EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
- (unsigned char *)buf,klen,1,key,NULL);
-
- j=(int)len;
- EVP_DecryptInit(&ctx,cipher->cipher,key,&(cipher->iv[0]));
- EVP_DecryptUpdate(&ctx,data,&i,data,j);
- o=EVP_DecryptFinal(&ctx,&(data[i]),&j);
- EVP_CIPHER_CTX_cleanup(&ctx);
- memset((char *)buf,0,sizeof(buf));
- memset((char *)key,0,sizeof(key));
- j+=i;
- if (!o)
- {
- PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT);
- return(0);
- }
- *plen=j;
- return(1);
- }
-
-int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
- {
- int o;
- const EVP_CIPHER *enc=NULL;
- char *p,c;
-
- cipher->cipher=NULL;
- if ((header == NULL) || (*header == '\0') || (*header == '\n'))
- return(1);
- if (strncmp(header,"Proc-Type: ",11) != 0)
- { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_PROC_TYPE); return(0); }
- header+=11;
- if (*header != '4') return(0); header++;
- if (*header != ',') return(0); header++;
- if (strncmp(header,"ENCRYPTED",9) != 0)
- { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_ENCRYPTED); return(0); }
- for (; (*header != '\n') && (*header != '\0'); header++)
- ;
- if (*header == '\0')
- { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_SHORT_HEADER); return(0); }
- header++;
- if (strncmp(header,"DEK-Info: ",10) != 0)
- { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_DEK_INFO); return(0); }
- header+=10;
-
- p=header;
- for (;;)
- {
- c= *header;
-#ifndef CHARSET_EBCDIC
- if (!( ((c >= 'A') && (c <= 'Z')) || (c == '-') ||
- ((c >= '0') && (c <= '9'))))
- break;
-#else
- if (!( isupper(c) || (c == '-') ||
- isdigit(c)))
- break;
-#endif
- header++;
- }
- *header='\0';
- o=OBJ_sn2nid(p);
- cipher->cipher=enc=EVP_get_cipherbyname(p);
- *header=c;
- header++;
-
- if (enc == NULL)
- {
- PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
- return(0);
- }
- if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0);
-
- return(1);
- }
-
-static int load_iv(unsigned char **fromp, unsigned char *to, int num)
- {
- int v,i;
- unsigned char *from;
-
- from= *fromp;
- for (i=0; i<num; i++) to[i]=0;
- num*=2;
- for (i=0; i<num; i++)
- {
- if ((*from >= '0') && (*from <= '9'))
- v= *from-'0';
- else if ((*from >= 'A') && (*from <= 'F'))
- v= *from-'A'+10;
- else if ((*from >= 'a') && (*from <= 'f'))
- v= *from-'a'+10;
- else
- {
- PEMerr(PEM_F_LOAD_IV,PEM_R_BAD_IV_CHARS);
- return(0);
- }
- from++;
- to[i/2]|=v<<(long)((!(i&1))*4);
- }
-
- *fromp=from;
- return(1);
- }
-
-#ifndef NO_FP_API
-int PEM_write(FILE *fp, char *name, char *header, unsigned char *data,
- long len)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- PEMerr(PEM_F_PEM_WRITE,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=PEM_write_bio(b, name, header, data,len);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
- long len)
- {
- int nlen,n,i,j,outl;
- unsigned char *buf;
- EVP_ENCODE_CTX ctx;
- int reason=ERR_R_BUF_LIB;
-
- EVP_EncodeInit(&ctx);
- nlen=strlen(name);
-
- if ( (BIO_write(bp,"-----BEGIN ",11) != 11) ||
- (BIO_write(bp,name,nlen) != nlen) ||
- (BIO_write(bp,"-----\n",6) != 6))
- goto err;
-
- i=strlen(header);
- if (i > 0)
- {
- if ( (BIO_write(bp,header,i) != i) ||
- (BIO_write(bp,"\n",1) != 1))
- goto err;
- }
-
- buf=(unsigned char *)OPENSSL_malloc(PEM_BUFSIZE*8);
- if (buf == NULL)
- {
- reason=ERR_R_MALLOC_FAILURE;
- goto err;
- }
-
- i=j=0;
- while (len > 0)
- {
- n=(int)((len>(PEM_BUFSIZE*5))?(PEM_BUFSIZE*5):len);
- EVP_EncodeUpdate(&ctx,buf,&outl,&(data[j]),n);
- if ((outl) && (BIO_write(bp,(char *)buf,outl) != outl))
- goto err;
- i+=outl;
- len-=n;
- j+=n;
- }
- EVP_EncodeFinal(&ctx,buf,&outl);
- if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
- OPENSSL_free(buf);
- if ( (BIO_write(bp,"-----END ",9) != 9) ||
- (BIO_write(bp,name,nlen) != nlen) ||
- (BIO_write(bp,"-----\n",6) != 6))
- goto err;
- return(i+outl);
-err:
- PEMerr(PEM_F_PEM_WRITE_BIO,reason);
- return(0);
- }
-
-#ifndef NO_FP_API
-int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
- long *len)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- PEMerr(PEM_F_PEM_READ,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=PEM_read_bio(b, name, header, data,len);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
- long *len)
- {
- EVP_ENCODE_CTX ctx;
- int end=0,i,k,bl=0,hl=0,nohead=0;
- char buf[256];
- BUF_MEM *nameB;
- BUF_MEM *headerB;
- BUF_MEM *dataB,*tmpB;
-
- nameB=BUF_MEM_new();
- headerB=BUF_MEM_new();
- dataB=BUF_MEM_new();
- if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL))
- {
- PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
- return(0);
- }
-
- buf[254]='\0';
- for (;;)
- {
- i=BIO_gets(bp,buf,254);
-
- if (i <= 0)
- {
- PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE);
- goto err;
- }
-
- while ((i >= 0) && (buf[i] <= ' ')) i--;
- buf[++i]='\n'; buf[++i]='\0';
-
- if (strncmp(buf,"-----BEGIN ",11) == 0)
- {
- i=strlen(&(buf[11]));
-
- if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0)
- continue;
- if (!BUF_MEM_grow(nameB,i+9))
- {
- PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- memcpy(nameB->data,&(buf[11]),i-6);
- nameB->data[i-6]='\0';
- break;
- }
- }
- hl=0;
- if (!BUF_MEM_grow(headerB,256))
- { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
- headerB->data[0]='\0';
- for (;;)
- {
- i=BIO_gets(bp,buf,254);
- if (i <= 0) break;
-
- while ((i >= 0) && (buf[i] <= ' ')) i--;
- buf[++i]='\n'; buf[++i]='\0';
-
- if (buf[0] == '\n') break;
- if (!BUF_MEM_grow(headerB,hl+i+9))
- { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
- if (strncmp(buf,"-----END ",9) == 0)
- {
- nohead=1;
- break;
- }
- memcpy(&(headerB->data[hl]),buf,i);
- headerB->data[hl+i]='\0';
- hl+=i;
- }
-
- bl=0;
- if (!BUF_MEM_grow(dataB,1024))
- { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
- dataB->data[0]='\0';
- if (!nohead)
- {
- for (;;)
- {
- i=BIO_gets(bp,buf,254);
- if (i <= 0) break;
-
- while ((i >= 0) && (buf[i] <= ' ')) i--;
- buf[++i]='\n'; buf[++i]='\0';
-
- if (i != 65) end=1;
- if (strncmp(buf,"-----END ",9) == 0)
- break;
- if (i > 65) break;
- if (!BUF_MEM_grow(dataB,i+bl+9))
- {
- PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- memcpy(&(dataB->data[bl]),buf,i);
- dataB->data[bl+i]='\0';
- bl+=i;
- if (end)
- {
- buf[0]='\0';
- i=BIO_gets(bp,buf,254);
- if (i <= 0) break;
-
- while ((i >= 0) && (buf[i] <= ' ')) i--;
- buf[++i]='\n'; buf[++i]='\0';
-
- break;
- }
- }
- }
- else
- {
- tmpB=headerB;
- headerB=dataB;
- dataB=tmpB;
- bl=hl;
- }
- i=strlen(nameB->data);
- if ( (strncmp(buf,"-----END ",9) != 0) ||
- (strncmp(nameB->data,&(buf[9]),i) != 0) ||
- (strncmp(&(buf[9+i]),"-----\n",6) != 0))
- {
- PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);
- goto err;
- }
-
- EVP_DecodeInit(&ctx);
- i=EVP_DecodeUpdate(&ctx,
- (unsigned char *)dataB->data,&bl,
- (unsigned char *)dataB->data,bl);
- if (i < 0)
- {
- PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
- goto err;
- }
- i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k);
- if (i < 0)
- {
- PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
- goto err;
- }
- bl+=k;
-
- if (bl == 0) goto err;
- *name=nameB->data;
- *header=headerB->data;
- *data=(unsigned char *)dataB->data;
- *len=bl;
- OPENSSL_free(nameB);
- OPENSSL_free(headerB);
- OPENSSL_free(dataB);
- return(1);
-err:
- BUF_MEM_free(nameB);
- BUF_MEM_free(headerB);
- BUF_MEM_free(dataB);
- return(0);
- }
-
-/* These functions write a private key in PKCS#8 format: it is a "drop in"
- * replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc'
- * is NULL then it uses the unencrypted private key form. The 'nid' versions
- * uses PKCS#5 v1.5 PBE algorithms whereas the others use PKCS#5 v2.0.
- */
-
-int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u)
-{
- return do_pk8pkey(bp, x, 0, nid, NULL, kstr, klen, cb, u);
-}
-
-int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u)
-{
- return do_pk8pkey(bp, x, 0, -1, enc, kstr, klen, cb, u);
-}
-
-int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u)
-{
- return do_pk8pkey(bp, x, 1, -1, enc, kstr, klen, cb, u);
-}
-
-int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u)
-{
- return do_pk8pkey(bp, x, 1, nid, NULL, kstr, klen, cb, u);
-}
-
-static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u)
-{
- X509_SIG *p8;
- PKCS8_PRIV_KEY_INFO *p8inf;
- char buf[PEM_BUFSIZE];
- int ret;
- if(!(p8inf = EVP_PKEY2PKCS8(x))) {
- PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,
- PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
- return 0;
- }
- if(enc || (nid != -1)) {
- if(!kstr) {
- if(!cb) klen = def_callback(buf, PEM_BUFSIZE, 1, u);
- else klen = cb(buf, PEM_BUFSIZE, 1, u);
- if(klen <= 0) {
- PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,
- PEM_R_READ_KEY);
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- return 0;
- }
-
- kstr = buf;
- }
- p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf);
- if(kstr == buf) memset(buf, 0, klen);
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- if(isder) ret = i2d_PKCS8_bio(bp, p8);
- else ret = PEM_write_bio_PKCS8(bp, p8);
- X509_SIG_free(p8);
- return ret;
- } else {
- if(isder) ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
- else ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf);
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- return ret;
- }
-}
-
-/* Finally the DER version to read PKCS#8 encrypted private keys. It has to be
- * here to access the default callback.
- */
-
-EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
-{
- PKCS8_PRIV_KEY_INFO *p8inf = NULL;
- X509_SIG *p8 = NULL;
- int klen;
- EVP_PKEY *ret;
- char psbuf[PEM_BUFSIZE];
- p8 = d2i_PKCS8_bio(bp, NULL);
- if(!p8) return NULL;
- if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
- else klen=def_callback(psbuf,PEM_BUFSIZE,0,u);
- if (klen <= 0) {
- PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ);
- X509_SIG_free(p8);
- return NULL;
- }
- p8inf = M_PKCS8_decrypt(p8, psbuf, klen);
- X509_SIG_free(p8);
- if(!p8inf) return NULL;
- ret = EVP_PKCS82PKEY(p8inf);
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- if(!ret) return NULL;
- if(x) {
- if(*x) EVP_PKEY_free(*x);
- *x = ret;
- }
- return ret;
-}
-
-#ifndef NO_FP_API
-
-int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u)
-{
- return do_pk8pkey_fp(fp, x, 1, -1, enc, kstr, klen, cb, u);
-}
-
-int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u)
-{
- return do_pk8pkey_fp(fp, x, 1, nid, NULL, kstr, klen, cb, u);
-}
-
-int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
- pem_password_cb *cb, void *u)
-{
- return do_pk8pkey_fp(fp, x, 0, nid, NULL, kstr, klen, cb, u);
-}
-
-int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
- char *kstr, int klen, pem_password_cb *cb, void *u)
-{
- return do_pk8pkey_fp(fp, x, 0, -1, enc, kstr, klen, cb, u);
-}
-
-static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
- char *kstr, int klen,
- pem_password_cb *cb, void *u)
-{
- BIO *bp;
- int ret;
- if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
- PEMerr(PEM_F_PEM_F_DO_PK8KEY_FP,ERR_R_BUF_LIB);
- return(0);
- }
- ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u);
- BIO_free(bp);
- return ret;
-}
-
-EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
-{
- BIO *bp;
- EVP_PKEY *ret;
- if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
- PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP,ERR_R_BUF_LIB);
- return NULL;
- }
- ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u);
- BIO_free(bp);
- return ret;
-}
-
-#endif
diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c
deleted file mode 100644
index 2a6c513348..0000000000
--- a/src/lib/libcrypto/pem/pem_seal.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/* crypto/pem/pem_seal.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
- unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk,
- int npubk)
- {
- unsigned char key[EVP_MAX_KEY_LENGTH];
- int ret= -1;
- int i,j,max=0;
- char *s=NULL;
-
- for (i=0; i<npubk; i++)
- {
- if (pubk[i]->type != EVP_PKEY_RSA)
- {
- PEMerr(PEM_F_PEM_SEALINIT,PEM_R_PUBLIC_KEY_NO_RSA);
- goto err;
- }
- j=RSA_size(pubk[i]->pkey.rsa);
- if (j > max) max=j;
- }
- s=(char *)OPENSSL_malloc(max*2);
- if (s == NULL)
- {
- PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- EVP_EncodeInit(&(ctx->encode));
- EVP_SignInit(&(ctx->md),md_type);
-
- ret=EVP_SealInit(&(ctx->cipher),type,ek,ekl,iv,pubk,npubk);
- if (!ret) goto err;
-
- /* base64 encode the keys */
- for (i=0; i<npubk; i++)
- {
- j=EVP_EncodeBlock((unsigned char *)s,ek[i],
- RSA_size(pubk[i]->pkey.rsa));
- ekl[i]=j;
- memcpy(ek[i],s,j+1);
- }
-
- ret=npubk;
-err:
- if (s != NULL) OPENSSL_free(s);
- memset(key,0,EVP_MAX_KEY_LENGTH);
- return(ret);
- }
-
-void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
- unsigned char *in, int inl)
- {
- unsigned char buffer[1600];
- int i,j;
-
- *outl=0;
- EVP_SignUpdate(&(ctx->md),in,inl);
- for (;;)
- {
- if (inl <= 0) break;
- if (inl > 1200)
- i=1200;
- else
- i=inl;
- EVP_EncryptUpdate(&(ctx->cipher),buffer,&j,in,i);
- EVP_EncodeUpdate(&(ctx->encode),out,&j,buffer,j);
- *outl+=j;
- out+=j;
- in+=i;
- inl-=i;
- }
- }
-
-int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
- unsigned char *out, int *outl, EVP_PKEY *priv)
- {
- unsigned char *s=NULL;
- int ret=0,j;
- unsigned int i;
-
- if (priv->type != EVP_PKEY_RSA)
- {
- PEMerr(PEM_F_PEM_SEALFINAL,PEM_R_PUBLIC_KEY_NO_RSA);
- goto err;
- }
- i=RSA_size(priv->pkey.rsa);
- if (i < 100) i=100;
- s=(unsigned char *)OPENSSL_malloc(i*2);
- if (s == NULL)
- {
- PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- EVP_EncryptFinal(&(ctx->cipher),s,(int *)&i);
- EVP_EncodeUpdate(&(ctx->encode),out,&j,s,i);
- *outl=j;
- out+=j;
- EVP_EncodeFinal(&(ctx->encode),out,&j);
- *outl+=j;
-
- if (!EVP_SignFinal(&(ctx->md),s,&i,priv)) goto err;
- *sigl=EVP_EncodeBlock(sig,s,i);
-
- ret=1;
-err:
- memset((char *)&(ctx->md),0,sizeof(ctx->md));
- memset((char *)&(ctx->cipher),0,sizeof(ctx->cipher));
- if (s != NULL) OPENSSL_free(s);
- return(ret);
- }
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/src/lib/libcrypto/pem/pem_sign.c b/src/lib/libcrypto/pem/pem_sign.c
deleted file mode 100644
index 42d598dd78..0000000000
--- a/src/lib/libcrypto/pem/pem_sign.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/* crypto/pem/pem_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
- {
- EVP_DigestInit(ctx,type);
- }
-
-void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
- unsigned int count)
- {
- EVP_DigestUpdate(ctx,data,count);
- }
-
-int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
- EVP_PKEY *pkey)
- {
- unsigned char *m;
- int i,ret=0;
- unsigned int m_len;
-
- m=(unsigned char *)OPENSSL_malloc(EVP_PKEY_size(pkey)+2);
- if (m == NULL)
- {
- PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (EVP_SignFinal(ctx,m,&m_len,pkey) <= 0) goto err;
-
- i=EVP_EncodeBlock(sigret,m,m_len);
- *siglen=i;
- ret=1;
-err:
- /* ctx has been zeroed by EVP_SignFinal() */
- if (m != NULL) OPENSSL_free(m);
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/pem/pkcs7.lis b/src/lib/libcrypto/pem/pkcs7.lis
deleted file mode 100644
index be90c5d87f..0000000000
--- a/src/lib/libcrypto/pem/pkcs7.lis
+++ /dev/null
@@ -1,22 +0,0 @@
-21 0:d=0 hl=2 l= 0 cons: univ: SEQUENCE
- 00 2:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData
- 21 13:d=0 hl=2 l= 0 cons: cont: 00 # explicit tag
- 21 15:d=0 hl=2 l= 0 cons: univ: SEQUENCE
- 00 17:d=0 hl=2 l= 1 prim: univ: INTEGER # version
- 20 20:d=0 hl=2 l= 0 cons: univ: SET
- 21 22:d=0 hl=2 l= 0 cons: univ: SEQUENCE
- 00 24:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data
- 00 35:d=0 hl=2 l= 0 prim: univ: EOC
- 21 37:d=0 hl=2 l= 0 cons: cont: 00 # cert tag
- 20 39:d=0 hl=4 l=545 cons: univ: SEQUENCE
- 20 588:d=0 hl=4 l=524 cons: univ: SEQUENCE
- 00 1116:d=0 hl=2 l= 0 prim: univ: EOC
- 21 1118:d=0 hl=2 l= 0 cons: cont: 01 # crl tag
- 20 1120:d=0 hl=4 l=653 cons: univ: SEQUENCE
- 20 1777:d=0 hl=4 l=285 cons: univ: SEQUENCE
- 00 2066:d=0 hl=2 l= 0 prim: univ: EOC
- 21 2068:d=0 hl=2 l= 0 cons: univ: SET # signers
- 00 2070:d=0 hl=2 l= 0 prim: univ: EOC
- 00 2072:d=0 hl=2 l= 0 prim: univ: EOC
- 00 2074:d=0 hl=2 l= 0 prim: univ: EOC
-00 2076:d=0 hl=2 l= 0 prim: univ: EOC
diff --git a/src/lib/libcrypto/perlasm/cbc.pl b/src/lib/libcrypto/perlasm/cbc.pl
deleted file mode 100644
index 0145c4f0cc..0000000000
--- a/src/lib/libcrypto/perlasm/cbc.pl
+++ /dev/null
@@ -1,342 +0,0 @@
-#!/usr/local/bin/perl
-
-# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
-# des_cblock (*input);
-# des_cblock (*output);
-# long length;
-# des_key_schedule schedule;
-# des_cblock (*ivec);
-# int enc;
-#
-# calls
-# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
-#
-
-#&cbc("des_ncbc_encrypt","des_encrypt",0);
-#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",
-# 1,4,5,3,5,-1);
-#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",
-# 0,4,5,3,5,-1);
-#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",
-# 0,6,7,3,4,5);
-#
-# When doing a cipher that needs bigendian order,
-# for encrypt, the iv is kept in bigendian form,
-# while for decrypt, it is kept in little endian.
-sub cbc
- {
- local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_;
- # name is the function name
- # enc_func and dec_func and the functions to call for encrypt/decrypt
- # swap is true if byte order needs to be reversed
- # iv_off is parameter number for the iv
- # enc_off is parameter number for the encrypt/decrypt flag
- # p1,p2,p3 are the offsets for parameters to be passed to the
- # underlying calls.
-
- &function_begin_B($name,"");
- &comment("");
-
- $in="esi";
- $out="edi";
- $count="ebp";
-
- &push("ebp");
- &push("ebx");
- &push("esi");
- &push("edi");
-
- $data_off=4;
- $data_off+=4 if ($p1 > 0);
- $data_off+=4 if ($p2 > 0);
- $data_off+=4 if ($p3 > 0);
-
- &mov($count, &wparam(2)); # length
-
- &comment("getting iv ptr from parameter $iv_off");
- &mov("ebx", &wparam($iv_off)); # Get iv ptr
-
- &mov($in, &DWP(0,"ebx","",0));# iv[0]
- &mov($out, &DWP(4,"ebx","",0));# iv[1]
-
- &push($out);
- &push($in);
- &push($out); # used in decrypt for iv[1]
- &push($in); # used in decrypt for iv[0]
-
- &mov("ebx", "esp"); # This is the address of tin[2]
-
- &mov($in, &wparam(0)); # in
- &mov($out, &wparam(1)); # out
-
- # We have loaded them all, how lets push things
- &comment("getting encrypt flag from parameter $enc_off");
- &mov("ecx", &wparam($enc_off)); # Get enc flag
- if ($p3 > 0)
- {
- &comment("get and push parameter $p3");
- if ($enc_off != $p3)
- { &mov("eax", &wparam($p3)); &push("eax"); }
- else { &push("ecx"); }
- }
- if ($p2 > 0)
- {
- &comment("get and push parameter $p2");
- if ($enc_off != $p2)
- { &mov("eax", &wparam($p2)); &push("eax"); }
- else { &push("ecx"); }
- }
- if ($p1 > 0)
- {
- &comment("get and push parameter $p1");
- if ($enc_off != $p1)
- { &mov("eax", &wparam($p1)); &push("eax"); }
- else { &push("ecx"); }
- }
- &push("ebx"); # push data/iv
-
- &cmp("ecx",0);
- &jz(&label("decrypt"));
-
- &and($count,0xfffffff8);
- &mov("eax", &DWP($data_off,"esp","",0)); # load iv[0]
- &mov("ebx", &DWP($data_off+4,"esp","",0)); # load iv[1]
-
- &jz(&label("encrypt_finish"));
-
- #############################################################
-
- &set_label("encrypt_loop");
- # encrypt start
- # "eax" and "ebx" hold iv (or the last cipher text)
-
- &mov("ecx", &DWP(0,$in,"",0)); # load first 4 bytes
- &mov("edx", &DWP(4,$in,"",0)); # second 4 bytes
-
- &xor("eax", "ecx");
- &xor("ebx", "edx");
-
- &bswap("eax") if $swap;
- &bswap("ebx") if $swap;
-
- &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call
- &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
-
- &call($enc_func);
-
- &mov("eax", &DWP($data_off,"esp","",0));
- &mov("ebx", &DWP($data_off+4,"esp","",0));
-
- &bswap("eax") if $swap;
- &bswap("ebx") if $swap;
-
- &mov(&DWP(0,$out,"",0),"eax");
- &mov(&DWP(4,$out,"",0),"ebx");
-
- # eax and ebx are the next iv.
-
- &add($in, 8);
- &add($out, 8);
-
- &sub($count, 8);
- &jnz(&label("encrypt_loop"));
-
-###################################################################3
- &set_label("encrypt_finish");
- &mov($count, &wparam(2)); # length
- &and($count, 7);
- &jz(&label("finish"));
- &xor("ecx","ecx");
- &xor("edx","edx");
- &mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4));
- &jmp_ptr($count);
-
-&set_label("ej7");
- &xor("edx", "edx") if $ppro; # ppro friendly
- &movb(&HB("edx"), &BP(6,$in,"",0));
- &shl("edx",8);
-&set_label("ej6");
- &movb(&HB("edx"), &BP(5,$in,"",0));
-&set_label("ej5");
- &movb(&LB("edx"), &BP(4,$in,"",0));
-&set_label("ej4");
- &mov("ecx", &DWP(0,$in,"",0));
- &jmp(&label("ejend"));
-&set_label("ej3");
- &movb(&HB("ecx"), &BP(2,$in,"",0));
- &xor("ecx", "ecx") if $ppro; # ppro friendly
- &shl("ecx",8);
-&set_label("ej2");
- &movb(&HB("ecx"), &BP(1,$in,"",0));
-&set_label("ej1");
- &movb(&LB("ecx"), &BP(0,$in,"",0));
-&set_label("ejend");
-
- &xor("eax", "ecx");
- &xor("ebx", "edx");
-
- &bswap("eax") if $swap;
- &bswap("ebx") if $swap;
-
- &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call
- &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
-
- &call($enc_func);
-
- &mov("eax", &DWP($data_off,"esp","",0));
- &mov("ebx", &DWP($data_off+4,"esp","",0));
-
- &bswap("eax") if $swap;
- &bswap("ebx") if $swap;
-
- &mov(&DWP(0,$out,"",0),"eax");
- &mov(&DWP(4,$out,"",0),"ebx");
-
- &jmp(&label("finish"));
-
- #############################################################
- #############################################################
- &set_label("decrypt",1);
- # decrypt start
- &and($count,0xfffffff8);
- # The next 2 instructions are only for if the jz is taken
- &mov("eax", &DWP($data_off+8,"esp","",0)); # get iv[0]
- &mov("ebx", &DWP($data_off+12,"esp","",0)); # get iv[1]
- &jz(&label("decrypt_finish"));
-
- &set_label("decrypt_loop");
- &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes
- &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes
-
- &bswap("eax") if $swap;
- &bswap("ebx") if $swap;
-
- &mov(&DWP($data_off,"esp","",0), "eax"); # put back
- &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
-
- &call($dec_func);
-
- &mov("eax", &DWP($data_off,"esp","",0)); # get return
- &mov("ebx", &DWP($data_off+4,"esp","",0)); #
-
- &bswap("eax") if $swap;
- &bswap("ebx") if $swap;
-
- &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0]
- &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1]
-
- &xor("ecx", "eax");
- &xor("edx", "ebx");
-
- &mov("eax", &DWP(0,$in,"",0)); # get old cipher text,
- &mov("ebx", &DWP(4,$in,"",0)); # next iv actually
-
- &mov(&DWP(0,$out,"",0),"ecx");
- &mov(&DWP(4,$out,"",0),"edx");
-
- &mov(&DWP($data_off+8,"esp","",0), "eax"); # save iv
- &mov(&DWP($data_off+12,"esp","",0), "ebx"); #
-
- &add($in, 8);
- &add($out, 8);
-
- &sub($count, 8);
- &jnz(&label("decrypt_loop"));
-############################ ENDIT #######################3
- &set_label("decrypt_finish");
- &mov($count, &wparam(2)); # length
- &and($count, 7);
- &jz(&label("finish"));
-
- &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes
- &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes
-
- &bswap("eax") if $swap;
- &bswap("ebx") if $swap;
-
- &mov(&DWP($data_off,"esp","",0), "eax"); # put back
- &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
-
- &call($dec_func);
-
- &mov("eax", &DWP($data_off,"esp","",0)); # get return
- &mov("ebx", &DWP($data_off+4,"esp","",0)); #
-
- &bswap("eax") if $swap;
- &bswap("ebx") if $swap;
-
- &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0]
- &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1]
-
- &xor("ecx", "eax");
- &xor("edx", "ebx");
-
- # this is for when we exit
- &mov("eax", &DWP(0,$in,"",0)); # get old cipher text,
- &mov("ebx", &DWP(4,$in,"",0)); # next iv actually
-
-&set_label("dj7");
- &rotr("edx", 16);
- &movb(&BP(6,$out,"",0), &LB("edx"));
- &shr("edx",16);
-&set_label("dj6");
- &movb(&BP(5,$out,"",0), &HB("edx"));
-&set_label("dj5");
- &movb(&BP(4,$out,"",0), &LB("edx"));
-&set_label("dj4");
- &mov(&DWP(0,$out,"",0), "ecx");
- &jmp(&label("djend"));
-&set_label("dj3");
- &rotr("ecx", 16);
- &movb(&BP(2,$out,"",0), &LB("ecx"));
- &shl("ecx",16);
-&set_label("dj2");
- &movb(&BP(1,$in,"",0), &HB("ecx"));
-&set_label("dj1");
- &movb(&BP(0,$in,"",0), &LB("ecx"));
-&set_label("djend");
-
- # final iv is still in eax:ebx
- &jmp(&label("finish"));
-
-
-############################ FINISH #######################3
- &set_label("finish",1);
- &mov("ecx", &wparam($iv_off)); # Get iv ptr
-
- #################################################
- $total=16+4;
- $total+=4 if ($p1 > 0);
- $total+=4 if ($p2 > 0);
- $total+=4 if ($p3 > 0);
- &add("esp",$total);
-
- &mov(&DWP(0,"ecx","",0), "eax"); # save iv
- &mov(&DWP(4,"ecx","",0), "ebx"); # save iv
-
- &function_end_A($name);
-
- &set_label("cbc_enc_jmp_table",1);
- &data_word("0");
- &data_word(&label("ej1"));
- &data_word(&label("ej2"));
- &data_word(&label("ej3"));
- &data_word(&label("ej4"));
- &data_word(&label("ej5"));
- &data_word(&label("ej6"));
- &data_word(&label("ej7"));
- &set_label("cbc_dec_jmp_table",1);
- &data_word("0");
- &data_word(&label("dj1"));
- &data_word(&label("dj2"));
- &data_word(&label("dj3"));
- &data_word(&label("dj4"));
- &data_word(&label("dj5"));
- &data_word(&label("dj6"));
- &data_word(&label("dj7"));
-
- &function_end_B($name);
-
- }
-
-1;
diff --git a/src/lib/libcrypto/perlasm/readme b/src/lib/libcrypto/perlasm/readme
deleted file mode 100644
index f02bbee75a..0000000000
--- a/src/lib/libcrypto/perlasm/readme
+++ /dev/null
@@ -1,124 +0,0 @@
-The perl scripts in this directory are my 'hack' to generate
-multiple different assembler formats via the one origional script.
-
-The way to use this library is to start with adding the path to this directory
-and then include it.
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-The first thing we do is setup the file and type of assember
-
-&asm_init($ARGV[0],$0);
-
-The first argument is the 'type'. Currently
-'cpp', 'sol', 'a.out', 'elf' or 'win32'.
-Argument 2 is the file name.
-
-The reciprocal function is
-&asm_finish() which should be called at the end.
-
-There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler,
-and x86unix.pl which is the unix (gas) version.
-
-Functions of interest are:
-&external_label("des_SPtrans"); declare and external variable
-&LB(reg); Low byte for a register
-&HB(reg); High byte for a register
-&BP(off,base,index,scale) Byte pointer addressing
-&DWP(off,base,index,scale) Word pointer addressing
-&stack_push(num) Basically a 'sub esp, num*4' with extra
-&stack_pop(num) inverse of stack_push
-&function_begin(name,extra) Start a function with pushing of
- edi, esi, ebx and ebp. extra is extra win32
- external info that may be required.
-&function_begin_B(name,extra) Same as norma function_begin but no pushing.
-&function_end(name) Call at end of function.
-&function_end_A(name) Standard pop and ret, for use inside functions
-&function_end_B(name) Call at end but with poping or 'ret'.
-&swtmp(num) Address on stack temp word.
-&wparam(num) Parameter number num, that was push
- in C convention. This all works over pushes
- and pops.
-&comment("hello there") Put in a comment.
-&label("loop") Refer to a label, normally a jmp target.
-&set_label("loop") Set a label at this point.
-&data_word(word) Put in a word of data.
-
-So how does this all hold together? Given
-
-int calc(int len, int *data)
- {
- int i,j=0;
-
- for (i=0; i<len; i++)
- {
- j+=other(data[i]);
- }
- }
-
-So a very simple version of this function could be coded as
-
- push(@INC,"perlasm","../../perlasm");
- require "x86asm.pl";
-
- &asm_init($ARGV[0],"cacl.pl");
-
- &external_label("other");
-
- $tmp1= "eax";
- $j= "edi";
- $data= "esi";
- $i= "ebp";
-
- &comment("a simple function");
- &function_begin("calc");
- &mov( $data, &wparam(1)); # data
- &xor( $j, $j);
- &xor( $i, $i);
-
- &set_label("loop");
- &cmp( $i, &wparam(0));
- &jge( &label("end"));
-
- &mov( $tmp1, &DWP(0,$data,$i,4));
- &push( $tmp1);
- &call( "other");
- &add( $j, "eax");
- &pop( $tmp1);
- &inc( $i);
- &jmp( &label("loop"));
-
- &set_label("end");
- &mov( "eax", $j);
-
- &function_end("calc");
-
- &asm_finish();
-
-The above example is very very unoptimised but gives an idea of how
-things work.
-
-There is also a cbc mode function generator in cbc.pl
-
-&cbc( $name,
- $encrypt_function_name,
- $decrypt_function_name,
- $true_if_byte_swap_needed,
- $parameter_number_for_iv,
- $parameter_number_for_encrypt_flag,
- $first_parameter_to_pass,
- $second_parameter_to_pass,
- $third_parameter_to_pass);
-
-So for example, given
-void BF_encrypt(BF_LONG *data,BF_KEY *key);
-void BF_decrypt(BF_LONG *data,BF_KEY *key);
-void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
- BF_KEY *ks, unsigned char *iv, int enc);
-
-&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",1,4,5,3,-1,-1);
-
-&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
-&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
-
diff --git a/src/lib/libcrypto/perlasm/x86asm.pl b/src/lib/libcrypto/perlasm/x86asm.pl
deleted file mode 100644
index 81c6e64e87..0000000000
--- a/src/lib/libcrypto/perlasm/x86asm.pl
+++ /dev/null
@@ -1,118 +0,0 @@
-#!/usr/local/bin/perl
-
-# require 'x86asm.pl';
-# &asm_init("cpp","des-586.pl");
-# XXX
-# XXX
-# main'asm_finish
-
-sub main'asm_finish
- {
- &file_end();
- &asm_finish_cpp() if $cpp;
- print &asm_get_output();
- }
-
-sub main'asm_init
- {
- ($type,$fn,$i386)=@_;
- $filename=$fn;
-
- $cpp=$sol=$aout=$win32=$gaswin=0;
- if ( ($type eq "elf"))
- { require "x86unix.pl"; }
- elsif ( ($type eq "a.out"))
- { $aout=1; require "x86unix.pl"; }
- elsif ( ($type eq "gaswin"))
- { $gaswin=1; $aout=1; require "x86unix.pl"; }
- elsif ( ($type eq "sol"))
- { $sol=1; require "x86unix.pl"; }
- elsif ( ($type eq "cpp"))
- { $cpp=1; require "x86unix.pl"; }
- elsif ( ($type eq "win32"))
- { $win32=1; require "x86ms.pl"; }
- elsif ( ($type eq "win32n"))
- { $win32=1; require "x86nasm.pl"; }
- else
- {
- print STDERR <<"EOF";
-Pick one target type from
- elf - linux, FreeBSD etc
- a.out - old linux
- sol - x86 solaris
- cpp - format so x86unix.cpp can be used
- win32 - Windows 95/Windows NT
- win32n - Windows 95/Windows NT NASM format
-EOF
- exit(1);
- }
-
- &asm_init_output();
-
-&comment("Don't even think of reading this code");
-&comment("It was automatically generated by $filename");
-&comment("Which is a perl program used to generate the x86 assember for");
-&comment("any of elf, a.out, BSDI, Win32, gaswin (for GNU as on Win32) or Solaris");
-&comment("eric <eay\@cryptsoft.com>");
-&comment("");
-
- $filename =~ s/\.pl$//;
- &file($filename);
- }
-
-sub asm_finish_cpp
- {
- return unless $cpp;
-
- local($tmp,$i);
- foreach $i (&get_labels())
- {
- $tmp.="#define $i _$i\n";
- }
- print <<"EOF";
-/* Run the C pre-processor over this file with one of the following defined
- * ELF - elf object files,
- * OUT - a.out object files,
- * BSDI - BSDI style a.out object files
- * SOL - Solaris style elf
- */
-
-#define TYPE(a,b) .type a,b
-#define SIZE(a,b) .size a,b
-
-#if defined(OUT) || (defined(BSDI) && !defined(ELF))
-$tmp
-#endif
-
-#ifdef OUT
-#define OK 1
-#define ALIGN 4
-#endif
-
-#if defined(BSDI) && !defined(ELF)
-#define OK 1
-#define ALIGN 4
-#undef SIZE
-#undef TYPE
-#define SIZE(a,b)
-#define TYPE(a,b)
-#endif
-
-#if defined(ELF) || defined(SOL)
-#define OK 1
-#define ALIGN 16
-#endif
-
-#ifndef OK
-You need to define one of
-ELF - elf systems - linux-elf, NetBSD and DG-UX
-OUT - a.out systems - linux-a.out and FreeBSD
-SOL - solaris systems, which are elf with strange comment lines
-BSDI - a.out with a very primative version of as.
-#endif
-
-/* Let the Assembler begin :-) */
-EOF
- }
-
-1;
diff --git a/src/lib/libcrypto/pkcs12/p12_add.c b/src/lib/libcrypto/pkcs12/p12_add.c
deleted file mode 100644
index b563656895..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_add.c
+++ /dev/null
@@ -1,218 +0,0 @@
-/* p12_add.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Pack an object into an OCTET STRING and turn into a safebag */
-
-PKCS12_SAFEBAG *PKCS12_pack_safebag (char *obj, int (*i2d)(), int nid1,
- int nid2)
-{
- PKCS12_BAGS *bag;
- PKCS12_SAFEBAG *safebag;
- if (!(bag = PKCS12_BAGS_new ())) {
- PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- bag->type = OBJ_nid2obj(nid1);
- if (!ASN1_pack_string(obj, i2d, &bag->value.octet)) {
- PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- if (!(safebag = PKCS12_SAFEBAG_new ())) {
- PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- safebag->value.bag = bag;
- safebag->type = OBJ_nid2obj(nid2);
- return safebag;
-}
-
-/* Turn PKCS8 object into a keybag */
-
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG (PKCS8_PRIV_KEY_INFO *p8)
-{
- PKCS12_SAFEBAG *bag;
- if (!(bag = PKCS12_SAFEBAG_new())) {
- PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- bag->type = OBJ_nid2obj(NID_keyBag);
- bag->value.keybag = p8;
- return bag;
-}
-
-/* Turn PKCS8 object into a shrouded keybag */
-
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG (int pbe_nid, const char *pass,
- int passlen, unsigned char *salt, int saltlen, int iter,
- PKCS8_PRIV_KEY_INFO *p8)
-{
- PKCS12_SAFEBAG *bag;
-
- /* Set up the safe bag */
- if (!(bag = PKCS12_SAFEBAG_new ())) {
- PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
- if (!(bag->value.shkeybag =
- PKCS8_encrypt(pbe_nid, NULL, pass, passlen, salt, saltlen, iter,
- p8))) {
- PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- return bag;
-}
-
-/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
-PKCS7 *PKCS12_pack_p7data (STACK_OF(PKCS12_SAFEBAG) *sk)
-{
- PKCS7 *p7;
- if (!(p7 = PKCS7_new())) {
- PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- p7->type = OBJ_nid2obj(NID_pkcs7_data);
- if (!(p7->d.data = M_ASN1_OCTET_STRING_new())) {
- PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- if (!ASN1_seq_pack_PKCS12_SAFEBAG(sk, i2d_PKCS12_SAFEBAG,
- &p7->d.data->data,
- &p7->d.data->length)) {
- PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, PKCS12_R_CANT_PACK_STRUCTURE);
- return NULL;
- }
- return p7;
-}
-
-/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
-
-PKCS7 *PKCS12_pack_p7encdata (int pbe_nid, const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
- STACK_OF(PKCS12_SAFEBAG) *bags)
-{
- PKCS7 *p7;
- X509_ALGOR *pbe;
- if (!(p7 = PKCS7_new())) {
- PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
- PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
- PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
- return NULL;
- }
- if (!(pbe = PKCS5_pbe_set (pbe_nid, iter, salt, saltlen))) {
- PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
- p7->d.encrypted->enc_data->algorithm = pbe;
- M_ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
- if (!(p7->d.encrypted->enc_data->enc_data =
- PKCS12_i2d_encrypt (pbe, i2d_PKCS12_SAFEBAG, pass, passlen,
- (char *)bags, 1))) {
- PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR);
- return NULL;
- }
-
- return p7;
-}
-
-X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
- const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
- PKCS8_PRIV_KEY_INFO *p8inf)
-{
- X509_SIG *p8;
- X509_ALGOR *pbe;
-
- if (!(p8 = X509_SIG_new())) {
- PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if(pbe_nid == -1) pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
- else pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
- if(!pbe) {
- PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB);
- goto err;
- }
- X509_ALGOR_free(p8->algor);
- p8->algor = pbe;
- M_ASN1_OCTET_STRING_free(p8->digest);
- if (!(p8->digest =
- PKCS12_i2d_encrypt (pbe, i2d_PKCS8_PRIV_KEY_INFO, pass, passlen,
- (char *)p8inf, 0))) {
- PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
- goto err;
- }
-
- return p8;
-
- err:
- X509_SIG_free(p8);
- return NULL;
-}
diff --git a/src/lib/libcrypto/pkcs12/p12_attr.c b/src/lib/libcrypto/pkcs12/p12_attr.c
deleted file mode 100644
index a16a97d03d..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_attr.c
+++ /dev/null
@@ -1,238 +0,0 @@
-/* p12_attr.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Add a local keyid to a safebag */
-
-int PKCS12_add_localkeyid (PKCS12_SAFEBAG *bag, unsigned char *name,
- int namelen)
-{
- X509_ATTRIBUTE *attrib;
- ASN1_BMPSTRING *oct;
- ASN1_TYPE *keyid;
- if (!(keyid = ASN1_TYPE_new ())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- keyid->type = V_ASN1_OCTET_STRING;
- if (!(oct = M_ASN1_OCTET_STRING_new())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (!M_ASN1_OCTET_STRING_set(oct, name, namelen)) {
- PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- keyid->value.octet_string = oct;
- if (!(attrib = X509_ATTRIBUTE_new ())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- attrib->object = OBJ_nid2obj(NID_localKeyID);
- if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- sk_ASN1_TYPE_push (attrib->value.set,keyid);
- attrib->set = 1;
- if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- sk_X509_ATTRIBUTE_push (bag->attrib, attrib);
- return 1;
-}
-
-/* Add key usage to PKCS#8 structure */
-
-int PKCS8_add_keyusage (PKCS8_PRIV_KEY_INFO *p8, int usage)
-{
- X509_ATTRIBUTE *attrib;
- ASN1_BIT_STRING *bstr;
- ASN1_TYPE *keyid;
- unsigned char us_val;
- us_val = (unsigned char) usage;
- if (!(keyid = ASN1_TYPE_new ())) {
- PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- keyid->type = V_ASN1_BIT_STRING;
- if (!(bstr = M_ASN1_BIT_STRING_new())) {
- PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (!M_ASN1_BIT_STRING_set(bstr, &us_val, 1)) {
- PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- keyid->value.bit_string = bstr;
- if (!(attrib = X509_ATTRIBUTE_new ())) {
- PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- attrib->object = OBJ_nid2obj(NID_key_usage);
- if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) {
- PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- sk_ASN1_TYPE_push (attrib->value.set,keyid);
- attrib->set = 1;
- if (!p8->attributes
- && !(p8->attributes = sk_X509_ATTRIBUTE_new_null ())) {
- PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- sk_X509_ATTRIBUTE_push (p8->attributes, attrib);
- return 1;
-}
-
-/* Add a friendlyname to a safebag */
-
-int PKCS12_add_friendlyname_asc (PKCS12_SAFEBAG *bag, const char *name,
- int namelen)
-{
- unsigned char *uniname;
- int ret, unilen;
- if (!asc2uni(name, namelen, &uniname, &unilen)) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- ret = PKCS12_add_friendlyname_uni (bag, uniname, unilen);
- OPENSSL_free(uniname);
- return ret;
-}
-
-
-int PKCS12_add_friendlyname_uni (PKCS12_SAFEBAG *bag,
- const unsigned char *name, int namelen)
-{
- X509_ATTRIBUTE *attrib;
- ASN1_BMPSTRING *bmp;
- ASN1_TYPE *fname;
- /* Zap ending double null if included */
- if(!name[namelen - 1] && !name[namelen - 2]) namelen -= 2;
- if (!(fname = ASN1_TYPE_new ())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- fname->type = V_ASN1_BMPSTRING;
- if (!(bmp = M_ASN1_BMPSTRING_new())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (!(bmp->data = OPENSSL_malloc (namelen))) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- memcpy (bmp->data, name, namelen);
- bmp->length = namelen;
- fname->value.bmpstring = bmp;
- if (!(attrib = X509_ATTRIBUTE_new ())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- attrib->object = OBJ_nid2obj(NID_friendlyName);
- if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- sk_ASN1_TYPE_push (attrib->value.set,fname);
- attrib->set = 1;
- if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- sk_X509_ATTRIBUTE_push (bag->attrib, attrib);
- return PKCS12_OK;
-}
-
-ASN1_TYPE *PKCS12_get_attr_gen (STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
-{
- X509_ATTRIBUTE *attrib;
- int i;
- if (!attrs) return NULL;
- for (i = 0; i < sk_X509_ATTRIBUTE_num (attrs); i++) {
- attrib = sk_X509_ATTRIBUTE_value (attrs, i);
- if (OBJ_obj2nid (attrib->object) == attr_nid) {
- if (sk_ASN1_TYPE_num (attrib->value.set))
- return sk_ASN1_TYPE_value(attrib->value.set, 0);
- else return NULL;
- }
- }
- return NULL;
-}
-
-char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag)
-{
- ASN1_TYPE *atype;
- if (!(atype = PKCS12_get_attr(bag, NID_friendlyName))) return NULL;
- if (atype->type != V_ASN1_BMPSTRING) return NULL;
- return uni2asc(atype->value.bmpstring->data,
- atype->value.bmpstring->length);
-}
-
diff --git a/src/lib/libcrypto/pkcs12/p12_crpt.c b/src/lib/libcrypto/pkcs12/p12_crpt.c
deleted file mode 100644
index 7b96584f07..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_crpt.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* p12_crpt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* PKCS#12 specific PBE functions */
-
-void PKCS12_PBE_add(void)
-{
-#ifndef NO_RC4
-EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC4, EVP_rc4(), EVP_sha1(),
- PKCS12_PBE_keyivgen);
-EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC4, EVP_rc4_40(), EVP_sha1(),
- PKCS12_PBE_keyivgen);
-#endif
-#ifndef NO_DES
-EVP_PBE_alg_add(NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
- EVP_des_ede3_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen);
-EVP_PBE_alg_add(NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
- EVP_des_ede_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen);
-#endif
-#ifndef NO_RC2
-EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC2_CBC, EVP_rc2_cbc(),
- EVP_sha1(), PKCS12_PBE_keyivgen);
-EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(),
- EVP_sha1(), PKCS12_PBE_keyivgen);
-#endif
-}
-
-int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
- ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md, int en_de)
-{
- PBEPARAM *pbe;
- int saltlen, iter;
- unsigned char *salt, *pbuf;
- unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
-
- /* Extract useful info from parameter */
- pbuf = param->value.sequence->data;
- if (!param || (param->type != V_ASN1_SEQUENCE) ||
- !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) {
- EVPerr(PKCS12_F_PKCS12_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
- return 0;
- }
-
- if (!pbe->iter) iter = 1;
- else iter = ASN1_INTEGER_get (pbe->iter);
- salt = pbe->salt->data;
- saltlen = pbe->salt->length;
- if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_KEY_ID,
- iter, EVP_CIPHER_key_length(cipher), key, md)) {
- PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_KEY_GEN_ERROR);
- PBEPARAM_free(pbe);
- return 0;
- }
- if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_IV_ID,
- iter, EVP_CIPHER_iv_length(cipher), iv, md)) {
- PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_IV_GEN_ERROR);
- PBEPARAM_free(pbe);
- return 0;
- }
- PBEPARAM_free(pbe);
- EVP_CipherInit(ctx, cipher, key, iv, en_de);
- memset(key, 0, EVP_MAX_KEY_LENGTH);
- memset(iv, 0, EVP_MAX_IV_LENGTH);
- return 1;
-}
diff --git a/src/lib/libcrypto/pkcs12/p12_crt.c b/src/lib/libcrypto/pkcs12/p12_crt.c
deleted file mode 100644
index a8f7b48882..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_crt.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/* p12_crt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
- STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter,
- int keytype)
-{
- PKCS12 *p12;
- STACK_OF(PKCS12_SAFEBAG) *bags;
- STACK_OF(PKCS7) *safes;
- PKCS12_SAFEBAG *bag;
- PKCS8_PRIV_KEY_INFO *p8;
- PKCS7 *authsafe;
- X509 *tcert;
- int i;
- unsigned char keyid[EVP_MAX_MD_SIZE];
- unsigned int keyidlen;
-
- /* Set defaults */
- if(!nid_cert) nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
- if(!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
- if(!iter) iter = PKCS12_DEFAULT_ITER;
- if(!mac_iter) mac_iter = 1;
-
- if(!pkey || !cert) {
- PKCS12err(PKCS12_F_PKCS12_CREATE,PKCS12_R_INVALID_NULL_ARGUMENT);
- return NULL;
- }
-
- if(!X509_check_private_key(cert, pkey)) return NULL;
-
- if(!(bags = sk_PKCS12_SAFEBAG_new_null ())) {
- PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- /* Add user certificate */
- if(!(bag = M_PKCS12_x5092certbag(cert))) return NULL;
- if(name && !PKCS12_add_friendlyname(bag, name, -1)) return NULL;
- X509_digest(cert, EVP_sha1(), keyid, &keyidlen);
- if(!PKCS12_add_localkeyid(bag, keyid, keyidlen)) return NULL;
-
- if(!sk_PKCS12_SAFEBAG_push(bags, bag)) {
- PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- /* Add all other certificates */
- if(ca) {
- for(i = 0; i < sk_X509_num(ca); i++) {
- tcert = sk_X509_value(ca, i);
- if(!(bag = M_PKCS12_x5092certbag(tcert))) return NULL;
- if(!sk_PKCS12_SAFEBAG_push(bags, bag)) {
- PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- }
- }
-
- /* Turn certbags into encrypted authsafe */
- authsafe = PKCS12_pack_p7encdata (nid_cert, pass, -1, NULL, 0,
- iter, bags);
- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-
- if (!authsafe) return NULL;
-
- if(!(safes = sk_PKCS7_new_null ())
- || !sk_PKCS7_push(safes, authsafe)) {
- PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- /* Make a shrouded key bag */
- if(!(p8 = EVP_PKEY2PKCS8 (pkey))) return NULL;
- if(keytype && !PKCS8_add_keyusage(p8, keytype)) return NULL;
- bag = PKCS12_MAKE_SHKEYBAG (nid_key, pass, -1, NULL, 0, iter, p8);
- if(!bag) return NULL;
- PKCS8_PRIV_KEY_INFO_free(p8);
- if (name && !PKCS12_add_friendlyname (bag, name, -1)) return NULL;
- if(!PKCS12_add_localkeyid (bag, keyid, keyidlen)) return NULL;
- if(!(bags = sk_PKCS12_SAFEBAG_new_null())
- || !sk_PKCS12_SAFEBAG_push (bags, bag)) {
- PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- /* Turn it into unencrypted safe bag */
- if(!(authsafe = PKCS12_pack_p7data (bags))) return NULL;
- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
- if(!sk_PKCS7_push(safes, authsafe)) {
- PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- if(!(p12 = PKCS12_init (NID_pkcs7_data))) return NULL;
-
- if(!M_PKCS12_pack_authsafes (p12, safes)) return NULL;
-
- sk_PKCS7_pop_free(safes, PKCS7_free);
-
- if(!PKCS12_set_mac (p12, pass, -1, NULL, 0, mac_iter, NULL))
- return NULL;
-
- return p12;
-
-}
diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c
deleted file mode 100644
index 8cd7e2f414..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_decr.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/* p12_decr.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Define this to dump decrypted output to files called DERnnn */
-/*#define DEBUG_DECRYPT*/
-
-
-/* Encrypt/Decrypt a buffer based on password and algor, result in a
- * OPENSSL_malloc'ed buffer
- */
-
-unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass,
- int passlen, unsigned char *in, int inlen, unsigned char **data,
- int *datalen, int en_de)
-{
- unsigned char *out;
- int outlen, i;
- EVP_CIPHER_CTX ctx;
-
- /* Decrypt data */
- if (!EVP_PBE_CipherInit (algor->algorithm, pass, passlen,
- algor->parameter, &ctx, en_de)) {
- PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR);
- return NULL;
- }
-
- if(!(out = OPENSSL_malloc (inlen + EVP_CIPHER_CTX_block_size(&ctx)))) {
- PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- EVP_CipherUpdate (&ctx, out, &i, in, inlen);
- outlen = i;
- if(!EVP_CipherFinal (&ctx, out + i, &i)) {
- OPENSSL_free (out);
- PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_CIPHERFINAL_ERROR);
- return NULL;
- }
- outlen += i;
- if (datalen) *datalen = outlen;
- if (data) *data = out;
- return out;
-
-}
-
-/* Decrypt an OCTET STRING and decode ASN1 structure
- * if seq & 1 'obj' is a stack of structures to be encoded
- * if seq & 2 zero buffer after use
- * as a sequence.
- */
-
-char * PKCS12_decrypt_d2i (X509_ALGOR *algor, char * (*d2i)(),
- void (*free_func)(void *), const char *pass, int passlen,
- ASN1_OCTET_STRING *oct, int seq)
-{
- unsigned char *out, *p;
- char *ret;
- int outlen;
-
- if (!PKCS12_pbe_crypt (algor, pass, passlen, oct->data, oct->length,
- &out, &outlen, 0)) {
- PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_PKCS12_PBE_CRYPT_ERROR);
- return NULL;
- }
- p = out;
-#ifdef DEBUG_DECRYPT
- {
- FILE *op;
-
- char fname[30];
- static int fnm = 1;
- sprintf(fname, "DER%d", fnm++);
- op = fopen(fname, "wb");
- fwrite (p, 1, outlen, op);
- fclose(op);
- }
-#endif
- if (seq & 1) ret = (char *) d2i_ASN1_SET(NULL, &p, outlen, d2i,
- free_func, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
- else ret = d2i(NULL, &p, outlen);
- if (seq & 2) memset(out, 0, outlen);
- if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR);
- OPENSSL_free (out);
- return ret;
-}
-
-/* Encode ASN1 structure and encrypt, return OCTET STRING
- * if 'seq' is non-zero 'obj' is a stack of structures to be encoded
- * as a sequence
- */
-
-ASN1_OCTET_STRING *PKCS12_i2d_encrypt (X509_ALGOR *algor, int (*i2d)(),
- const char *pass, int passlen,
- char *obj, int seq)
-{
- ASN1_OCTET_STRING *oct;
- unsigned char *in, *p;
- int inlen;
- if (!(oct = M_ASN1_OCTET_STRING_new ())) {
- PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- if (seq) inlen = i2d_ASN1_SET((STACK *)obj, NULL, i2d, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);
- else inlen = i2d (obj, NULL);
- if (!inlen) {
- PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR);
- return NULL;
- }
- if (!(in = OPENSSL_malloc (inlen))) {
- PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- p = in;
- if (seq) i2d_ASN1_SET((STACK *)obj, &p, i2d, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);
- else i2d (obj, &p);
- if (!PKCS12_pbe_crypt (algor, pass, passlen, in, inlen, &oct->data,
- &oct->length, 1)) {
- PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR);
- OPENSSL_free(in);
- return NULL;
- }
- OPENSSL_free (in);
- return oct;
-}
-
-IMPLEMENT_PKCS12_STACK_OF(PKCS7)
diff --git a/src/lib/libcrypto/pkcs12/p12_init.c b/src/lib/libcrypto/pkcs12/p12_init.c
deleted file mode 100644
index d5d4884c82..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_init.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* p12_init.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Initialise a PKCS12 structure to take data */
-
-PKCS12 *PKCS12_init (int mode)
-{
- PKCS12 *pkcs12;
- if (!(pkcs12 = PKCS12_new())) {
- PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- if (!(pkcs12->version = M_ASN1_INTEGER_new ())) {
- PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- ASN1_INTEGER_set(pkcs12->version, 3);
- if (!(pkcs12->authsafes = PKCS7_new())) {
- PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- pkcs12->authsafes->type = OBJ_nid2obj(mode);
- switch (mode) {
- case NID_pkcs7_data:
- if (!(pkcs12->authsafes->d.data =
- M_ASN1_OCTET_STRING_new())) {
- PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- break;
- default:
- PKCS12err(PKCS12_F_PKCS12_INIT,PKCS12_R_UNSUPPORTED_PKCS12_MODE);
- PKCS12_free(pkcs12);
- return NULL;
- break;
- }
-
- return pkcs12;
-}
diff --git a/src/lib/libcrypto/pkcs12/p12_key.c b/src/lib/libcrypto/pkcs12/p12_key.c
deleted file mode 100644
index a4fd5b98ec..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_key.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/* p12_key.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-
-/* Uncomment out this line to get debugging info about key generation */
-/*#define DEBUG_KEYGEN*/
-#ifdef DEBUG_KEYGEN
-#include <openssl/bio.h>
-extern BIO *bio_err;
-void h__dump (unsigned char *p, int len);
-#endif
-
-/* PKCS12 compatible key/IV generation */
-#ifndef min
-#define min(a,b) ((a) < (b) ? (a) : (b))
-#endif
-
-int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
- int saltlen, int id, int iter, int n, unsigned char *out,
- const EVP_MD *md_type)
-{
- int ret;
- unsigned char *unipass;
- int uniplen;
- if(!pass) {
- unipass = NULL;
- uniplen = 0;
- } else if (!asc2uni(pass, passlen, &unipass, &uniplen)) {
- PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
- id, iter, n, out, md_type);
- if(unipass) {
- memset(unipass, 0, uniplen); /* Clear password from memory */
- OPENSSL_free(unipass);
- }
- return ret;
-}
-
-int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
- int saltlen, int id, int iter, int n, unsigned char *out,
- const EVP_MD *md_type)
-{
- unsigned char *B, *D, *I, *p, *Ai;
- int Slen, Plen, Ilen, Ijlen;
- int i, j, u, v;
- BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */
- EVP_MD_CTX ctx;
-#ifdef DEBUG_KEYGEN
- unsigned char *tmpout = out;
- int tmpn = n;
-#endif
-
-#if 0
- if (!pass) {
- PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
-#endif
-
-#ifdef DEBUG_KEYGEN
- fprintf(stderr, "KEYGEN DEBUG\n");
- fprintf(stderr, "ID %d, ITER %d\n", id, iter);
- fprintf(stderr, "Password (length %d):\n", passlen);
- h__dump(pass, passlen);
- fprintf(stderr, "Salt (length %d):\n", saltlen);
- h__dump(salt, saltlen);
-#endif
- v = EVP_MD_block_size (md_type);
- u = EVP_MD_size (md_type);
- D = OPENSSL_malloc (v);
- Ai = OPENSSL_malloc (u);
- B = OPENSSL_malloc (v + 1);
- Slen = v * ((saltlen+v-1)/v);
- if(passlen) Plen = v * ((passlen+v-1)/v);
- else Plen = 0;
- Ilen = Slen + Plen;
- I = OPENSSL_malloc (Ilen);
- Ij = BN_new();
- Bpl1 = BN_new();
- if (!D || !Ai || !B || !I || !Ij || !Bpl1) {
- PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- for (i = 0; i < v; i++) D[i] = id;
- p = I;
- for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen];
- for (i = 0; i < Plen; i++) *p++ = pass[i % passlen];
- for (;;) {
- EVP_DigestInit (&ctx, md_type);
- EVP_DigestUpdate (&ctx, D, v);
- EVP_DigestUpdate (&ctx, I, Ilen);
- EVP_DigestFinal (&ctx, Ai, NULL);
- for (j = 1; j < iter; j++) {
- EVP_DigestInit (&ctx, md_type);
- EVP_DigestUpdate (&ctx, Ai, u);
- EVP_DigestFinal (&ctx, Ai, NULL);
- }
- memcpy (out, Ai, min (n, u));
- if (u >= n) {
- OPENSSL_free (Ai);
- OPENSSL_free (B);
- OPENSSL_free (D);
- OPENSSL_free (I);
- BN_free (Ij);
- BN_free (Bpl1);
-#ifdef DEBUG_KEYGEN
- fprintf(stderr, "Output KEY (length %d)\n", tmpn);
- h__dump(tmpout, tmpn);
-#endif
- return 1;
- }
- n -= u;
- out += u;
- for (j = 0; j < v; j++) B[j] = Ai[j % u];
- /* Work out B + 1 first then can use B as tmp space */
- BN_bin2bn (B, v, Bpl1);
- BN_add_word (Bpl1, 1);
- for (j = 0; j < Ilen ; j+=v) {
- BN_bin2bn (I + j, v, Ij);
- BN_add (Ij, Ij, Bpl1);
- BN_bn2bin (Ij, B);
- Ijlen = BN_num_bytes (Ij);
- /* If more than 2^(v*8) - 1 cut off MSB */
- if (Ijlen > v) {
- BN_bn2bin (Ij, B);
- memcpy (I + j, B + 1, v);
-#ifndef PKCS12_BROKEN_KEYGEN
- /* If less than v bytes pad with zeroes */
- } else if (Ijlen < v) {
- memset(I + j, 0, v - Ijlen);
- BN_bn2bin(Ij, I + j + v - Ijlen);
-#endif
- } else BN_bn2bin (Ij, I + j);
- }
- }
-}
-#ifdef DEBUG_KEYGEN
-void h__dump (unsigned char *p, int len)
-{
- for (; len --; p++) fprintf(stderr, "%02X", *p);
- fprintf(stderr, "\n");
-}
-#endif
diff --git a/src/lib/libcrypto/pkcs12/p12_kiss.c b/src/lib/libcrypto/pkcs12/p12_kiss.c
deleted file mode 100644
index 5d67f19b45..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_kiss.c
+++ /dev/null
@@ -1,285 +0,0 @@
-/* p12_kiss.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Simplified PKCS#12 routines */
-
-static int parse_pk12( PKCS12 *p12, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
-
-static int parse_bags( STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
- int passlen, EVP_PKEY **pkey, X509 **cert,
- STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
- char *keymatch);
-
-static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
- ASN1_OCTET_STRING **keyid, char *keymatch);
-
-/* Parse and decrypt a PKCS#12 structure returning user key, user cert
- * and other (CA) certs. Note either ca should be NULL, *ca should be NULL,
- * or it should point to a valid STACK structure. pkey and cert can be
- * passed unitialised.
- */
-
-int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
- STACK_OF(X509) **ca)
-{
-
- /* Check for NULL PKCS12 structure */
-
- if(!p12) {
- PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_INVALID_NULL_PKCS12_POINTER);
- return 0;
- }
-
- /* Allocate stack for ca certificates if needed */
- if ((ca != NULL) && (*ca == NULL)) {
- if (!(*ca = sk_X509_new_null())) {
- PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- }
-
- if(pkey) *pkey = NULL;
- if(cert) *cert = NULL;
-
- /* Check the mac */
-
- /* If password is zero length or NULL then try verifying both cases
- * to determine which password is correct. The reason for this is that
- * under PKCS#12 password based encryption no password and a zero length
- * password are two different things...
- */
-
- if(!pass || !*pass) {
- if(PKCS12_verify_mac(p12, NULL, 0)) pass = NULL;
- else if(PKCS12_verify_mac(p12, "", 0)) pass = "";
- else {
- PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE);
- goto err;
- }
- } else if (!PKCS12_verify_mac(p12, pass, -1)) {
- PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE);
- goto err;
- }
-
- if (!parse_pk12 (p12, pass, -1, pkey, cert, ca))
- {
- PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_PARSE_ERROR);
- goto err;
- }
-
- return 1;
-
- err:
-
- if (pkey && *pkey) EVP_PKEY_free(*pkey);
- if (cert && *cert) X509_free(*cert);
- if (ca) sk_X509_pop_free(*ca, X509_free);
- return 0;
-
-}
-
-/* Parse the outer PKCS#12 structure */
-
-static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
-{
- STACK_OF(PKCS7) *asafes;
- STACK_OF(PKCS12_SAFEBAG) *bags;
- int i, bagnid;
- PKCS7 *p7;
- ASN1_OCTET_STRING *keyid = NULL;
-
- char keymatch = 0;
- if (!( asafes = M_PKCS12_unpack_authsafes (p12))) return 0;
- for (i = 0; i < sk_PKCS7_num (asafes); i++) {
- p7 = sk_PKCS7_value (asafes, i);
- bagnid = OBJ_obj2nid (p7->type);
- if (bagnid == NID_pkcs7_data) {
- bags = M_PKCS12_unpack_p7data(p7);
- } else if (bagnid == NID_pkcs7_encrypted) {
- bags = M_PKCS12_unpack_p7encdata(p7, pass, passlen);
- } else continue;
- if (!bags) {
- sk_PKCS7_pop_free(asafes, PKCS7_free);
- return 0;
- }
- if (!parse_bags(bags, pass, passlen, pkey, cert, ca,
- &keyid, &keymatch)) {
- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
- sk_PKCS7_pop_free(asafes, PKCS7_free);
- return 0;
- }
- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
- }
- sk_PKCS7_pop_free(asafes, PKCS7_free);
- if (keyid) M_ASN1_OCTET_STRING_free(keyid);
- return 1;
-}
-
-
-static int parse_bags (STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
- int passlen, EVP_PKEY **pkey, X509 **cert,
- STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
- char *keymatch)
-{
- int i;
- for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
- if (!parse_bag(sk_PKCS12_SAFEBAG_value (bags, i),
- pass, passlen, pkey, cert, ca, keyid,
- keymatch)) return 0;
- }
- return 1;
-}
-
-#define MATCH_KEY 0x1
-#define MATCH_CERT 0x2
-#define MATCH_ALL 0x3
-
-static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
- ASN1_OCTET_STRING **keyid,
- char *keymatch)
-{
- PKCS8_PRIV_KEY_INFO *p8;
- X509 *x509;
- ASN1_OCTET_STRING *lkey = NULL, *ckid = NULL;
- ASN1_TYPE *attrib;
- ASN1_BMPSTRING *fname = NULL;
-
- if ((attrib = PKCS12_get_attr (bag, NID_friendlyName)))
- fname = attrib->value.bmpstring;
-
- if ((attrib = PKCS12_get_attr (bag, NID_localKeyID))) {
- lkey = attrib->value.octet_string;
- ckid = lkey;
- }
-
- /* Check for any local key id matching (if needed) */
- if (lkey && ((*keymatch & MATCH_ALL) != MATCH_ALL)) {
- if (*keyid) {
- if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey)) lkey = NULL;
- } else {
- if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) {
- PKCS12err(PKCS12_F_PARSE_BAGS,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- }
- }
-
- switch (M_PKCS12_bag_type(bag))
- {
- case NID_keyBag:
- if (!lkey || !pkey) return 1;
- if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag))) return 0;
- *keymatch |= MATCH_KEY;
- break;
-
- case NID_pkcs8ShroudedKeyBag:
- if (!lkey || !pkey) return 1;
- if (!(p8 = M_PKCS12_decrypt_skey(bag, pass, passlen)))
- return 0;
- *pkey = EVP_PKCS82PKEY(p8);
- PKCS8_PRIV_KEY_INFO_free(p8);
- if (!(*pkey)) return 0;
- *keymatch |= MATCH_KEY;
- break;
-
- case NID_certBag:
- if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
- return 1;
- if (!(x509 = M_PKCS12_certbag2x509(bag))) return 0;
- if(ckid) X509_keyid_set1(x509, ckid->data, ckid->length);
- if(fname) {
- int len;
- unsigned char *data;
- len = ASN1_STRING_to_UTF8(&data, fname);
- if(len > 0) {
- X509_alias_set1(x509, data, len);
- OPENSSL_free(data);
- }
- }
-
-
- if (lkey) {
- *keymatch |= MATCH_CERT;
- if (cert) *cert = x509;
- else X509_free(x509);
- } else {
- if(ca) sk_X509_push (*ca, x509);
- else X509_free(x509);
- }
- break;
-
- case NID_safeContentsBag:
- return parse_bags(bag->value.safes, pass, passlen,
- pkey, cert, ca, keyid, keymatch);
- break;
-
- default:
- return 1;
- break;
- }
- return 1;
-}
-
diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c
deleted file mode 100644
index 13d866da51..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_mutl.c
+++ /dev/null
@@ -1,170 +0,0 @@
-/* p12_mutl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef NO_HMAC
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/hmac.h>
-#include <openssl/rand.h>
-#include <openssl/pkcs12.h>
-
-/* Generate a MAC */
-int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen,
- unsigned char *mac, unsigned int *maclen)
-{
- const EVP_MD *md_type;
- HMAC_CTX hmac;
- unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt;
- int saltlen, iter;
- salt = p12->mac->salt->data;
- saltlen = p12->mac->salt->length;
- if (!p12->mac->iter) iter = 1;
- else iter = ASN1_INTEGER_get (p12->mac->iter);
- if(!(md_type =
- EVP_get_digestbyobj (p12->mac->dinfo->algor->algorithm))) {
- PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
- return 0;
- }
- if(!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
- PKCS12_MAC_KEY_LENGTH, key, md_type)) {
- PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_KEY_GEN_ERROR);
- return 0;
- }
- HMAC_Init (&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type);
- HMAC_Update (&hmac, p12->authsafes->d.data->data,
- p12->authsafes->d.data->length);
- HMAC_Final (&hmac, mac, maclen);
- return 1;
-}
-
-/* Verify the mac */
-int PKCS12_verify_mac (PKCS12 *p12, const char *pass, int passlen)
-{
- unsigned char mac[EVP_MAX_MD_SIZE];
- unsigned int maclen;
- if(p12->mac == NULL) {
- PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_ABSENT);
- return 0;
- }
- if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) {
- PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_GENERATION_ERROR);
- return 0;
- }
- if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
- || memcmp (mac, p12->mac->dinfo->digest->data, maclen)) return 0;
- return 1;
-}
-
-/* Set a mac */
-
-int PKCS12_set_mac (PKCS12 *p12, const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter, EVP_MD *md_type)
-{
- unsigned char mac[EVP_MAX_MD_SIZE];
- unsigned int maclen;
-
- if (!md_type) md_type = EVP_sha1();
- if (PKCS12_setup_mac (p12, iter, salt, saltlen, md_type) ==
- PKCS12_ERROR) {
- PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_SETUP_ERROR);
- return 0;
- }
- if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) {
- PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_GENERATION_ERROR);
- return 0;
- }
- if (!(M_ASN1_OCTET_STRING_set (p12->mac->dinfo->digest, mac, maclen))) {
- PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_STRING_SET_ERROR);
- return 0;
- }
- return 1;
-}
-
-/* Set up a mac structure */
-int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
- EVP_MD *md_type)
-{
- if (!(p12->mac = PKCS12_MAC_DATA_new())) return PKCS12_ERROR;
- if (iter > 1) {
- if(!(p12->mac->iter = M_ASN1_INTEGER_new())) {
- PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- ASN1_INTEGER_set(p12->mac->iter, iter);
- }
- if (!saltlen) saltlen = PKCS12_SALT_LEN;
- p12->mac->salt->length = saltlen;
- if (!(p12->mac->salt->data = OPENSSL_malloc (saltlen))) {
- PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (!salt) {
- if (RAND_pseudo_bytes (p12->mac->salt->data, saltlen) < 0)
- return 0;
- }
- else memcpy (p12->mac->salt->data, salt, saltlen);
- p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type));
- if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) {
- PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL;
-
- return 1;
-}
-#endif
diff --git a/src/lib/libcrypto/pkcs12/p12_npas.c b/src/lib/libcrypto/pkcs12/p12_npas.c
deleted file mode 100644
index 84e31a7f21..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_npas.c
+++ /dev/null
@@ -1,217 +0,0 @@
-/* p12_npas.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* PKCS#12 password change routine */
-
-static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass);
-static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
- char *newpass);
-static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass);
-static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
-
-/*
- * Change the password on a PKCS#12 structure.
- */
-
-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass)
-{
-
-/* Check for NULL PKCS12 structure */
-
-if(!p12) {
- PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_INVALID_NULL_PKCS12_POINTER);
- return 0;
-}
-
-/* Check the mac */
-
-if (!PKCS12_verify_mac(p12, oldpass, -1)) {
- PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_MAC_VERIFY_FAILURE);
- return 0;
-}
-
-if (!newpass_p12(p12, oldpass, newpass)) {
- PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_PARSE_ERROR);
- return 0;
-}
-
-return 1;
-
-}
-
-/* Parse the outer PKCS#12 structure */
-
-static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass)
-{
- STACK_OF(PKCS7) *asafes, *newsafes;
- STACK_OF(PKCS12_SAFEBAG) *bags;
- int i, bagnid, pbe_nid, pbe_iter, pbe_saltlen;
- PKCS7 *p7, *p7new;
- ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL;
- unsigned char mac[EVP_MAX_MD_SIZE];
- unsigned int maclen;
-
- if (!(asafes = M_PKCS12_unpack_authsafes(p12))) return 0;
- if(!(newsafes = sk_PKCS7_new_null())) return 0;
- for (i = 0; i < sk_PKCS7_num (asafes); i++) {
- p7 = sk_PKCS7_value(asafes, i);
- bagnid = OBJ_obj2nid(p7->type);
- if (bagnid == NID_pkcs7_data) {
- bags = M_PKCS12_unpack_p7data(p7);
- } else if (bagnid == NID_pkcs7_encrypted) {
- bags = M_PKCS12_unpack_p7encdata(p7, oldpass, -1);
- alg_get(p7->d.encrypted->enc_data->algorithm,
- &pbe_nid, &pbe_iter, &pbe_saltlen);
- } else continue;
- if (!bags) {
- sk_PKCS7_pop_free(asafes, PKCS7_free);
- return 0;
- }
- if (!newpass_bags(bags, oldpass, newpass)) {
- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
- sk_PKCS7_pop_free(asafes, PKCS7_free);
- return 0;
- }
- /* Repack bag in same form with new password */
- if (bagnid == NID_pkcs7_data) p7new = PKCS12_pack_p7data(bags);
- else p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL,
- pbe_saltlen, pbe_iter, bags);
- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
- if(!p7new) {
- sk_PKCS7_pop_free(asafes, PKCS7_free);
- return 0;
- }
- sk_PKCS7_push(newsafes, p7new);
- }
- sk_PKCS7_pop_free(asafes, PKCS7_free);
-
- /* Repack safe: save old safe in case of error */
-
- p12_data_tmp = p12->authsafes->d.data;
- if(!(p12->authsafes->d.data = ASN1_OCTET_STRING_new())) goto saferr;
- if(!M_PKCS12_pack_authsafes(p12, newsafes)) goto saferr;
-
- if(!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen)) goto saferr;
- if(!(macnew = ASN1_OCTET_STRING_new())) goto saferr;
- if(!ASN1_OCTET_STRING_set(macnew, mac, maclen)) goto saferr;
- ASN1_OCTET_STRING_free(p12->mac->dinfo->digest);
- p12->mac->dinfo->digest = macnew;
- ASN1_OCTET_STRING_free(p12_data_tmp);
-
- return 1;
-
- saferr:
- /* Restore old safe */
- ASN1_OCTET_STRING_free(p12->authsafes->d.data);
- ASN1_OCTET_STRING_free(macnew);
- p12->authsafes->d.data = p12_data_tmp;
- return 0;
-
-}
-
-
-static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
- char *newpass)
-{
- int i;
- for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
- if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i),
- oldpass, newpass))
- return 0;
- }
- return 1;
-}
-
-/* Change password of safebag: only needs handle shrouded keybags */
-
-static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass)
-{
- PKCS8_PRIV_KEY_INFO *p8;
- X509_SIG *p8new;
- int p8_nid, p8_saltlen, p8_iter;
-
- if(M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag) return 1;
-
- if (!(p8 = M_PKCS12_decrypt_skey(bag, oldpass, -1))) return 0;
- alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen);
- if(!(p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
- p8_iter, p8))) return 0;
- X509_SIG_free(bag->value.shkeybag);
- bag->value.shkeybag = p8new;
- return 1;
-}
-
-static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen)
-{
- PBEPARAM *pbe;
- unsigned char *p;
- p = alg->parameter->value.sequence->data;
- pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
- *pnid = OBJ_obj2nid(alg->algorithm);
- *piter = ASN1_INTEGER_get(pbe->iter);
- *psaltlen = pbe->salt->length;
- PBEPARAM_free(pbe);
- return 0;
-}
diff --git a/src/lib/libcrypto/pkcs12/p12_utl.c b/src/lib/libcrypto/pkcs12/p12_utl.c
deleted file mode 100644
index 2f1d1e534f..0000000000
--- a/src/lib/libcrypto/pkcs12/p12_utl.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* p12_utl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Cheap and nasty Unicode stuff */
-
-unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen)
-{
- int ulen, i;
- unsigned char *unitmp;
- if (asclen == -1) asclen = strlen(asc);
- ulen = asclen*2 + 2;
- if (!(unitmp = OPENSSL_malloc(ulen))) return NULL;
- for (i = 0; i < ulen - 2; i+=2) {
- unitmp[i] = 0;
- unitmp[i + 1] = asc[i>>1];
- }
- /* Make result double null terminated */
- unitmp[ulen - 2] = 0;
- unitmp[ulen - 1] = 0;
- if (unilen) *unilen = ulen;
- if (uni) *uni = unitmp;
- return unitmp;
-}
-
-char *uni2asc(unsigned char *uni, int unilen)
-{
- int asclen, i;
- char *asctmp;
- asclen = unilen / 2;
- /* If no terminating zero allow for one */
- if (!unilen || uni[unilen - 1]) asclen++;
- uni++;
- if (!(asctmp = OPENSSL_malloc(asclen))) return NULL;
- for (i = 0; i < unilen; i+=2) asctmp[i>>1] = uni[i];
- asctmp[asclen - 1] = 0;
- return asctmp;
-}
-
-int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12)
-{
- return ASN1_i2d_bio((int(*)())i2d_PKCS12, bp, (unsigned char *)p12);
-}
-
-#ifndef NO_FP_API
-int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12)
-{
- return ASN1_i2d_fp((int(*)())i2d_PKCS12, fp, (unsigned char *)p12);
-}
-#endif
-
-PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)
-{
- return (PKCS12 *)ASN1_d2i_bio((char *(*)())PKCS12_new,
- (char *(*)())d2i_PKCS12, bp, (unsigned char **)p12);
-}
-#ifndef NO_FP_API
-PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12)
-{
- return (PKCS12 *)ASN1_d2i_fp((char *(*)())PKCS12_new,
- (char *(*)())d2i_PKCS12, fp, (unsigned char **)(p12));
-}
-#endif
-
diff --git a/src/lib/libcrypto/pkcs12/pk12err.c b/src/lib/libcrypto/pkcs12/pk12err.c
deleted file mode 100644
index 12db54f49e..0000000000
--- a/src/lib/libcrypto/pkcs12/pk12err.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* crypto/pkcs12/pk12err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA PKCS12_str_functs[]=
- {
-{ERR_PACK(0,PKCS12_F_PARSE_BAGS,0), "PARSE_BAGS"},
-{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME,0), "PKCS12_ADD_FRIENDLYNAME"},
-{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,0), "PKCS12_add_friendlyname_asc"},
-{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,0), "PKCS12_add_friendlyname_uni"},
-{ERR_PACK(0,PKCS12_F_PKCS12_ADD_LOCALKEYID,0), "PKCS12_add_localkeyid"},
-{ERR_PACK(0,PKCS12_F_PKCS12_CREATE,0), "PKCS12_create"},
-{ERR_PACK(0,PKCS12_F_PKCS12_DECRYPT_D2I,0), "PKCS12_decrypt_d2i"},
-{ERR_PACK(0,PKCS12_F_PKCS12_GEN_MAC,0), "PKCS12_gen_mac"},
-{ERR_PACK(0,PKCS12_F_PKCS12_I2D_ENCRYPT,0), "PKCS12_i2d_encrypt"},
-{ERR_PACK(0,PKCS12_F_PKCS12_INIT,0), "PKCS12_init"},
-{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_ASC,0), "PKCS12_key_gen_asc"},
-{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_UNI,0), "PKCS12_key_gen_uni"},
-{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_KEYBAG,0), "PKCS12_MAKE_KEYBAG"},
-{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_SHKEYBAG,0), "PKCS12_MAKE_SHKEYBAG"},
-{ERR_PACK(0,PKCS12_F_PKCS12_NEWPASS,0), "PKCS12_newpass"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7DATA,0), "PKCS12_pack_p7data"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7ENCDATA,0), "PKCS12_pack_p7encdata"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PACK_SAFEBAG,0), "PKCS12_pack_safebag"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PARSE,0), "PKCS12_parse"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PBE_CRYPT,0), "PKCS12_pbe_crypt"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PBE_KEYIVGEN,0), "PKCS12_PBE_keyivgen"},
-{ERR_PACK(0,PKCS12_F_PKCS12_SETUP_MAC,0), "PKCS12_setup_mac"},
-{ERR_PACK(0,PKCS12_F_PKCS12_SET_MAC,0), "PKCS12_set_mac"},
-{ERR_PACK(0,PKCS12_F_PKCS8_ADD_KEYUSAGE,0), "PKCS8_add_keyusage"},
-{ERR_PACK(0,PKCS12_F_PKCS8_ENCRYPT,0), "PKCS8_encrypt"},
-{ERR_PACK(0,PKCS12_F_VERIFY_MAC,0), "VERIFY_MAC"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA PKCS12_str_reasons[]=
- {
-{PKCS12_R_CANT_PACK_STRUCTURE ,"cant pack structure"},
-{PKCS12_R_DECODE_ERROR ,"decode error"},
-{PKCS12_R_ENCODE_ERROR ,"encode error"},
-{PKCS12_R_ENCRYPT_ERROR ,"encrypt error"},
-{PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE,"error setting encrypted data type"},
-{PKCS12_R_INVALID_NULL_ARGUMENT ,"invalid null argument"},
-{PKCS12_R_INVALID_NULL_PKCS12_POINTER ,"invalid null pkcs12 pointer"},
-{PKCS12_R_IV_GEN_ERROR ,"iv gen error"},
-{PKCS12_R_KEY_GEN_ERROR ,"key gen error"},
-{PKCS12_R_MAC_ABSENT ,"mac absent"},
-{PKCS12_R_MAC_GENERATION_ERROR ,"mac generation error"},
-{PKCS12_R_MAC_SETUP_ERROR ,"mac setup error"},
-{PKCS12_R_MAC_STRING_SET_ERROR ,"mac string set error"},
-{PKCS12_R_MAC_VERIFY_ERROR ,"mac verify error"},
-{PKCS12_R_MAC_VERIFY_FAILURE ,"mac verify failure"},
-{PKCS12_R_PARSE_ERROR ,"parse error"},
-{PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR ,"pkcs12 algor cipherinit error"},
-{PKCS12_R_PKCS12_CIPHERFINAL_ERROR ,"pkcs12 cipherfinal error"},
-{PKCS12_R_PKCS12_PBE_CRYPT_ERROR ,"pkcs12 pbe crypt error"},
-{PKCS12_R_UNKNOWN_DIGEST_ALGORITHM ,"unknown digest algorithm"},
-{PKCS12_R_UNSUPPORTED_PKCS12_MODE ,"unsupported pkcs12 mode"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_PKCS12_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_functs);
- ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/pkcs12/pkcs12.h b/src/lib/libcrypto/pkcs12/pkcs12.h
deleted file mode 100644
index e529154f26..0000000000
--- a/src/lib/libcrypto/pkcs12/pkcs12.h
+++ /dev/null
@@ -1,345 +0,0 @@
-/* pkcs12.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_PKCS12_H
-#define HEADER_PKCS12_H
-
-#include <openssl/bio.h>
-#include <openssl/x509.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define PKCS12_KEY_ID 1
-#define PKCS12_IV_ID 2
-#define PKCS12_MAC_ID 3
-
-/* Default iteration count */
-#ifndef PKCS12_DEFAULT_ITER
-#define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER
-#endif
-
-#define PKCS12_MAC_KEY_LENGTH 20
-
-#define PKCS12_SALT_LEN 8
-
-/* Uncomment out next line for unicode password and names, otherwise ASCII */
-
-/*#define PBE_UNICODE*/
-
-#ifdef PBE_UNICODE
-#define PKCS12_key_gen PKCS12_key_gen_uni
-#define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
-#else
-#define PKCS12_key_gen PKCS12_key_gen_asc
-#define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
-#endif
-
-/* MS key usage constants */
-
-#define KEY_EX 0x10
-#define KEY_SIG 0x80
-
-typedef struct {
-X509_SIG *dinfo;
-ASN1_OCTET_STRING *salt;
-ASN1_INTEGER *iter; /* defaults to 1 */
-} PKCS12_MAC_DATA;
-
-typedef struct {
-ASN1_INTEGER *version;
-PKCS12_MAC_DATA *mac;
-PKCS7 *authsafes;
-} PKCS12;
-
-PREDECLARE_STACK_OF(PKCS12_SAFEBAG)
-
-typedef struct {
-ASN1_OBJECT *type;
-union {
- struct pkcs12_bag_st *bag; /* secret, crl and certbag */
- struct pkcs8_priv_key_info_st *keybag; /* keybag */
- X509_SIG *shkeybag; /* shrouded key bag */
- STACK_OF(PKCS12_SAFEBAG) *safes;
- ASN1_TYPE *other;
-}value;
-STACK_OF(X509_ATTRIBUTE) *attrib;
-ASN1_TYPE *rest;
-} PKCS12_SAFEBAG;
-
-DECLARE_STACK_OF(PKCS12_SAFEBAG)
-DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG)
-DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG)
-
-typedef struct pkcs12_bag_st {
-ASN1_OBJECT *type;
-union {
- ASN1_OCTET_STRING *x509cert;
- ASN1_OCTET_STRING *x509crl;
- ASN1_OCTET_STRING *octet;
- ASN1_IA5STRING *sdsicert;
- ASN1_TYPE *other; /* Secret or other bag */
-}value;
-} PKCS12_BAGS;
-
-#define PKCS12_ERROR 0
-#define PKCS12_OK 1
-
-#define M_PKCS12_bag_type(bag) OBJ_obj2nid(bag->type)
-#define M_PKCS12_cert_bag_type(bag) OBJ_obj2nid(bag->value.bag->type)
-#define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
-
-#define M_PKCS12_x5092certbag(x509) \
-PKCS12_pack_safebag((char *)(x509), i2d_X509, NID_x509Certificate, NID_certBag)
-
-#define M_PKCS12_x509crl2certbag(crl) \
-PKCS12_pack_safebag((char *)(crl), i2d_X509CRL, NID_x509Crl, NID_crlBag)
-
-#define M_PKCS12_certbag2x509(bg) \
-(X509 *) ASN1_unpack_string((bg)->value.bag->value.octet, \
-(char *(*)())d2i_X509)
-
-#define M_PKCS12_certbag2x509crl(bg) \
-(X509CRL *) ASN1_unpack_string((bg)->value.bag->value.octet, \
-(char *(*)())d2i_X509CRL)
-
-/*#define M_PKCS12_pkcs82rsa(p8) \
-(RSA *) ASN1_unpack_string((p8)->pkey, (char *(*)())d2i_RSAPrivateKey)*/
-
-#define M_PKCS12_unpack_p7data(p7) \
-ASN1_seq_unpack_PKCS12_SAFEBAG((p7)->d.data->data, p7->d.data->length, \
- d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free)
-
-#define M_PKCS12_pack_authsafes(p12, safes) \
-ASN1_seq_pack_PKCS7((safes), i2d_PKCS7,\
- &(p12)->authsafes->d.data->data, &(p12)->authsafes->d.data->length)
-
-#define M_PKCS12_unpack_authsafes(p12) \
-ASN1_seq_unpack_PKCS7((p12)->authsafes->d.data->data, \
- (p12)->authsafes->d.data->length, d2i_PKCS7, PKCS7_free)
-
-#define M_PKCS12_unpack_p7encdata(p7, pass, passlen) \
-PKCS12_decrypt_d2i_PKCS12_SAFEBAG((p7)->d.encrypted->enc_data->algorithm,\
- d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free, \
- (pass), (passlen), \
- (p7)->d.encrypted->enc_data->enc_data, 3)
-
-#define M_PKCS12_decrypt_skey(bag, pass, passlen) \
-(PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i((bag)->value.shkeybag->algor, \
-(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (void (*)(void *))PKCS8_PRIV_KEY_INFO_free, \
- (pass), (passlen), \
- (bag)->value.shkeybag->digest, 2)
-
-#define M_PKCS8_decrypt(p8, pass, passlen) \
-(PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i((p8)->algor, \
-(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (void (*)(void *))PKCS8_PRIV_KEY_INFO_free,\
- (pass), (passlen), (p8)->digest, 2)
-
-#define PKCS12_get_attr(bag, attr_nid) \
- PKCS12_get_attr_gen(bag->attrib, attr_nid)
-
-#define PKCS8_get_attr(p8, attr_nid) \
- PKCS12_get_attr_gen(p8->attributes, attr_nid)
-
-#define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
-
-
-PKCS12_SAFEBAG *PKCS12_pack_safebag(char *obj, int (*i2d)(), int nid1, int nid2);
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
-X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
- const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
- PKCS8_PRIV_KEY_INFO *p8);
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
- int passlen, unsigned char *salt,
- int saltlen, int iter,
- PKCS8_PRIV_KEY_INFO *p8);
-PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
-PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
- STACK_OF(PKCS12_SAFEBAG) *bags);
-int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen);
-int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
- int namelen);
-int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name,
- int namelen);
-int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
-ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
-char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
-unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
- int passlen, unsigned char *in, int inlen,
- unsigned char **data, int *datalen, int en_de);
-char *PKCS12_decrypt_d2i(X509_ALGOR *algor, char *(*d2i)(),
- void (*free_func)(void *), const char *pass, int passlen,
- ASN1_STRING *oct, int seq);
-ASN1_STRING *PKCS12_i2d_encrypt(X509_ALGOR *algor, int (*i2d)(),
- const char *pass, int passlen, char *obj,
- int seq);
-PKCS12 *PKCS12_init(int mode);
-int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
- int saltlen, int id, int iter, int n,
- unsigned char *out, const EVP_MD *md_type);
-int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type);
-int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
- ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md_type,
- int en_de);
-int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
- unsigned char *mac, unsigned int *maclen);
-int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
-int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter,
- EVP_MD *md_type);
-int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
- int saltlen, EVP_MD *md_type);
-unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
-char *uni2asc(unsigned char *uni, int unilen);
-int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **pp);
-PKCS12_BAGS *PKCS12_BAGS_new(void);
-PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, unsigned char **pp, long length);
-void PKCS12_BAGS_free(PKCS12_BAGS *a);
-int i2d_PKCS12(PKCS12 *a, unsigned char **pp);
-PKCS12 *d2i_PKCS12(PKCS12 **a, unsigned char **pp, long length);
-PKCS12 *PKCS12_new(void);
-void PKCS12_free(PKCS12 *a);
-int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **pp);
-PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void);
-PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, unsigned char **pp,
- long length);
-void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a);
-int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **pp);
-PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void);
-PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, unsigned char **pp,
- long length);
-void PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a);
-void ERR_load_PKCS12_strings(void);
-void PKCS12_PBE_add(void);
-int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
- STACK_OF(X509) **ca);
-PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
- STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
- int mac_iter, int keytype);
-int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
-int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
-PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
-PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the PKCS12 functions. */
-
-/* Function codes. */
-#define PKCS12_F_PARSE_BAGS 103
-#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100
-#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127
-#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102
-#define PKCS12_F_PKCS12_ADD_LOCALKEYID 104
-#define PKCS12_F_PKCS12_CREATE 105
-#define PKCS12_F_PKCS12_DECRYPT_D2I 106
-#define PKCS12_F_PKCS12_GEN_MAC 107
-#define PKCS12_F_PKCS12_I2D_ENCRYPT 108
-#define PKCS12_F_PKCS12_INIT 109
-#define PKCS12_F_PKCS12_KEY_GEN_ASC 110
-#define PKCS12_F_PKCS12_KEY_GEN_UNI 111
-#define PKCS12_F_PKCS12_MAKE_KEYBAG 112
-#define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113
-#define PKCS12_F_PKCS12_NEWPASS 128
-#define PKCS12_F_PKCS12_PACK_P7DATA 114
-#define PKCS12_F_PKCS12_PACK_P7ENCDATA 115
-#define PKCS12_F_PKCS12_PACK_SAFEBAG 117
-#define PKCS12_F_PKCS12_PARSE 118
-#define PKCS12_F_PKCS12_PBE_CRYPT 119
-#define PKCS12_F_PKCS12_PBE_KEYIVGEN 120
-#define PKCS12_F_PKCS12_SETUP_MAC 122
-#define PKCS12_F_PKCS12_SET_MAC 123
-#define PKCS12_F_PKCS8_ADD_KEYUSAGE 124
-#define PKCS12_F_PKCS8_ENCRYPT 125
-#define PKCS12_F_VERIFY_MAC 126
-
-/* Reason codes. */
-#define PKCS12_R_CANT_PACK_STRUCTURE 100
-#define PKCS12_R_DECODE_ERROR 101
-#define PKCS12_R_ENCODE_ERROR 102
-#define PKCS12_R_ENCRYPT_ERROR 103
-#define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
-#define PKCS12_R_INVALID_NULL_ARGUMENT 104
-#define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
-#define PKCS12_R_IV_GEN_ERROR 106
-#define PKCS12_R_KEY_GEN_ERROR 107
-#define PKCS12_R_MAC_ABSENT 108
-#define PKCS12_R_MAC_GENERATION_ERROR 109
-#define PKCS12_R_MAC_SETUP_ERROR 110
-#define PKCS12_R_MAC_STRING_SET_ERROR 111
-#define PKCS12_R_MAC_VERIFY_ERROR 112
-#define PKCS12_R_MAC_VERIFY_FAILURE 113
-#define PKCS12_R_PARSE_ERROR 114
-#define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
-#define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116
-#define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117
-#define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
-#define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/pkcs7/pk7_attr.c b/src/lib/libcrypto/pkcs7/pk7_attr.c
deleted file mode 100644
index 6ae264cbf9..0000000000
--- a/src/lib/libcrypto/pkcs7/pk7_attr.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* pk7_attr.c */
-/* S/MIME code.
- * Copyright (C) 1997-8 Dr S N Henson (shenson@bigfoot.com)
- * All Rights Reserved.
- * Redistribution of this code without the authors permission is expressly
- * prohibited.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs7.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-
-int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap)
-{
- ASN1_STRING *seq;
- unsigned char *p, *pp;
- int len;
- len=i2d_ASN1_SET_OF_X509_ALGOR(cap,NULL,i2d_X509_ALGOR,
- V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL,
- IS_SEQUENCE);
- if(!(pp=(unsigned char *)OPENSSL_malloc(len))) {
- PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- p=pp;
- i2d_ASN1_SET_OF_X509_ALGOR(cap,&p,i2d_X509_ALGOR, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);
- if(!(seq = ASN1_STRING_new())) {
- PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if(!ASN1_STRING_set (seq, pp, len)) {
- PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- OPENSSL_free (pp);
- return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities,
- V_ASN1_SEQUENCE, seq);
-}
-
-STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)
-{
- ASN1_TYPE *cap;
- unsigned char *p;
- cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities);
- if (!cap) return NULL;
- p = cap->value.sequence->data;
- return d2i_ASN1_SET_OF_X509_ALGOR(NULL, &p,
- cap->value.sequence->length,
- d2i_X509_ALGOR, X509_ALGOR_free,
- V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
-/* Basic smime-capabilities OID and optional integer arg */
-int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
-{
- X509_ALGOR *alg;
-
- if(!(alg = X509_ALGOR_new())) {
- PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- ASN1_OBJECT_free(alg->algorithm);
- alg->algorithm = OBJ_nid2obj (nid);
- if (arg > 0) {
- ASN1_INTEGER *nbit;
- if(!(alg->parameter = ASN1_TYPE_new())) {
- PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if(!(nbit = ASN1_INTEGER_new())) {
- PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if(!ASN1_INTEGER_set (nbit, arg)) {
- PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- alg->parameter->value.integer = nbit;
- alg->parameter->type = V_ASN1_INTEGER;
- }
- sk_X509_ALGOR_push (sk, alg);
- return 1;
-}
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c
deleted file mode 100644
index bf43d030ad..0000000000
--- a/src/lib/libcrypto/pkcs7/pk7_doit.c
+++ /dev/null
@@ -1,946 +0,0 @@
-/* crypto/pkcs7/pk7_doit.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
- void *value);
-static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid);
-
-BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
- {
- int i,j;
- BIO *out=NULL,*btmp=NULL;
- X509_ALGOR *xa;
- const EVP_MD *evp_md;
- const EVP_CIPHER *evp_cipher=NULL;
- STACK_OF(X509_ALGOR) *md_sk=NULL;
- STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
- X509_ALGOR *xalg=NULL;
- PKCS7_RECIP_INFO *ri=NULL;
- EVP_PKEY *pkey;
-
- i=OBJ_obj2nid(p7->type);
- p7->state=PKCS7_S_HEADER;
-
- switch (i)
- {
- case NID_pkcs7_signed:
- md_sk=p7->d.sign->md_algs;
- break;
- case NID_pkcs7_signedAndEnveloped:
- rsk=p7->d.signed_and_enveloped->recipientinfo;
- md_sk=p7->d.signed_and_enveloped->md_algs;
- xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
- evp_cipher=p7->d.signed_and_enveloped->enc_data->cipher;
- if (evp_cipher == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT,
- PKCS7_R_CIPHER_NOT_INITIALIZED);
- goto err;
- }
- break;
- case NID_pkcs7_enveloped:
- rsk=p7->d.enveloped->recipientinfo;
- xalg=p7->d.enveloped->enc_data->algorithm;
- evp_cipher=p7->d.enveloped->enc_data->cipher;
- if (evp_cipher == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT,
- PKCS7_R_CIPHER_NOT_INITIALIZED);
- goto err;
- }
- break;
- default:
- PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
- goto err;
- }
-
- if (md_sk != NULL)
- {
- for (i=0; i<sk_X509_ALGOR_num(md_sk); i++)
- {
- xa=sk_X509_ALGOR_value(md_sk,i);
- if ((btmp=BIO_new(BIO_f_md())) == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_BIO_LIB);
- goto err;
- }
-
- j=OBJ_obj2nid(xa->algorithm);
- evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
- if (evp_md == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);
- goto err;
- }
-
- BIO_set_md(btmp,evp_md);
- if (out == NULL)
- out=btmp;
- else
- BIO_push(out,btmp);
- btmp=NULL;
- }
- }
-
- if (evp_cipher != NULL)
- {
- unsigned char key[EVP_MAX_KEY_LENGTH];
- unsigned char iv[EVP_MAX_IV_LENGTH];
- int keylen,ivlen;
- int jj,max;
- unsigned char *tmp;
- EVP_CIPHER_CTX *ctx;
-
- if ((btmp=BIO_new(BIO_f_cipher())) == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_BIO_LIB);
- goto err;
- }
- BIO_get_cipher_ctx(btmp, &ctx);
- keylen=EVP_CIPHER_key_length(evp_cipher);
- ivlen=EVP_CIPHER_iv_length(evp_cipher);
- if (RAND_bytes(key,keylen) <= 0)
- goto err;
- xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
- if (ivlen > 0) RAND_pseudo_bytes(iv,ivlen);
- EVP_CipherInit(ctx, evp_cipher, key, iv, 1);
-
- if (ivlen > 0) {
- if (xalg->parameter == NULL)
- xalg->parameter=ASN1_TYPE_new();
- if(EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
- goto err;
- }
-
- /* Lets do the pub key stuff :-) */
- max=0;
- for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
- {
- ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
- if (ri->cert == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_MISSING_CERIPEND_INFO);
- goto err;
- }
- pkey=X509_get_pubkey(ri->cert);
- jj=EVP_PKEY_size(pkey);
- EVP_PKEY_free(pkey);
- if (max < jj) max=jj;
- }
- if ((tmp=(unsigned char *)OPENSSL_malloc(max)) == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
- {
- ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
- pkey=X509_get_pubkey(ri->cert);
- jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey);
- EVP_PKEY_free(pkey);
- if (jj <= 0)
- {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_EVP_LIB);
- OPENSSL_free(tmp);
- goto err;
- }
- M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj);
- }
- OPENSSL_free(tmp);
- memset(key, 0, keylen);
-
- if (out == NULL)
- out=btmp;
- else
- BIO_push(out,btmp);
- btmp=NULL;
- }
-
- if (bio == NULL) {
- if (p7->detached)
- bio=BIO_new(BIO_s_null());
- else {
- if (PKCS7_type_is_signed(p7) &&
- PKCS7_type_is_data(p7->d.sign->contents)) {
- ASN1_OCTET_STRING *os;
- os=p7->d.sign->contents->d.data;
- if (os->length > 0) bio =
- BIO_new_mem_buf(os->data, os->length);
- }
- if(bio == NULL) {
- bio=BIO_new(BIO_s_mem());
- BIO_set_mem_eof_return(bio,0);
- }
- }
- }
- BIO_push(out,bio);
- bio=NULL;
- if (0)
- {
-err:
- if (out != NULL)
- BIO_free_all(out);
- if (btmp != NULL)
- BIO_free_all(btmp);
- out=NULL;
- }
- return(out);
- }
-
-/* int */
-BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
- {
- int i,j;
- BIO *out=NULL,*btmp=NULL,*etmp=NULL,*bio=NULL;
- unsigned char *tmp=NULL;
- X509_ALGOR *xa;
- ASN1_OCTET_STRING *data_body=NULL;
- const EVP_MD *evp_md;
- const EVP_CIPHER *evp_cipher=NULL;
- EVP_CIPHER_CTX *evp_ctx=NULL;
- X509_ALGOR *enc_alg=NULL;
- STACK_OF(X509_ALGOR) *md_sk=NULL;
- STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
- X509_ALGOR *xalg=NULL;
- PKCS7_RECIP_INFO *ri=NULL;
-
- i=OBJ_obj2nid(p7->type);
- p7->state=PKCS7_S_HEADER;
-
- switch (i)
- {
- case NID_pkcs7_signed:
- data_body=p7->d.sign->contents->d.data;
- md_sk=p7->d.sign->md_algs;
- break;
- case NID_pkcs7_signedAndEnveloped:
- rsk=p7->d.signed_and_enveloped->recipientinfo;
- md_sk=p7->d.signed_and_enveloped->md_algs;
- data_body=p7->d.signed_and_enveloped->enc_data->enc_data;
- enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm;
- evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));
- if (evp_cipher == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
- goto err;
- }
- xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
- break;
- case NID_pkcs7_enveloped:
- rsk=p7->d.enveloped->recipientinfo;
- enc_alg=p7->d.enveloped->enc_data->algorithm;
- data_body=p7->d.enveloped->enc_data->enc_data;
- evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));
- if (evp_cipher == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
- goto err;
- }
- xalg=p7->d.enveloped->enc_data->algorithm;
- break;
- default:
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
- goto err;
- }
-
- /* We will be checking the signature */
- if (md_sk != NULL)
- {
- for (i=0; i<sk_X509_ALGOR_num(md_sk); i++)
- {
- xa=sk_X509_ALGOR_value(md_sk,i);
- if ((btmp=BIO_new(BIO_f_md())) == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_BIO_LIB);
- goto err;
- }
-
- j=OBJ_obj2nid(xa->algorithm);
- evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
- if (evp_md == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNKNOWN_DIGEST_TYPE);
- goto err;
- }
-
- BIO_set_md(btmp,evp_md);
- if (out == NULL)
- out=btmp;
- else
- BIO_push(out,btmp);
- btmp=NULL;
- }
- }
-
- if (evp_cipher != NULL)
- {
-#if 0
- unsigned char key[EVP_MAX_KEY_LENGTH];
- unsigned char iv[EVP_MAX_IV_LENGTH];
- unsigned char *p;
- int keylen,ivlen;
- int max;
- X509_OBJECT ret;
-#endif
- int jj;
-
- if ((etmp=BIO_new(BIO_f_cipher())) == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_BIO_LIB);
- goto err;
- }
-
- /* It was encrypted, we need to decrypt the secret key
- * with the private key */
-
- /* Find the recipientInfo which matches the passed certificate
- * (if any)
- */
-
- for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++) {
- ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
- if(!X509_NAME_cmp(ri->issuer_and_serial->issuer,
- pcert->cert_info->issuer) &&
- !M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber,
- ri->issuer_and_serial->serial)) break;
- ri=NULL;
- }
- if (ri == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,
- PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
- goto err;
- }
-
- jj=EVP_PKEY_size(pkey);
- tmp=(unsigned char *)OPENSSL_malloc(jj+10);
- if (tmp == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- jj=EVP_PKEY_decrypt(tmp, M_ASN1_STRING_data(ri->enc_key),
- M_ASN1_STRING_length(ri->enc_key), pkey);
- if (jj <= 0)
- {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_EVP_LIB);
- goto err;
- }
-
- evp_ctx=NULL;
- BIO_get_cipher_ctx(etmp,&evp_ctx);
- EVP_CipherInit(evp_ctx,evp_cipher,NULL,NULL,0);
- if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0)
- goto err;
-
- if (jj != EVP_CIPHER_CTX_key_length(evp_ctx)) {
- /* Some S/MIME clients don't use the same key
- * and effective key length. The key length is
- * determined by the size of the decrypted RSA key.
- */
- if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, jj))
- {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,
- PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH);
- goto err;
- }
- }
- EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0);
-
- memset(tmp,0,jj);
-
- if (out == NULL)
- out=etmp;
- else
- BIO_push(out,etmp);
- etmp=NULL;
- }
-
-#if 1
- if (p7->detached || (in_bio != NULL))
- {
- bio=in_bio;
- }
- else
- {
-#if 0
- bio=BIO_new(BIO_s_mem());
- /* We need to set this so that when we have read all
- * the data, the encrypt BIO, if present, will read
- * EOF and encode the last few bytes */
- BIO_set_mem_eof_return(bio,0);
-
- if (data_body->length > 0)
- BIO_write(bio,(char *)data_body->data,data_body->length);
-#else
- if (data_body->length > 0)
- bio = BIO_new_mem_buf(data_body->data,data_body->length);
- else {
- bio=BIO_new(BIO_s_mem());
- BIO_set_mem_eof_return(bio,0);
- }
-#endif
- }
- BIO_push(out,bio);
- bio=NULL;
-#endif
- if (0)
- {
-err:
- if (out != NULL) BIO_free_all(out);
- if (btmp != NULL) BIO_free_all(btmp);
- if (etmp != NULL) BIO_free_all(etmp);
- if (bio != NULL) BIO_free_all(bio);
- out=NULL;
- }
- if (tmp != NULL)
- OPENSSL_free(tmp);
- return(out);
- }
-
-int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
- {
- int ret=0;
- int i,j;
- BIO *btmp;
- BUF_MEM *buf_mem=NULL;
- BUF_MEM *buf=NULL;
- PKCS7_SIGNER_INFO *si;
- EVP_MD_CTX *mdc,ctx_tmp;
- STACK_OF(X509_ATTRIBUTE) *sk;
- STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL;
- unsigned char *p,*pp=NULL;
- int x;
- ASN1_OCTET_STRING *os=NULL;
-
- i=OBJ_obj2nid(p7->type);
- p7->state=PKCS7_S_HEADER;
-
- switch (i)
- {
- case NID_pkcs7_signedAndEnveloped:
- /* XXXXXXXXXXXXXXXX */
- si_sk=p7->d.signed_and_enveloped->signer_info;
- os=M_ASN1_OCTET_STRING_new();
- p7->d.signed_and_enveloped->enc_data->enc_data=os;
- break;
- case NID_pkcs7_enveloped:
- /* XXXXXXXXXXXXXXXX */
- os=M_ASN1_OCTET_STRING_new();
- p7->d.enveloped->enc_data->enc_data=os;
- break;
- case NID_pkcs7_signed:
- si_sk=p7->d.sign->signer_info;
- os=p7->d.sign->contents->d.data;
- /* If detached data then the content is excluded */
- if(p7->detached) {
- M_ASN1_OCTET_STRING_free(os);
- p7->d.sign->contents->d.data = NULL;
- }
- break;
- }
-
- if (si_sk != NULL)
- {
- if ((buf=BUF_MEM_new()) == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
- goto err;
- }
- for (i=0; i<sk_PKCS7_SIGNER_INFO_num(si_sk); i++)
- {
- si=sk_PKCS7_SIGNER_INFO_value(si_sk,i);
- if (si->pkey == NULL) continue;
-
- j=OBJ_obj2nid(si->digest_alg->algorithm);
-
- btmp=bio;
- for (;;)
- {
- if ((btmp=BIO_find_type(btmp,BIO_TYPE_MD))
- == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
- goto err;
- }
- BIO_get_md_ctx(btmp,&mdc);
- if (mdc == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_INTERNAL_ERROR);
- goto err;
- }
- if (EVP_MD_CTX_type(mdc) == j)
- break;
- else
- btmp=BIO_next(btmp);
- }
-
- /* We now have the EVP_MD_CTX, lets do the
- * signing. */
- memcpy(&ctx_tmp,mdc,sizeof(ctx_tmp));
- if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey)))
- {
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
- goto err;
- }
-
- sk=si->auth_attr;
-
- /* If there are attributes, we add the digest
- * attribute and only sign the attributes */
- if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
- {
- unsigned char md_data[EVP_MAX_MD_SIZE];
- unsigned int md_len;
- ASN1_OCTET_STRING *digest;
- ASN1_UTCTIME *sign_time;
- const EVP_MD *md_tmp;
-
- /* Add signing time */
- sign_time=X509_gmtime_adj(NULL,0);
- PKCS7_add_signed_attribute(si,
- NID_pkcs9_signingTime,
- V_ASN1_UTCTIME,sign_time);
-
- /* Add digest */
- md_tmp=EVP_MD_CTX_md(&ctx_tmp);
- EVP_DigestFinal(&ctx_tmp,md_data,&md_len);
- digest=M_ASN1_OCTET_STRING_new();
- M_ASN1_OCTET_STRING_set(digest,md_data,md_len);
- PKCS7_add_signed_attribute(si,
- NID_pkcs9_messageDigest,
- V_ASN1_OCTET_STRING,digest);
-
- /* Now sign the mess */
- EVP_SignInit(&ctx_tmp,md_tmp);
- x=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL,
- i2d_X509_ATTRIBUTE,
- V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
- pp=(unsigned char *)OPENSSL_malloc(x);
- p=pp;
- i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p,
- i2d_X509_ATTRIBUTE,
- V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
- EVP_SignUpdate(&ctx_tmp,pp,x);
- OPENSSL_free(pp);
- pp=NULL;
- }
-
-#ifndef NO_DSA
- if (si->pkey->type == EVP_PKEY_DSA)
- ctx_tmp.digest=EVP_dss1();
-#endif
-
- if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data,
- (unsigned int *)&buf->length,si->pkey))
- {
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_EVP_LIB);
- goto err;
- }
- if (!ASN1_STRING_set(si->enc_digest,
- (unsigned char *)buf->data,buf->length))
- {
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_ASN1_LIB);
- goto err;
- }
- }
- }
-
- if (!p7->detached)
- {
- btmp=BIO_find_type(bio,BIO_TYPE_MEM);
- if (btmp == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
- goto err;
- }
- BIO_get_mem_ptr(btmp,&buf_mem);
- /* Mark the BIO read only then we can use its copy of the data
- * instead of making an extra copy.
- */
- BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
- BIO_set_mem_eof_return(btmp, 0);
- os->data = (unsigned char *)buf_mem->data;
- os->length = buf_mem->length;
-#if 0
- M_ASN1_OCTET_STRING_set(os,
- (unsigned char *)buf_mem->data,buf_mem->length);
-#endif
- }
- if (pp != NULL) OPENSSL_free(pp);
- pp=NULL;
-
- ret=1;
-err:
- if (buf != NULL) BUF_MEM_free(buf);
- return(ret);
- }
-
-int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
- PKCS7 *p7, PKCS7_SIGNER_INFO *si)
- {
- PKCS7_ISSUER_AND_SERIAL *ias;
- int ret=0,i;
- STACK_OF(X509) *cert;
- X509 *x509;
-
- if (PKCS7_type_is_signed(p7))
- {
- cert=p7->d.sign->cert;
- }
- else if (PKCS7_type_is_signedAndEnveloped(p7))
- {
- cert=p7->d.signed_and_enveloped->cert;
- }
- else
- {
- PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_WRONG_PKCS7_TYPE);
- goto err;
- }
- /* XXXXXXXXXXXXXXXXXXXXXXX */
- ias=si->issuer_and_serial;
-
- x509=X509_find_by_issuer_and_serial(cert,ias->issuer,ias->serial);
-
- /* were we able to find the cert in passed to us */
- if (x509 == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
- goto err;
- }
-
- /* Lets verify */
- X509_STORE_CTX_init(ctx,cert_store,x509,cert);
- X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
- i=X509_verify_cert(ctx);
- if (i <= 0)
- {
- PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,ERR_R_X509_LIB);
- X509_STORE_CTX_cleanup(ctx);
- goto err;
- }
- X509_STORE_CTX_cleanup(ctx);
-
- return PKCS7_signatureVerify(bio, p7, si, x509);
- err:
- return ret;
- }
-
-int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
- X509 *x509)
- {
- ASN1_OCTET_STRING *os;
- EVP_MD_CTX mdc_tmp,*mdc;
- unsigned char *pp,*p;
- int ret=0,i;
- int md_type;
- STACK_OF(X509_ATTRIBUTE) *sk;
- BIO *btmp;
- EVP_PKEY *pkey;
-
- if (!PKCS7_type_is_signed(p7) &&
- !PKCS7_type_is_signedAndEnveloped(p7)) {
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
- PKCS7_R_WRONG_PKCS7_TYPE);
- goto err;
- }
-
- md_type=OBJ_obj2nid(si->digest_alg->algorithm);
-
- btmp=bio;
- for (;;)
- {
- if ((btmp == NULL) ||
- ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) == NULL))
- {
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
- PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
- goto err;
- }
- BIO_get_md_ctx(btmp,&mdc);
- if (mdc == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
- PKCS7_R_INTERNAL_ERROR);
- goto err;
- }
- if (EVP_MD_CTX_type(mdc) == md_type)
- break;
- btmp=BIO_next(btmp);
- }
-
- /* mdc is the digest ctx that we want, unless there are attributes,
- * in which case the digest is the signed attributes */
- memcpy(&mdc_tmp,mdc,sizeof(mdc_tmp));
-
- sk=si->auth_attr;
- if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
- {
- unsigned char md_dat[EVP_MAX_MD_SIZE];
- unsigned int md_len;
- ASN1_OCTET_STRING *message_digest;
-
- EVP_DigestFinal(&mdc_tmp,md_dat,&md_len);
- message_digest=PKCS7_digest_from_attributes(sk);
- if (!message_digest)
- {
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
- PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
- goto err;
- }
- if ((message_digest->length != (int)md_len) ||
- (memcmp(message_digest->data,md_dat,md_len)))
- {
-#if 0
-{
-int ii;
-for (ii=0; ii<message_digest->length; ii++)
- printf("%02X",message_digest->data[ii]); printf(" sent\n");
-for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
-}
-#endif
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
- PKCS7_R_DIGEST_FAILURE);
- ret= -1;
- goto err;
- }
-
- EVP_VerifyInit(&mdc_tmp,EVP_get_digestbynid(md_type));
- /* Note: when forming the encoding of the attributes we
- * shouldn't reorder them or this will break the signature.
- * This is done by using the IS_SEQUENCE flag.
- */
- i=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL,i2d_X509_ATTRIBUTE,
- V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE);
- pp=OPENSSL_malloc(i);
- p=pp;
- i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p,i2d_X509_ATTRIBUTE,
- V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE);
- EVP_VerifyUpdate(&mdc_tmp,pp,i);
-
- OPENSSL_free(pp);
- }
-
- os=si->enc_digest;
- pkey = X509_get_pubkey(x509);
- if (!pkey)
- {
- ret = -1;
- goto err;
- }
-#ifndef NO_DSA
- if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1();
-#endif
-
- i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey);
- EVP_PKEY_free(pkey);
- if (i <= 0)
- {
- PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
- PKCS7_R_SIGNATURE_FAILURE);
- ret= -1;
- goto err;
- }
- else
- ret=1;
-err:
- return(ret);
- }
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
- {
- STACK_OF(PKCS7_RECIP_INFO) *rsk;
- PKCS7_RECIP_INFO *ri;
- int i;
-
- i=OBJ_obj2nid(p7->type);
- if (i != NID_pkcs7_signedAndEnveloped) return(NULL);
- rsk=p7->d.signed_and_enveloped->recipientinfo;
- ri=sk_PKCS7_RECIP_INFO_value(rsk,0);
- if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return(NULL);
- ri=sk_PKCS7_RECIP_INFO_value(rsk,idx);
- return(ri->issuer_and_serial);
- }
-
-ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid)
- {
- return(get_attribute(si->auth_attr,nid));
- }
-
-ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid)
- {
- return(get_attribute(si->unauth_attr,nid));
- }
-
-static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
- {
- int i;
- X509_ATTRIBUTE *xa;
- ASN1_OBJECT *o;
-
- o=OBJ_nid2obj(nid);
- if (!o || !sk) return(NULL);
- for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
- {
- xa=sk_X509_ATTRIBUTE_value(sk,i);
- if (OBJ_cmp(xa->object,o) == 0)
- {
- if (xa->set && sk_ASN1_TYPE_num(xa->value.set))
- return(sk_ASN1_TYPE_value(xa->value.set,0));
- else
- return(NULL);
- }
- }
- return(NULL);
- }
-
-ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)
-{
- ASN1_TYPE *astype;
- if(!(astype = get_attribute(sk, NID_pkcs9_messageDigest))) return NULL;
- return astype->value.octet_string;
-}
-
-int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
- STACK_OF(X509_ATTRIBUTE) *sk)
- {
- int i;
-
- if (p7si->auth_attr != NULL)
- sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,X509_ATTRIBUTE_free);
- p7si->auth_attr=sk_X509_ATTRIBUTE_dup(sk);
- for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
- {
- if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr,i,
- X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk,i))))
- == NULL)
- return(0);
- }
- return(1);
- }
-
-int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk)
- {
- int i;
-
- if (p7si->unauth_attr != NULL)
- sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr,
- X509_ATTRIBUTE_free);
- p7si->unauth_attr=sk_X509_ATTRIBUTE_dup(sk);
- for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
- {
- if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr,i,
- X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk,i))))
- == NULL)
- return(0);
- }
- return(1);
- }
-
-int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
- void *value)
- {
- return(add_attribute(&(p7si->auth_attr),nid,atrtype,value));
- }
-
-int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
- void *value)
- {
- return(add_attribute(&(p7si->unauth_attr),nid,atrtype,value));
- }
-
-static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
- void *value)
- {
- X509_ATTRIBUTE *attr=NULL;
-
- if (*sk == NULL)
- {
- *sk = sk_X509_ATTRIBUTE_new_null();
-new_attrib:
- attr=X509_ATTRIBUTE_create(nid,atrtype,value);
- sk_X509_ATTRIBUTE_push(*sk,attr);
- }
- else
- {
- int i;
-
- for (i=0; i<sk_X509_ATTRIBUTE_num(*sk); i++)
- {
- attr=sk_X509_ATTRIBUTE_value(*sk,i);
- if (OBJ_obj2nid(attr->object) == nid)
- {
- X509_ATTRIBUTE_free(attr);
- attr=X509_ATTRIBUTE_create(nid,atrtype,value);
- sk_X509_ATTRIBUTE_set(*sk,i,attr);
- goto end;
- }
- }
- goto new_attrib;
- }
-end:
- return(1);
- }
-
diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c
deleted file mode 100644
index 45973fe850..0000000000
--- a/src/lib/libcrypto/pkcs7/pk7_lib.c
+++ /dev/null
@@ -1,469 +0,0 @@
-/* crypto/pkcs7/pk7_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
- {
- int nid;
- long ret;
-
- nid=OBJ_obj2nid(p7->type);
-
- switch (cmd)
- {
- case PKCS7_OP_SET_DETACHED_SIGNATURE:
- if (nid == NID_pkcs7_signed)
- {
- ret=p7->detached=(int)larg;
- }
- else
- {
- PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
- ret=0;
- }
- break;
- case PKCS7_OP_GET_DETACHED_SIGNATURE:
- if (nid == NID_pkcs7_signed)
- {
- ret=p7->detached;
- }
- else
- {
- PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
- ret=0;
- }
-
- break;
- default:
- PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_UNKNOWN_OPERATION);
- ret=0;
- }
- return(ret);
- }
-
-int PKCS7_content_new(PKCS7 *p7, int type)
- {
- PKCS7 *ret=NULL;
-
- if ((ret=PKCS7_new()) == NULL) goto err;
- if (!PKCS7_set_type(ret,type)) goto err;
- if (!PKCS7_set_content(p7,ret)) goto err;
-
- return(1);
-err:
- if (ret != NULL) PKCS7_free(ret);
- return(0);
- }
-
-int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data)
- {
- int i;
-
- i=OBJ_obj2nid(p7->type);
- switch (i)
- {
- case NID_pkcs7_signed:
- if (p7->d.sign->contents != NULL)
- PKCS7_free(p7->d.sign->contents);
- p7->d.sign->contents=p7_data;
- break;
- case NID_pkcs7_digest:
- case NID_pkcs7_data:
- case NID_pkcs7_enveloped:
- case NID_pkcs7_signedAndEnveloped:
- case NID_pkcs7_encrypted:
- default:
- PKCS7err(PKCS7_F_PKCS7_SET_CONTENT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
- goto err;
- }
- return(1);
-err:
- return(0);
- }
-
-int PKCS7_set_type(PKCS7 *p7, int type)
- {
- ASN1_OBJECT *obj;
-
- PKCS7_content_free(p7);
- obj=OBJ_nid2obj(type); /* will not fail */
-
- switch (type)
- {
- case NID_pkcs7_signed:
- p7->type=obj;
- if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL)
- goto err;
- ASN1_INTEGER_set(p7->d.sign->version,1);
- break;
- case NID_pkcs7_data:
- p7->type=obj;
- if ((p7->d.data=M_ASN1_OCTET_STRING_new()) == NULL)
- goto err;
- break;
- case NID_pkcs7_signedAndEnveloped:
- p7->type=obj;
- if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new())
- == NULL) goto err;
- ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1);
- break;
- case NID_pkcs7_enveloped:
- p7->type=obj;
- if ((p7->d.enveloped=PKCS7_ENVELOPE_new())
- == NULL) goto err;
- ASN1_INTEGER_set(p7->d.enveloped->version,0);
- break;
- case NID_pkcs7_encrypted:
- p7->type=obj;
- if ((p7->d.encrypted=PKCS7_ENCRYPT_new())
- == NULL) goto err;
- ASN1_INTEGER_set(p7->d.encrypted->version,0);
- break;
-
- case NID_pkcs7_digest:
- default:
- PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
- goto err;
- }
- return(1);
-err:
- return(0);
- }
-
-int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
- {
- int i,j,nid;
- X509_ALGOR *alg;
- STACK_OF(PKCS7_SIGNER_INFO) *signer_sk;
- STACK_OF(X509_ALGOR) *md_sk;
-
- i=OBJ_obj2nid(p7->type);
- switch (i)
- {
- case NID_pkcs7_signed:
- signer_sk= p7->d.sign->signer_info;
- md_sk= p7->d.sign->md_algs;
- break;
- case NID_pkcs7_signedAndEnveloped:
- signer_sk= p7->d.signed_and_enveloped->signer_info;
- md_sk= p7->d.signed_and_enveloped->md_algs;
- break;
- default:
- PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
- return(0);
- }
-
- nid=OBJ_obj2nid(psi->digest_alg->algorithm);
-
- /* If the digest is not currently listed, add it */
- j=0;
- for (i=0; i<sk_X509_ALGOR_num(md_sk); i++)
- {
- alg=sk_X509_ALGOR_value(md_sk,i);
- if (OBJ_obj2nid(alg->algorithm) == nid)
- {
- j=1;
- break;
- }
- }
- if (!j) /* we need to add another algorithm */
- {
- if(!(alg=X509_ALGOR_new())
- || !(alg->parameter = ASN1_TYPE_new())) {
- PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- alg->algorithm=OBJ_nid2obj(nid);
- alg->parameter->type = V_ASN1_NULL;
- sk_X509_ALGOR_push(md_sk,alg);
- }
-
- sk_PKCS7_SIGNER_INFO_push(signer_sk,psi);
- return(1);
- }
-
-int PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
- {
- int i;
- STACK_OF(X509) **sk;
-
- i=OBJ_obj2nid(p7->type);
- switch (i)
- {
- case NID_pkcs7_signed:
- sk= &(p7->d.sign->cert);
- break;
- case NID_pkcs7_signedAndEnveloped:
- sk= &(p7->d.signed_and_enveloped->cert);
- break;
- default:
- PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYPE);
- return(0);
- }
-
- if (*sk == NULL)
- *sk=sk_X509_new_null();
- CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
- sk_X509_push(*sk,x509);
- return(1);
- }
-
-int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
- {
- int i;
- STACK_OF(X509_CRL) **sk;
-
- i=OBJ_obj2nid(p7->type);
- switch (i)
- {
- case NID_pkcs7_signed:
- sk= &(p7->d.sign->crl);
- break;
- case NID_pkcs7_signedAndEnveloped:
- sk= &(p7->d.signed_and_enveloped->crl);
- break;
- default:
- PKCS7err(PKCS7_F_PKCS7_ADD_CRL,PKCS7_R_WRONG_CONTENT_TYPE);
- return(0);
- }
-
- if (*sk == NULL)
- *sk=sk_X509_CRL_new_null();
-
- CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL);
- sk_X509_CRL_push(*sk,crl);
- return(1);
- }
-
-int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
- EVP_MD *dgst)
- {
- char is_dsa;
- if (pkey->type == EVP_PKEY_DSA) is_dsa = 1;
- else is_dsa = 0;
- /* We now need to add another PKCS7_SIGNER_INFO entry */
- ASN1_INTEGER_set(p7i->version,1);
- X509_NAME_set(&p7i->issuer_and_serial->issuer,
- X509_get_issuer_name(x509));
-
- /* because ASN1_INTEGER_set is used to set a 'long' we will do
- * things the ugly way. */
- M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
- p7i->issuer_and_serial->serial=
- M_ASN1_INTEGER_dup(X509_get_serialNumber(x509));
-
- /* lets keep the pkey around for a while */
- CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
- p7i->pkey=pkey;
-
- /* Set the algorithms */
- if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1);
- else
- p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst));
-
- if (p7i->digest_alg->parameter != NULL)
- ASN1_TYPE_free(p7i->digest_alg->parameter);
- if ((p7i->digest_alg->parameter=ASN1_TYPE_new()) == NULL)
- goto err;
- p7i->digest_alg->parameter->type=V_ASN1_NULL;
-
- p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_PKEY_type(pkey->type));
-
- if (p7i->digest_enc_alg->parameter != NULL)
- ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
- if(is_dsa) p7i->digest_enc_alg->parameter = NULL;
- else {
- if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
- goto err;
- p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
- }
-
- return(1);
-err:
- return(0);
- }
-
-PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey,
- EVP_MD *dgst)
- {
- PKCS7_SIGNER_INFO *si;
-
- if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err;
- if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err;
- if (!PKCS7_add_signer(p7,si)) goto err;
- return(si);
-err:
- return(NULL);
- }
-
-STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7)
- {
- if (PKCS7_type_is_signed(p7))
- {
- return(p7->d.sign->signer_info);
- }
- else if (PKCS7_type_is_signedAndEnveloped(p7))
- {
- return(p7->d.signed_and_enveloped->signer_info);
- }
- else
- return(NULL);
- }
-
-PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509)
- {
- PKCS7_RECIP_INFO *ri;
-
- if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err;
- if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err;
- if (!PKCS7_add_recipient_info(p7,ri)) goto err;
- return(ri);
-err:
- return(NULL);
- }
-
-int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri)
- {
- int i;
- STACK_OF(PKCS7_RECIP_INFO) *sk;
-
- i=OBJ_obj2nid(p7->type);
- switch (i)
- {
- case NID_pkcs7_signedAndEnveloped:
- sk= p7->d.signed_and_enveloped->recipientinfo;
- break;
- case NID_pkcs7_enveloped:
- sk= p7->d.enveloped->recipientinfo;
- break;
- default:
- PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE);
- return(0);
- }
-
- sk_PKCS7_RECIP_INFO_push(sk,ri);
- return(1);
- }
-
-int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
- {
- ASN1_INTEGER_set(p7i->version,0);
- X509_NAME_set(&p7i->issuer_and_serial->issuer,
- X509_get_issuer_name(x509));
-
- M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
- p7i->issuer_and_serial->serial=
- M_ASN1_INTEGER_dup(X509_get_serialNumber(x509));
-
- X509_ALGOR_free(p7i->key_enc_algor);
- p7i->key_enc_algor=(X509_ALGOR *)ASN1_dup(i2d_X509_ALGOR,
- (char *(*)())d2i_X509_ALGOR,
- (char *)x509->cert_info->key->algor);
-
- CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
- p7i->cert=x509;
-
- return(1);
- }
-
-X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
- {
- if (PKCS7_type_is_signed(p7))
- return(X509_find_by_issuer_and_serial(p7->d.sign->cert,
- si->issuer_and_serial->issuer,
- si->issuer_and_serial->serial));
- else
- return(NULL);
- }
-
-int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
- {
- int i;
- ASN1_OBJECT *objtmp;
- PKCS7_ENC_CONTENT *ec;
-
- i=OBJ_obj2nid(p7->type);
- switch (i)
- {
- case NID_pkcs7_signedAndEnveloped:
- ec=p7->d.signed_and_enveloped->enc_data;
- break;
- case NID_pkcs7_enveloped:
- ec=p7->d.enveloped->enc_data;
- break;
- default:
- PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE);
- return(0);
- }
-
- /* Check cipher OID exists and has data in it*/
- i = EVP_CIPHER_type(cipher);
- if(i == NID_undef) {
- PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
- return(0);
- }
- objtmp = OBJ_nid2obj(i);
-
- ec->cipher = cipher;
- return 1;
- }
-
diff --git a/src/lib/libcrypto/pkcs7/pk7_mime.c b/src/lib/libcrypto/pkcs7/pk7_mime.c
deleted file mode 100644
index 086d394270..0000000000
--- a/src/lib/libcrypto/pkcs7/pk7_mime.c
+++ /dev/null
@@ -1,685 +0,0 @@
-/* pk7_mime.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-
-/* MIME and related routines */
-
-/* MIME format structures
- * Note that all are translated to lower case apart from
- * parameter values. Quotes are stripped off
- */
-
-typedef struct {
-char *param_name; /* Param name e.g. "micalg" */
-char *param_value; /* Param value e.g. "sha1" */
-} MIME_PARAM;
-
-DECLARE_STACK_OF(MIME_PARAM)
-IMPLEMENT_STACK_OF(MIME_PARAM)
-
-typedef struct {
-char *name; /* Name of line e.g. "content-type" */
-char *value; /* Value of line e.g. "text/plain" */
-STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */
-} MIME_HEADER;
-
-DECLARE_STACK_OF(MIME_HEADER)
-IMPLEMENT_STACK_OF(MIME_HEADER)
-
-static int B64_write_PKCS7(BIO *bio, PKCS7 *p7);
-static PKCS7 *B64_read_PKCS7(BIO *bio);
-static char * strip_ends(char *name);
-static char * strip_start(char *name);
-static char * strip_end(char *name);
-static MIME_HEADER *mime_hdr_new(char *name, char *value);
-static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value);
-static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio);
-static int mime_hdr_cmp(const MIME_HEADER * const *a,
- const MIME_HEADER * const *b);
-static int mime_param_cmp(const MIME_PARAM * const *a,
- const MIME_PARAM * const *b);
-static void mime_param_free(MIME_PARAM *param);
-static int mime_bound_check(char *line, int linelen, char *bound, int blen);
-static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret);
-static int iscrlf(char c);
-static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name);
-static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name);
-static void mime_hdr_free(MIME_HEADER *hdr);
-
-#define MAX_SMLEN 1024
-#define mime_debug(x) /* x */
-
-
-typedef void (*stkfree)();
-
-/* Base 64 read and write of PKCS#7 structure */
-
-static int B64_write_PKCS7(BIO *bio, PKCS7 *p7)
-{
- BIO *b64;
- if(!(b64 = BIO_new(BIO_f_base64()))) {
- PKCS7err(PKCS7_F_B64_WRITE_PKCS7,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- bio = BIO_push(b64, bio);
- i2d_PKCS7_bio(bio, p7);
- BIO_flush(bio);
- bio = BIO_pop(bio);
- BIO_free(b64);
- return 1;
-}
-
-static PKCS7 *B64_read_PKCS7(BIO *bio)
-{
- BIO *b64;
- PKCS7 *p7;
- if(!(b64 = BIO_new(BIO_f_base64()))) {
- PKCS7err(PKCS7_F_B64_READ_PKCS7,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- bio = BIO_push(b64, bio);
- if(!(p7 = d2i_PKCS7_bio(bio, NULL)))
- PKCS7err(PKCS7_F_B64_READ_PKCS7,PKCS7_R_DECODE_ERROR);
- BIO_flush(bio);
- bio = BIO_pop(bio);
- BIO_free(b64);
- return p7;
-}
-
-/* SMIME sender */
-
-int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
-{
- char linebuf[MAX_SMLEN];
- char bound[33], c;
- int i;
- if((flags & PKCS7_DETACHED) && data) {
- /* We want multipart/signed */
- /* Generate a random boundary */
- RAND_pseudo_bytes((unsigned char *)bound, 32);
- for(i = 0; i < 32; i++) {
- c = bound[i] & 0xf;
- if(c < 10) c += '0';
- else c += 'A' - 10;
- bound[i] = c;
- }
- bound[32] = 0;
- BIO_printf(bio, "MIME-Version: 1.0\n");
- BIO_printf(bio, "Content-Type: multipart/signed;");
- BIO_printf(bio, " protocol=\"application/x-pkcs7-signature\";");
- BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"\n\n", bound);
- BIO_printf(bio, "This is an S/MIME signed message\n\n");
- /* Now write out the first part */
- BIO_printf(bio, "------%s\n", bound);
- if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: text/plain\n\n");
- while((i = BIO_read(data, linebuf, MAX_SMLEN)) > 0)
- BIO_write(bio, linebuf, i);
- BIO_printf(bio, "\n------%s\n", bound);
-
- /* Headers for signature */
-
- BIO_printf(bio, "Content-Type: application/x-pkcs7-signature; name=\"smime.p7s\"\n");
- BIO_printf(bio, "Content-Transfer-Encoding: base64\n");
- BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7s\"\n\n");
- B64_write_PKCS7(bio, p7);
- BIO_printf(bio,"\n------%s--\n\n", bound);
- return 1;
- }
- /* MIME headers */
- BIO_printf(bio, "MIME-Version: 1.0\n");
- BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7m\"\n");
- BIO_printf(bio, "Content-Type: application/x-pkcs7-mime; name=\"smime.p7m\"\n");
- BIO_printf(bio, "Content-Transfer-Encoding: base64\n\n");
- B64_write_PKCS7(bio, p7);
- BIO_printf(bio, "\n");
- return 1;
-}
-
-/* SMIME reader: handle multipart/signed and opaque signing.
- * in multipart case the content is placed in a memory BIO
- * pointed to by "bcont". In opaque this is set to NULL
- */
-
-PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont)
-{
- BIO *p7in;
- STACK_OF(MIME_HEADER) *headers = NULL;
- STACK_OF(BIO) *parts = NULL;
- MIME_HEADER *hdr;
- MIME_PARAM *prm;
- PKCS7 *p7;
- int ret;
-
- if(bcont) *bcont = NULL;
-
- if (!(headers = mime_parse_hdr(bio))) {
- PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_MIME_PARSE_ERROR);
- return NULL;
- }
-
- if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_CONTENT_TYPE);
- return NULL;
- }
-
- /* Handle multipart/signed */
-
- if(!strcmp(hdr->value, "multipart/signed")) {
- /* Split into two parts */
- prm = mime_param_find(hdr, "boundary");
- if(!prm || !prm->param_value) {
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_MULTIPART_BOUNDARY);
- return NULL;
- }
- ret = multi_split(bio, prm->param_value, &parts);
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- if(!ret || (sk_BIO_num(parts) != 2) ) {
- PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_MULTIPART_BODY_FAILURE);
- sk_BIO_pop_free(parts, BIO_vfree);
- return NULL;
- }
-
- /* Parse the signature piece */
- p7in = sk_BIO_value(parts, 1);
-
- if (!(headers = mime_parse_hdr(p7in))) {
- PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_MIME_SIG_PARSE_ERROR);
- sk_BIO_pop_free(parts, BIO_vfree);
- return NULL;
- }
-
- /* Get content type */
-
- if(!(hdr = mime_hdr_find(headers, "content-type")) ||
- !hdr->value) {
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_SIG_CONTENT_TYPE);
- return NULL;
- }
-
- if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
- strcmp(hdr->value, "application/pkcs7-signature")) {
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE);
- ERR_add_error_data(2, "type: ", hdr->value);
- sk_BIO_pop_free(parts, BIO_vfree);
- return NULL;
- }
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- /* Read in PKCS#7 */
- if(!(p7 = B64_read_PKCS7(p7in))) {
- PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_PKCS7_SIG_PARSE_ERROR);
- sk_BIO_pop_free(parts, BIO_vfree);
- return NULL;
- }
-
- if(bcont) {
- *bcont = sk_BIO_value(parts, 0);
- BIO_free(p7in);
- sk_BIO_free(parts);
- } else sk_BIO_pop_free(parts, BIO_vfree);
- return p7;
- }
-
- /* OK, if not multipart/signed try opaque signature */
-
- if (strcmp (hdr->value, "application/x-pkcs7-mime") &&
- strcmp (hdr->value, "application/pkcs7-mime")) {
- PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_INVALID_MIME_TYPE);
- ERR_add_error_data(2, "type: ", hdr->value);
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- return NULL;
- }
-
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-
- if(!(p7 = B64_read_PKCS7(bio))) {
- PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_PKCS7_PARSE_ERROR);
- return NULL;
- }
- return p7;
-
-}
-
-/* Copy text from one BIO to another making the output CRLF at EOL */
-int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
-{
- char eol;
- int len;
- char linebuf[MAX_SMLEN];
- if(flags & PKCS7_BINARY) {
- while((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
- BIO_write(out, linebuf, len);
- return 1;
- }
- if(flags & PKCS7_TEXT) BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
- while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
- eol = 0;
- while(iscrlf(linebuf[len - 1])) {
- len--;
- eol = 1;
- }
- BIO_write(out, linebuf, len);
- if(eol) BIO_write(out, "\r\n", 2);
- }
- return 1;
-}
-
-/* Strip off headers if they are text/plain */
-int SMIME_text(BIO *in, BIO *out)
-{
- char iobuf[4096];
- int len;
- STACK_OF(MIME_HEADER) *headers;
- MIME_HEADER *hdr;
-
- if (!(headers = mime_parse_hdr(in))) {
- PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_PARSE_ERROR);
- return 0;
- }
- if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
- PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_NO_CONTENT_TYPE);
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- return 0;
- }
- if (strcmp (hdr->value, "text/plain")) {
- PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_INVALID_MIME_TYPE);
- ERR_add_error_data(2, "type: ", hdr->value);
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- return 0;
- }
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
- while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
- BIO_write(out, iobuf, len);
- return 1;
-}
-
-/* Split a multipart/XXX message body into component parts: result is
- * canonical parts in a STACK of bios
- */
-
-static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
-{
- char linebuf[MAX_SMLEN];
- int len, blen;
- BIO *bpart = NULL;
- STACK_OF(BIO) *parts;
- char state, part, first;
-
- blen = strlen(bound);
- part = 0;
- state = 0;
- first = 1;
- parts = sk_BIO_new_null();
- *ret = parts;
- while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
- state = mime_bound_check(linebuf, len, bound, blen);
- if(state == 1) {
- first = 1;
- part++;
- } else if(state == 2) {
- sk_BIO_push(parts, bpart);
- return 1;
- } else if(part) {
- if(first) {
- first = 0;
- if(bpart) sk_BIO_push(parts, bpart);
- bpart = BIO_new(BIO_s_mem());
-
- } else BIO_write(bpart, "\r\n", 2);
- /* Strip CR+LF from linebuf */
- while(iscrlf(linebuf[len - 1])) len--;
- BIO_write(bpart, linebuf, len);
- }
- }
- return 0;
-}
-
-static int iscrlf(char c)
-{
- if(c == '\r' || c == '\n') return 1;
- return 0;
-}
-
-/* This is the big one: parse MIME header lines up to message body */
-
-#define MIME_INVALID 0
-#define MIME_START 1
-#define MIME_TYPE 2
-#define MIME_NAME 3
-#define MIME_VALUE 4
-#define MIME_QUOTE 5
-#define MIME_COMMENT 6
-
-
-static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
-{
- char *p, *q, c;
- char *ntmp;
- char linebuf[MAX_SMLEN];
- MIME_HEADER *mhdr = NULL;
- STACK_OF(MIME_HEADER) *headers;
- int len, state, save_state = 0;
-
- headers = sk_MIME_HEADER_new(mime_hdr_cmp);
- while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
- /* If whitespace at line start then continuation line */
- if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME;
- else state = MIME_START;
- ntmp = NULL;
- /* Go through all characters */
- for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) {
-
- /* State machine to handle MIME headers
- * if this looks horrible that's because it *is*
- */
-
- switch(state) {
- case MIME_START:
- if(c == ':') {
- state = MIME_TYPE;
- *p = 0;
- ntmp = strip_ends(q);
- q = p + 1;
- }
- break;
-
- case MIME_TYPE:
- if(c == ';') {
- mime_debug("Found End Value\n");
- *p = 0;
- mhdr = mime_hdr_new(ntmp, strip_ends(q));
- sk_MIME_HEADER_push(headers, mhdr);
- ntmp = NULL;
- q = p + 1;
- state = MIME_NAME;
- } else if(c == '(') {
- save_state = state;
- state = MIME_COMMENT;
- }
- break;
-
- case MIME_COMMENT:
- if(c == ')') {
- state = save_state;
- }
- break;
-
- case MIME_NAME:
- if(c == '=') {
- state = MIME_VALUE;
- *p = 0;
- ntmp = strip_ends(q);
- q = p + 1;
- }
- break ;
-
- case MIME_VALUE:
- if(c == ';') {
- state = MIME_NAME;
- *p = 0;
- mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
- ntmp = NULL;
- q = p + 1;
- } else if (c == '"') {
- mime_debug("Found Quote\n");
- state = MIME_QUOTE;
- } else if(c == '(') {
- save_state = state;
- state = MIME_COMMENT;
- }
- break;
-
- case MIME_QUOTE:
- if(c == '"') {
- mime_debug("Found Match Quote\n");
- state = MIME_VALUE;
- }
- break;
- }
- }
-
- if(state == MIME_TYPE) {
- mhdr = mime_hdr_new(ntmp, strip_ends(q));
- sk_MIME_HEADER_push(headers, mhdr);
- } else if(state == MIME_VALUE)
- mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
- if(p == linebuf) break; /* Blank line means end of headers */
-}
-
-return headers;
-
-}
-
-static char *strip_ends(char *name)
-{
- return strip_end(strip_start(name));
-}
-
-/* Strip a parameter of whitespace from start of param */
-static char *strip_start(char *name)
-{
- char *p, c;
- /* Look for first non white space or quote */
- for(p = name; (c = *p) ;p++) {
- if(c == '"') {
- /* Next char is start of string if non null */
- if(p[1]) return p + 1;
- /* Else null string */
- return NULL;
- }
- if(!isspace((unsigned char)c)) return p;
- }
- return NULL;
-}
-
-/* As above but strip from end of string : maybe should handle brackets? */
-static char *strip_end(char *name)
-{
- char *p, c;
- if(!name) return NULL;
- /* Look for first non white space or quote */
- for(p = name + strlen(name) - 1; p >= name ;p--) {
- c = *p;
- if(c == '"') {
- if(p - 1 == name) return NULL;
- *p = 0;
- return name;
- }
- if(isspace((unsigned char)c)) *p = 0;
- else return name;
- }
- return NULL;
-}
-
-static MIME_HEADER *mime_hdr_new(char *name, char *value)
-{
- MIME_HEADER *mhdr;
- char *tmpname, *tmpval, *p;
- int c;
- if(name) {
- if(!(tmpname = BUF_strdup(name))) return NULL;
- for(p = tmpname ; *p; p++) {
- c = *p;
- if(isupper(c)) {
- c = tolower(c);
- *p = c;
- }
- }
- } else tmpname = NULL;
- if(value) {
- if(!(tmpval = BUF_strdup(value))) return NULL;
- for(p = tmpval ; *p; p++) {
- c = *p;
- if(isupper(c)) {
- c = tolower(c);
- *p = c;
- }
- }
- } else tmpval = NULL;
- mhdr = (MIME_HEADER *) OPENSSL_malloc(sizeof(MIME_HEADER));
- if(!mhdr) return NULL;
- mhdr->name = tmpname;
- mhdr->value = tmpval;
- if(!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) return NULL;
- return mhdr;
-}
-
-static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
-{
- char *tmpname, *tmpval, *p;
- int c;
- MIME_PARAM *mparam;
- if(name) {
- tmpname = BUF_strdup(name);
- if(!tmpname) return 0;
- for(p = tmpname ; *p; p++) {
- c = *p;
- if(isupper(c)) {
- c = tolower(c);
- *p = c;
- }
- }
- } else tmpname = NULL;
- if(value) {
- tmpval = BUF_strdup(value);
- if(!tmpval) return 0;
- } else tmpval = NULL;
- /* Parameter values are case sensitive so leave as is */
- mparam = (MIME_PARAM *) OPENSSL_malloc(sizeof(MIME_PARAM));
- if(!mparam) return 0;
- mparam->param_name = tmpname;
- mparam->param_value = tmpval;
- sk_MIME_PARAM_push(mhdr->params, mparam);
- return 1;
-}
-
-static int mime_hdr_cmp(const MIME_HEADER * const *a,
- const MIME_HEADER * const *b)
-{
- return(strcmp((*a)->name, (*b)->name));
-}
-
-static int mime_param_cmp(const MIME_PARAM * const *a,
- const MIME_PARAM * const *b)
-{
- return(strcmp((*a)->param_name, (*b)->param_name));
-}
-
-/* Find a header with a given name (if possible) */
-
-static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name)
-{
- MIME_HEADER htmp;
- int idx;
- htmp.name = name;
- idx = sk_MIME_HEADER_find(hdrs, &htmp);
- if(idx < 0) return NULL;
- return sk_MIME_HEADER_value(hdrs, idx);
-}
-
-static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name)
-{
- MIME_PARAM param;
- int idx;
- param.param_name = name;
- idx = sk_MIME_PARAM_find(hdr->params, ¶m);
- if(idx < 0) return NULL;
- return sk_MIME_PARAM_value(hdr->params, idx);
-}
-
-static void mime_hdr_free(MIME_HEADER *hdr)
-{
- if(hdr->name) OPENSSL_free(hdr->name);
- if(hdr->value) OPENSSL_free(hdr->value);
- if(hdr->params) sk_MIME_PARAM_pop_free(hdr->params, mime_param_free);
- OPENSSL_free(hdr);
-}
-
-static void mime_param_free(MIME_PARAM *param)
-{
- if(param->param_name) OPENSSL_free(param->param_name);
- if(param->param_value) OPENSSL_free(param->param_value);
- OPENSSL_free(param);
-}
-
-/* Check for a multipart boundary. Returns:
- * 0 : no boundary
- * 1 : part boundary
- * 2 : final boundary
- */
-static int mime_bound_check(char *line, int linelen, char *bound, int blen)
-{
- if(linelen == -1) linelen = strlen(line);
- if(blen == -1) blen = strlen(bound);
- /* Quickly eliminate if line length too short */
- if(blen + 2 > linelen) return 0;
- /* Check for part boundary */
- if(!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) {
- if(!strncmp(line + blen + 2, "--", 2)) return 2;
- else return 1;
- }
- return 0;
-}
diff --git a/src/lib/libcrypto/pkcs7/pk7_smime.c b/src/lib/libcrypto/pkcs7/pk7_smime.c
deleted file mode 100644
index 3d3214f5ee..0000000000
--- a/src/lib/libcrypto/pkcs7/pk7_smime.c
+++ /dev/null
@@ -1,432 +0,0 @@
-/* pk7_smime.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Simple PKCS#7 processing functions */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
- BIO *data, int flags)
-{
- PKCS7 *p7;
- PKCS7_SIGNER_INFO *si;
- BIO *p7bio;
- STACK_OF(X509_ALGOR) *smcap;
- int i;
-
- if(!X509_check_private_key(signcert, pkey)) {
- PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
- return NULL;
- }
-
- if(!(p7 = PKCS7_new())) {
- PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- PKCS7_set_type(p7, NID_pkcs7_signed);
-
- PKCS7_content_new(p7, NID_pkcs7_data);
-
- if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) {
- PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
- return NULL;
- }
-
- if(!(flags & PKCS7_NOCERTS)) {
- PKCS7_add_certificate(p7, signcert);
- if(certs) for(i = 0; i < sk_X509_num(certs); i++)
- PKCS7_add_certificate(p7, sk_X509_value(certs, i));
- }
-
- if(!(p7bio = PKCS7_dataInit(p7, NULL))) {
- PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
-
- SMIME_crlf_copy(data, p7bio, flags);
-
- if(!(flags & PKCS7_NOATTR)) {
- PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
- V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data));
- /* Add SMIMECapabilities */
- if(!(flags & PKCS7_NOSMIMECAP))
- {
- if(!(smcap = sk_X509_ALGOR_new_null())) {
- PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-#ifndef NO_DES
- PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1);
-#endif
-#ifndef NO_RC2
- PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128);
- PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64);
-#endif
-#ifndef NO_DES
- PKCS7_simple_smimecap (smcap, NID_des_cbc, -1);
-#endif
-#ifndef NO_RC2
- PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40);
-#endif
- PKCS7_add_attrib_smimecap (si, smcap);
- sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
- }
- }
-
- if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1);
-
- if (!PKCS7_dataFinal(p7,p7bio)) {
- PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN);
- return NULL;
- }
-
- BIO_free_all(p7bio);
- return p7;
-}
-
-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
- BIO *indata, BIO *out, int flags)
-{
- STACK_OF(X509) *signers;
- X509 *signer;
- STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
- PKCS7_SIGNER_INFO *si;
- X509_STORE_CTX cert_ctx;
- char buf[4096];
- int i, j=0, k, ret = 0;
- BIO *p7bio;
- BIO *tmpout;
-
- if(!p7) {
- PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_INVALID_NULL_POINTER);
- return 0;
- }
-
- if(!PKCS7_type_is_signed(p7)) {
- PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_WRONG_CONTENT_TYPE);
- return 0;
- }
-
- /* Check for no data and no content: no data to verify signature */
- if(PKCS7_get_detached(p7) && !indata) {
- PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_NO_CONTENT);
- return 0;
- }
-#if 0
- /* NB: this test commented out because some versions of Netscape
- * illegally include zero length content when signing data.
- */
-
- /* Check for data and content: two sets of data */
- if(!PKCS7_get_detached(p7) && indata) {
- PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_CONTENT_AND_DATA_PRESENT);
- return 0;
- }
-#endif
-
- sinfos = PKCS7_get_signer_info(p7);
-
- if(!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) {
- PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_NO_SIGNATURES_ON_DATA);
- return 0;
- }
-
-
- signers = PKCS7_get0_signers(p7, certs, flags);
-
- if(!signers) return 0;
-
- /* Now verify the certificates */
-
- if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
- signer = sk_X509_value (signers, k);
- if (!(flags & PKCS7_NOCHAIN)) {
- X509_STORE_CTX_init(&cert_ctx, store, signer,
- p7->d.sign->cert);
- X509_STORE_CTX_set_purpose(&cert_ctx,
- X509_PURPOSE_SMIME_SIGN);
- } else X509_STORE_CTX_init (&cert_ctx, store, signer, NULL);
- i = X509_verify_cert(&cert_ctx);
- if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx);
- X509_STORE_CTX_cleanup(&cert_ctx);
- if (i <= 0) {
- PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_CERTIFICATE_VERIFY_ERROR);
- ERR_add_error_data(2, "Verify error:",
- X509_verify_cert_error_string(j));
- sk_X509_free(signers);
- return 0;
- }
- /* Check for revocation status here */
- }
-
- p7bio=PKCS7_dataInit(p7,indata);
-
- if(flags & PKCS7_TEXT) {
- if(!(tmpout = BIO_new(BIO_s_mem()))) {
- PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- } else tmpout = out;
-
- /* We now have to 'read' from p7bio to calculate digests etc. */
- for (;;)
- {
- i=BIO_read(p7bio,buf,sizeof(buf));
- if (i <= 0) break;
- if (tmpout) BIO_write(tmpout, buf, i);
- }
-
- if(flags & PKCS7_TEXT) {
- if(!SMIME_text(tmpout, out)) {
- PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_SMIME_TEXT_ERROR);
- BIO_free(tmpout);
- goto err;
- }
- BIO_free(tmpout);
- }
-
- /* Now Verify All Signatures */
- if (!(flags & PKCS7_NOSIGS))
- for (i=0; i<sk_PKCS7_SIGNER_INFO_num(sinfos); i++)
- {
- si=sk_PKCS7_SIGNER_INFO_value(sinfos,i);
- signer = sk_X509_value (signers, i);
- j=PKCS7_signatureVerify(p7bio,p7,si, signer);
- if (j <= 0) {
- PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_SIGNATURE_FAILURE);
- goto err;
- }
- }
-
- ret = 1;
-
- err:
-
- if(indata) BIO_pop(p7bio);
- BIO_free_all(p7bio);
- sk_X509_free(signers);
-
- return ret;
-}
-
-STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
-{
- STACK_OF(X509) *signers;
- STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
- PKCS7_SIGNER_INFO *si;
- PKCS7_ISSUER_AND_SERIAL *ias;
- X509 *signer;
- int i;
-
- if(!p7) {
- PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_INVALID_NULL_POINTER);
- return NULL;
- }
-
- if(!PKCS7_type_is_signed(p7)) {
- PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_WRONG_CONTENT_TYPE);
- return NULL;
- }
- if(!(signers = sk_X509_new_null())) {
- PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- /* Collect all the signers together */
-
- sinfos = PKCS7_get_signer_info(p7);
-
- if(sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) {
- PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_NO_SIGNERS);
- return 0;
- }
-
- for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++)
- {
- si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
- ias = si->issuer_and_serial;
- signer = NULL;
- /* If any certificates passed they take priority */
- if (certs) signer = X509_find_by_issuer_and_serial (certs,
- ias->issuer, ias->serial);
- if (!signer && !(flags & PKCS7_NOINTERN)
- && p7->d.sign->cert) signer =
- X509_find_by_issuer_and_serial (p7->d.sign->cert,
- ias->issuer, ias->serial);
- if (!signer) {
- PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND);
- sk_X509_free(signers);
- return 0;
- }
-
- sk_X509_push(signers, signer);
- }
- return signers;
-}
-
-
-/* Build a complete PKCS#7 enveloped data */
-
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher,
- int flags)
-{
- PKCS7 *p7;
- BIO *p7bio = NULL;
- int i;
- X509 *x509;
- if(!(p7 = PKCS7_new())) {
- PKCS7err(PKCS7_F_PKCS7_ENCRYPT,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- PKCS7_set_type(p7, NID_pkcs7_enveloped);
- if(!PKCS7_set_cipher(p7, cipher)) {
- PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_ERROR_SETTING_CIPHER);
- goto err;
- }
-
- for(i = 0; i < sk_X509_num(certs); i++) {
- x509 = sk_X509_value(certs, i);
- if(!PKCS7_add_recipient(p7, x509)) {
- PKCS7err(PKCS7_F_PKCS7_ENCRYPT,
- PKCS7_R_ERROR_ADDING_RECIPIENT);
- goto err;
- }
- }
-
- if(!(p7bio = PKCS7_dataInit(p7, NULL))) {
- PKCS7err(PKCS7_F_PKCS7_ENCRYPT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- SMIME_crlf_copy(in, p7bio, flags);
-
- BIO_flush(p7bio);
-
- if (!PKCS7_dataFinal(p7,p7bio)) {
- PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_PKCS7_DATAFINAL_ERROR);
- goto err;
- }
- BIO_free_all(p7bio);
-
- return p7;
-
- err:
-
- BIO_free(p7bio);
- PKCS7_free(p7);
- return NULL;
-
-}
-
-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
-{
- BIO *tmpmem;
- int ret, i;
- char buf[4096];
-
- if(!p7) {
- PKCS7err(PKCS7_F_PKCS7_DECRYPT,PKCS7_R_INVALID_NULL_POINTER);
- return 0;
- }
-
- if(!PKCS7_type_is_enveloped(p7)) {
- PKCS7err(PKCS7_F_PKCS7_DECRYPT,PKCS7_R_WRONG_CONTENT_TYPE);
- return 0;
- }
-
- if(!X509_check_private_key(cert, pkey)) {
- PKCS7err(PKCS7_F_PKCS7_DECRYPT,
- PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
- return 0;
- }
-
- if(!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) {
- PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR);
- return 0;
- }
-
- if (flags & PKCS7_TEXT) {
- BIO *tmpbuf, *bread;
- /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */
- if(!(tmpbuf = BIO_new(BIO_f_buffer()))) {
- PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if(!(bread = BIO_push(tmpbuf, tmpmem))) {
- PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- ret = SMIME_text(bread, data);
- BIO_free_all(bread);
- return ret;
- } else {
- for(;;) {
- i = BIO_read(tmpmem, buf, sizeof(buf));
- if(i <= 0) break;
- BIO_write(data, buf, i);
- }
- BIO_free_all(tmpmem);
- return 1;
- }
-}
diff --git a/src/lib/libcrypto/pkcs7/pkcs7.h b/src/lib/libcrypto/pkcs7/pkcs7.h
deleted file mode 100644
index 1b817e605d..0000000000
--- a/src/lib/libcrypto/pkcs7/pkcs7.h
+++ /dev/null
@@ -1,505 +0,0 @@
-/* crypto/pkcs7/pkcs7.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_PKCS7_H
-#define HEADER_PKCS7_H
-
-#include <openssl/bio.h>
-#include <openssl/x509.h>
-
-#include <openssl/symhacks.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef WIN32
-/* Under Win32 thes are defined in wincrypt.h */
-#undef PKCS7_ISSUER_AND_SERIAL
-#undef PKCS7_SIGNER_INFO
-#endif
-
-/*
-Encryption_ID DES-CBC
-Digest_ID MD5
-Digest_Encryption_ID rsaEncryption
-Key_Encryption_ID rsaEncryption
-*/
-
-typedef struct pkcs7_issuer_and_serial_st
- {
- X509_NAME *issuer;
- ASN1_INTEGER *serial;
- } PKCS7_ISSUER_AND_SERIAL;
-
-typedef struct pkcs7_signer_info_st
- {
- ASN1_INTEGER *version; /* version 1 */
- PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
- X509_ALGOR *digest_alg;
- STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
- X509_ALGOR *digest_enc_alg;
- ASN1_OCTET_STRING *enc_digest;
- STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
-
- /* The private key to sign with */
- EVP_PKEY *pkey;
- } PKCS7_SIGNER_INFO;
-
-DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
-DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO)
-
-typedef struct pkcs7_recip_info_st
- {
- ASN1_INTEGER *version; /* version 0 */
- PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
- X509_ALGOR *key_enc_algor;
- ASN1_OCTET_STRING *enc_key;
- X509 *cert; /* get the pub-key from this */
- } PKCS7_RECIP_INFO;
-
-DECLARE_STACK_OF(PKCS7_RECIP_INFO)
-DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO)
-
-typedef struct pkcs7_signed_st
- {
- ASN1_INTEGER *version; /* version 1 */
- STACK_OF(X509_ALGOR) *md_algs; /* md used */
- STACK_OF(X509) *cert; /* [ 0 ] */
- STACK_OF(X509_CRL) *crl; /* [ 1 ] */
- STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
-
- struct pkcs7_st *contents;
- } PKCS7_SIGNED;
-/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE.
- * How about merging the two */
-
-typedef struct pkcs7_enc_content_st
- {
- ASN1_OBJECT *content_type;
- X509_ALGOR *algorithm;
- ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
- const EVP_CIPHER *cipher;
- } PKCS7_ENC_CONTENT;
-
-typedef struct pkcs7_enveloped_st
- {
- ASN1_INTEGER *version; /* version 0 */
- STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
- PKCS7_ENC_CONTENT *enc_data;
- } PKCS7_ENVELOPE;
-
-typedef struct pkcs7_signedandenveloped_st
- {
- ASN1_INTEGER *version; /* version 1 */
- STACK_OF(X509_ALGOR) *md_algs; /* md used */
- STACK_OF(X509) *cert; /* [ 0 ] */
- STACK_OF(X509_CRL) *crl; /* [ 1 ] */
- STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
-
- PKCS7_ENC_CONTENT *enc_data;
- STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
- } PKCS7_SIGN_ENVELOPE;
-
-typedef struct pkcs7_digest_st
- {
- ASN1_INTEGER *version; /* version 0 */
- X509_ALGOR *md; /* md used */
- struct pkcs7_st *contents;
- ASN1_OCTET_STRING *digest;
- } PKCS7_DIGEST;
-
-typedef struct pkcs7_encrypted_st
- {
- ASN1_INTEGER *version; /* version 0 */
- PKCS7_ENC_CONTENT *enc_data;
- } PKCS7_ENCRYPT;
-
-typedef struct pkcs7_st
- {
- /* The following is non NULL if it contains ASN1 encoding of
- * this structure */
- unsigned char *asn1;
- long length;
-
-#define PKCS7_S_HEADER 0
-#define PKCS7_S_BODY 1
-#define PKCS7_S_TAIL 2
- int state; /* used during processing */
-
- int detached;
-
- ASN1_OBJECT *type;
- /* content as defined by the type */
- /* all encryption/message digests are applied to the 'contents',
- * leaving out the 'type' field. */
- union {
- char *ptr;
-
- /* NID_pkcs7_data */
- ASN1_OCTET_STRING *data;
-
- /* NID_pkcs7_signed */
- PKCS7_SIGNED *sign;
-
- /* NID_pkcs7_enveloped */
- PKCS7_ENVELOPE *enveloped;
-
- /* NID_pkcs7_signedAndEnveloped */
- PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
-
- /* NID_pkcs7_digest */
- PKCS7_DIGEST *digest;
-
- /* NID_pkcs7_encrypted */
- PKCS7_ENCRYPT *encrypted;
-
- /* Anything else */
- ASN1_TYPE *other;
- } d;
- } PKCS7;
-
-DECLARE_STACK_OF(PKCS7)
-DECLARE_ASN1_SET_OF(PKCS7)
-DECLARE_PKCS12_STACK_OF(PKCS7)
-
-#define PKCS7_OP_SET_DETACHED_SIGNATURE 1
-#define PKCS7_OP_GET_DETACHED_SIGNATURE 2
-
-#define PKCS7_get_signed_attributes(si) ((si)->auth_attr)
-#define PKCS7_get_attributes(si) ((si)->unauth_attr)
-
-#define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
-#define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
-#define PKCS7_type_is_signedAndEnveloped(a) \
- (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
-#define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
-
-#define PKCS7_set_detached(p,v) \
- PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
-#define PKCS7_get_detached(p) \
- PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
-
-#ifdef SSLEAY_MACROS
-#ifndef PKCS7_ISSUER_AND_SERIAL_digest
-#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
- ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
- (char *)data,md,len)
-#endif
-#endif
-
-/* S/MIME related flags */
-
-#define PKCS7_TEXT 0x1
-#define PKCS7_NOCERTS 0x2
-#define PKCS7_NOSIGS 0x4
-#define PKCS7_NOCHAIN 0x8
-#define PKCS7_NOINTERN 0x10
-#define PKCS7_NOVERIFY 0x20
-#define PKCS7_DETACHED 0x40
-#define PKCS7_BINARY 0x80
-#define PKCS7_NOATTR 0x100
-#define PKCS7_NOSMIMECAP 0x200
-
-/* Flags: for compatibility with older code */
-
-#define SMIME_TEXT PKCS7_TEXT
-#define SMIME_NOCERTS PKCS7_NOCERTS
-#define SMIME_NOSIGS PKCS7_NOSIGS
-#define SMIME_NOCHAIN PKCS7_NOCHAIN
-#define SMIME_NOINTERN PKCS7_NOINTERN
-#define SMIME_NOVERIFY PKCS7_NOVERIFY
-#define SMIME_DETACHED PKCS7_DETACHED
-#define SMIME_BINARY PKCS7_BINARY
-#define SMIME_NOATTR PKCS7_NOATTR
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void );
-void PKCS7_ISSUER_AND_SERIAL_free(
- PKCS7_ISSUER_AND_SERIAL *a);
-int i2d_PKCS7_ISSUER_AND_SERIAL(
- PKCS7_ISSUER_AND_SERIAL *a,unsigned char **pp);
-PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(
- PKCS7_ISSUER_AND_SERIAL **a,
- unsigned char **pp, long length);
-
-#ifndef SSLEAY_MACROS
-int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type,
- unsigned char *md,unsigned int *len);
-#ifndef NO_FP_API
-PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 **p7);
-int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
-#endif
-PKCS7 *PKCS7_dup(PKCS7 *p7);
-PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7);
-int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
-#endif
-
-PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void);
-void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a);
-int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a,
- unsigned char **pp);
-PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a,
- unsigned char **pp,long length);
-
-PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void);
-void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a);
-int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a,
- unsigned char **pp);
-PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a,
- unsigned char **pp,long length);
-
-PKCS7_SIGNED *PKCS7_SIGNED_new(void);
-void PKCS7_SIGNED_free(PKCS7_SIGNED *a);
-int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a,
- unsigned char **pp);
-PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a,
- unsigned char **pp,long length);
-
-PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void);
-void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a);
-int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a,
- unsigned char **pp);
-PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a,
- unsigned char **pp,long length);
-
-PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void);
-void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a);
-int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a,
- unsigned char **pp);
-PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a,
- unsigned char **pp,long length);
-
-PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void);
-void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a);
-int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a,
- unsigned char **pp);
-PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a,
- unsigned char **pp,long length);
-
-PKCS7_DIGEST *PKCS7_DIGEST_new(void);
-void PKCS7_DIGEST_free(PKCS7_DIGEST *a);
-int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a,
- unsigned char **pp);
-PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a,
- unsigned char **pp,long length);
-
-PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void);
-void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a);
-int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a,
- unsigned char **pp);
-PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a,
- unsigned char **pp,long length);
-
-PKCS7 *PKCS7_new(void);
-void PKCS7_free(PKCS7 *a);
-void PKCS7_content_free(PKCS7 *a);
-int i2d_PKCS7(PKCS7 *a,
- unsigned char **pp);
-PKCS7 *d2i_PKCS7(PKCS7 **a,
- unsigned char **pp,long length);
-
-void ERR_load_PKCS7_strings(void);
-
-
-long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
-
-int PKCS7_set_type(PKCS7 *p7, int type);
-int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
-int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
- EVP_MD *dgst);
-int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
-int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
-int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
-int PKCS7_content_new(PKCS7 *p7, int nid);
-int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
- BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
- X509 *x509);
-
-BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
-int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
-BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
-
-
-PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
- EVP_PKEY *pkey, EVP_MD *dgst);
-X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
-
-PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
-int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
-int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
-int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
-ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
-int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si,int nid,int type,
- void *data);
-int PKCS7_add_attribute (PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
- void *value);
-ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
-ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
-int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
- STACK_OF(X509_ATTRIBUTE) *sk);
-int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,STACK_OF(X509_ATTRIBUTE) *sk);
-
-
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
- BIO *data, int flags);
-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
- BIO *indata, BIO *out, int flags);
-STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher,
- int flags);
-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
-
-int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
- STACK_OF(X509_ALGOR) *cap);
-STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
-int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
-
-int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
-PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
-int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
-int SMIME_text(BIO *in, BIO *out);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the PKCS7 functions. */
-
-/* Function codes. */
-#define PKCS7_F_B64_READ_PKCS7 120
-#define PKCS7_F_B64_WRITE_PKCS7 121
-#define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118
-#define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
-#define PKCS7_F_PKCS7_ADD_CRL 101
-#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
-#define PKCS7_F_PKCS7_ADD_SIGNER 103
-#define PKCS7_F_PKCS7_CTRL 104
-#define PKCS7_F_PKCS7_DATADECODE 112
-#define PKCS7_F_PKCS7_DATAINIT 105
-#define PKCS7_F_PKCS7_DATASIGN 106
-#define PKCS7_F_PKCS7_DATAVERIFY 107
-#define PKCS7_F_PKCS7_DECRYPT 114
-#define PKCS7_F_PKCS7_ENCRYPT 115
-#define PKCS7_F_PKCS7_GET0_SIGNERS 124
-#define PKCS7_F_PKCS7_SET_CIPHER 108
-#define PKCS7_F_PKCS7_SET_CONTENT 109
-#define PKCS7_F_PKCS7_SET_TYPE 110
-#define PKCS7_F_PKCS7_SIGN 116
-#define PKCS7_F_PKCS7_SIGNATUREVERIFY 113
-#define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119
-#define PKCS7_F_PKCS7_VERIFY 117
-#define PKCS7_F_SMIME_READ_PKCS7 122
-#define PKCS7_F_SMIME_TEXT 123
-
-/* Reason codes. */
-#define PKCS7_R_CERTIFICATE_VERIFY_ERROR 117
-#define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144
-#define PKCS7_R_CIPHER_NOT_INITIALIZED 116
-#define PKCS7_R_CONTENT_AND_DATA_PRESENT 118
-#define PKCS7_R_DECODE_ERROR 130
-#define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100
-#define PKCS7_R_DECRYPT_ERROR 119
-#define PKCS7_R_DIGEST_FAILURE 101
-#define PKCS7_R_ERROR_ADDING_RECIPIENT 120
-#define PKCS7_R_ERROR_SETTING_CIPHER 121
-#define PKCS7_R_INTERNAL_ERROR 102
-#define PKCS7_R_INVALID_MIME_TYPE 131
-#define PKCS7_R_INVALID_NULL_POINTER 143
-#define PKCS7_R_MIME_NO_CONTENT_TYPE 132
-#define PKCS7_R_MIME_PARSE_ERROR 133
-#define PKCS7_R_MIME_SIG_PARSE_ERROR 134
-#define PKCS7_R_MISSING_CERIPEND_INFO 103
-#define PKCS7_R_NO_CONTENT 122
-#define PKCS7_R_NO_CONTENT_TYPE 135
-#define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136
-#define PKCS7_R_NO_MULTIPART_BOUNDARY 137
-#define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
-#define PKCS7_R_NO_SIGNATURES_ON_DATA 123
-#define PKCS7_R_NO_SIGNERS 142
-#define PKCS7_R_NO_SIG_CONTENT_TYPE 138
-#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
-#define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
-#define PKCS7_R_PKCS7_DATAFINAL_ERROR 125
-#define PKCS7_R_PKCS7_DATASIGN 126
-#define PKCS7_R_PKCS7_PARSE_ERROR 139
-#define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140
-#define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
-#define PKCS7_R_SIGNATURE_FAILURE 105
-#define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
-#define PKCS7_R_SIG_INVALID_MIME_TYPE 141
-#define PKCS7_R_SMIME_TEXT_ERROR 129
-#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106
-#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107
-#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108
-#define PKCS7_R_UNKNOWN_DIGEST_TYPE 109
-#define PKCS7_R_UNKNOWN_OPERATION 110
-#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111
-#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112
-#define PKCS7_R_WRONG_CONTENT_TYPE 113
-#define PKCS7_R_WRONG_PKCS7_TYPE 114
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/pkcs7/pkcs7err.c b/src/lib/libcrypto/pkcs7/pkcs7err.c
deleted file mode 100644
index 8ded8913db..0000000000
--- a/src/lib/libcrypto/pkcs7/pkcs7err.c
+++ /dev/null
@@ -1,161 +0,0 @@
-/* crypto/pkcs7/pkcs7err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/pkcs7.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA PKCS7_str_functs[]=
- {
-{ERR_PACK(0,PKCS7_F_B64_READ_PKCS7,0), "B64_READ_PKCS7"},
-{ERR_PACK(0,PKCS7_F_B64_WRITE_PKCS7,0), "B64_WRITE_PKCS7"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,0), "PKCS7_add_attrib_smimecap"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CERTIFICATE,0), "PKCS7_add_certificate"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CRL,0), "PKCS7_add_crl"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,0), "PKCS7_add_recipient_info"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0), "PKCS7_add_signer"},
-{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0), "PKCS7_ctrl"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATADECODE,0), "PKCS7_dataDecode"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0), "PKCS7_dataInit"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0), "PKCS7_DATASIGN"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0), "PKCS7_dataVerify"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DECRYPT,0), "PKCS7_decrypt"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ENCRYPT,0), "PKCS7_encrypt"},
-{ERR_PACK(0,PKCS7_F_PKCS7_GET0_SIGNERS,0), "PKCS7_get0_signers"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0), "PKCS7_set_cipher"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0), "PKCS7_set_content"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0), "PKCS7_set_type"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SIGN,0), "PKCS7_sign"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SIGNATUREVERIFY,0), "PKCS7_signatureVerify"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SIMPLE_SMIMECAP,0), "PKCS7_simple_smimecap"},
-{ERR_PACK(0,PKCS7_F_PKCS7_VERIFY,0), "PKCS7_verify"},
-{ERR_PACK(0,PKCS7_F_SMIME_READ_PKCS7,0), "SMIME_read_PKCS7"},
-{ERR_PACK(0,PKCS7_F_SMIME_TEXT,0), "SMIME_text"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA PKCS7_str_reasons[]=
- {
-{PKCS7_R_CERTIFICATE_VERIFY_ERROR ,"certificate verify error"},
-{PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"},
-{PKCS7_R_CIPHER_NOT_INITIALIZED ,"cipher not initialized"},
-{PKCS7_R_CONTENT_AND_DATA_PRESENT ,"content and data present"},
-{PKCS7_R_DECODE_ERROR ,"decode error"},
-{PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH ,"decrypted key is wrong length"},
-{PKCS7_R_DECRYPT_ERROR ,"decrypt error"},
-{PKCS7_R_DIGEST_FAILURE ,"digest failure"},
-{PKCS7_R_ERROR_ADDING_RECIPIENT ,"error adding recipient"},
-{PKCS7_R_ERROR_SETTING_CIPHER ,"error setting cipher"},
-{PKCS7_R_INTERNAL_ERROR ,"internal error"},
-{PKCS7_R_INVALID_MIME_TYPE ,"invalid mime type"},
-{PKCS7_R_INVALID_NULL_POINTER ,"invalid null pointer"},
-{PKCS7_R_MIME_NO_CONTENT_TYPE ,"mime no content type"},
-{PKCS7_R_MIME_PARSE_ERROR ,"mime parse error"},
-{PKCS7_R_MIME_SIG_PARSE_ERROR ,"mime sig parse error"},
-{PKCS7_R_MISSING_CERIPEND_INFO ,"missing ceripend info"},
-{PKCS7_R_NO_CONTENT ,"no content"},
-{PKCS7_R_NO_CONTENT_TYPE ,"no content type"},
-{PKCS7_R_NO_MULTIPART_BODY_FAILURE ,"no multipart body failure"},
-{PKCS7_R_NO_MULTIPART_BOUNDARY ,"no multipart boundary"},
-{PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE,"no recipient matches certificate"},
-{PKCS7_R_NO_SIGNATURES_ON_DATA ,"no signatures on data"},
-{PKCS7_R_NO_SIGNERS ,"no signers"},
-{PKCS7_R_NO_SIG_CONTENT_TYPE ,"no sig content type"},
-{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"},
-{PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR ,"pkcs7 add signature error"},
-{PKCS7_R_PKCS7_DATAFINAL_ERROR ,"pkcs7 datafinal error"},
-{PKCS7_R_PKCS7_DATASIGN ,"pkcs7 datasign"},
-{PKCS7_R_PKCS7_PARSE_ERROR ,"pkcs7 parse error"},
-{PKCS7_R_PKCS7_SIG_PARSE_ERROR ,"pkcs7 sig parse error"},
-{PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE,"private key does not match certificate"},
-{PKCS7_R_SIGNATURE_FAILURE ,"signature failure"},
-{PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND ,"signer certificate not found"},
-{PKCS7_R_SIG_INVALID_MIME_TYPE ,"sig invalid mime type"},
-{PKCS7_R_SMIME_TEXT_ERROR ,"smime text error"},
-{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE ,"unable to find certificate"},
-{PKCS7_R_UNABLE_TO_FIND_MEM_BIO ,"unable to find mem bio"},
-{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST ,"unable to find message digest"},
-{PKCS7_R_UNKNOWN_DIGEST_TYPE ,"unknown digest type"},
-{PKCS7_R_UNKNOWN_OPERATION ,"unknown operation"},
-{PKCS7_R_UNSUPPORTED_CIPHER_TYPE ,"unsupported cipher type"},
-{PKCS7_R_UNSUPPORTED_CONTENT_TYPE ,"unsupported content type"},
-{PKCS7_R_WRONG_CONTENT_TYPE ,"wrong content type"},
-{PKCS7_R_WRONG_PKCS7_TYPE ,"wrong pkcs7 type"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_PKCS7_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs);
- ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h
deleted file mode 100644
index 9c6052733e..0000000000
--- a/src/lib/libcrypto/rand/rand.h
+++ /dev/null
@@ -1,134 +0,0 @@
-/* crypto/rand/rand.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RAND_H
-#define HEADER_RAND_H
-
-#include <stdlib.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct rand_meth_st
- {
- void (*seed)(const void *buf, int num);
- int (*bytes)(unsigned char *buf, int num);
- void (*cleanup)(void);
- void (*add)(const void *buf, int num, double entropy);
- int (*pseudorand)(unsigned char *buf, int num);
- int (*status)(void);
- } RAND_METHOD;
-
-#ifdef BN_DEBUG
-extern int rand_predictable;
-#endif
-
-struct engine_st;
-
-int RAND_set_rand_method(struct engine_st *meth);
-RAND_METHOD *RAND_get_rand_method(void );
-RAND_METHOD *RAND_SSLeay(void);
-void RAND_cleanup(void );
-int RAND_bytes(unsigned char *buf,int num);
-int RAND_pseudo_bytes(unsigned char *buf,int num);
-void RAND_seed(const void *buf,int num);
-void RAND_add(const void *buf,int num,double entropy);
-int RAND_load_file(const char *file,long max_bytes);
-int RAND_write_file(const char *file);
-const char *RAND_file_name(char *file,size_t num);
-int RAND_status(void);
-int RAND_egd(const char *path);
-int RAND_egd_bytes(const char *path,int bytes);
-void ERR_load_RAND_strings(void);
-int RAND_poll(void);
-
-#ifdef __cplusplus
-}
-#endif
-
-#if defined(WINDOWS) || defined(WIN32)
-#include <windows.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-void RAND_screen(void);
-int RAND_event(UINT, WPARAM, LPARAM);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the RAND functions. */
-
-/* Function codes. */
-#define RAND_F_SSLEAY_RAND_BYTES 100
-
-/* Reason codes. */
-#define RAND_R_PRNG_NOT_SEEDED 100
-
-#endif
-
diff --git a/src/lib/libcrypto/rand/rand_err.c b/src/lib/libcrypto/rand/rand_err.c
deleted file mode 100644
index 1af0aa0b8a..0000000000
--- a/src/lib/libcrypto/rand/rand_err.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/* crypto/rand/rand_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA RAND_str_functs[]=
- {
-{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0), "SSLEAY_RAND_BYTES"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA RAND_str_reasons[]=
- {
-{RAND_R_PRNG_NOT_SEEDED ,"PRNG not seeded"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_RAND_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_RAND,RAND_str_functs);
- ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c
deleted file mode 100644
index 57eff0f132..0000000000
--- a/src/lib/libcrypto/rand/rand_lib.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/* crypto/rand/rand_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <openssl/rand.h>
-#include <openssl/engine.h>
-
-static ENGINE *rand_engine=NULL;
-
-#if 0
-void RAND_set_rand_method(RAND_METHOD *meth)
- {
- rand_meth=meth;
- }
-#else
-int RAND_set_rand_method(ENGINE *engine)
- {
- ENGINE *mtmp;
- mtmp = rand_engine;
- if (!ENGINE_init(engine))
- return 0;
- rand_engine = engine;
- /* SHOULD ERROR CHECK THIS!!! */
- ENGINE_finish(mtmp);
- return 1;
- }
-#endif
-
-RAND_METHOD *RAND_get_rand_method(void)
- {
- if (rand_engine == NULL
- && (rand_engine = ENGINE_get_default_RAND()) == NULL)
- return NULL;
- return ENGINE_get_RAND(rand_engine);
- }
-
-void RAND_cleanup(void)
- {
- RAND_METHOD *meth = RAND_get_rand_method();
- if (meth && meth->cleanup)
- meth->cleanup();
- }
-
-void RAND_seed(const void *buf, int num)
- {
- RAND_METHOD *meth = RAND_get_rand_method();
- if (meth && meth->seed)
- meth->seed(buf,num);
- }
-
-void RAND_add(const void *buf, int num, double entropy)
- {
- RAND_METHOD *meth = RAND_get_rand_method();
- if (meth && meth->add)
- meth->add(buf,num,entropy);
- }
-
-int RAND_bytes(unsigned char *buf, int num)
- {
- RAND_METHOD *meth = RAND_get_rand_method();
- if (meth && meth->bytes)
- return meth->bytes(buf,num);
- return(-1);
- }
-
-int RAND_pseudo_bytes(unsigned char *buf, int num)
- {
- RAND_METHOD *meth = RAND_get_rand_method();
- if (meth && meth->pseudorand)
- return meth->pseudorand(buf,num);
- return(-1);
- }
-
-int RAND_status(void)
- {
- RAND_METHOD *meth = RAND_get_rand_method();
- if (meth && meth->status)
- return meth->status();
- return 0;
- }
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
deleted file mode 100644
index c4eb79ac5f..0000000000
--- a/src/lib/libcrypto/rand/randfile.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/* crypto/rand/randfile.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef VMS
-#include <unixio.h>
-#endif
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifdef MAC_OS_pre_X
-# include <stat.h>
-#else
-# include <sys/stat.h>
-#endif
-
-#include "openssl/e_os.h"
-#include <openssl/crypto.h>
-#include <openssl/rand.h>
-
-#undef BUFSIZE
-#define BUFSIZE 1024
-#define RAND_DATA 1024
-
-/* #define RFILE ".rnd" - defined in ../../e_os.h */
-
-/* Note that these functions are intended for seed files only.
- * Entropy devices and EGD sockets are handled in rand_unix.c */
-
-int RAND_load_file(const char *file, long bytes)
- {
- /* If bytes >= 0, read up to 'bytes' bytes.
- * if bytes == -1, read complete file. */
-
- MS_STATIC unsigned char buf[BUFSIZE];
- struct stat sb;
- int i,ret=0,n;
- FILE *in;
-
- if (file == NULL) return(0);
-
- i=stat(file,&sb);
- if (i < 0) {
- /* If the state fails, put some crap in anyway */
- RAND_add(&sb,sizeof(sb),0);
- return(0);
- }
- if (bytes == 0) return(ret);
- in=fopen(file,"rb");
- if (in == NULL) goto err;
- if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
- /* this file is a device. we don't want read an infinite number
- * of bytes from a random device, nor do we want to use buffered
- * I/O because we will waste system entropy.
- */
- bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
- setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */
- }
- for (;;)
- {
- if (bytes > 0)
- n = (bytes < BUFSIZE)?(int)bytes:BUFSIZE;
- else
- n = BUFSIZE;
- i=fread(buf,1,n,in);
- if (i <= 0) break;
- /* even if n != i, use the full array */
- RAND_add(buf,n,i);
- ret+=i;
- if (bytes > 0)
- {
- bytes-=n;
- if (bytes <= 0) break;
- }
- }
- fclose(in);
- memset(buf,0,BUFSIZE);
-err:
- return(ret);
- }
-
-int RAND_write_file(const char *file)
- {
- unsigned char buf[BUFSIZE];
- int i,ret=0,rand_err=0;
- FILE *out = NULL;
- int n;
- struct stat sb;
-
- i=stat(file,&sb);
- if (i != -1) {
- if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
- /* this file is a device. we don't write back to it.
- * we "succeed" on the assumption this is some sort
- * of random device. Otherwise attempting to write to
- * and chmod the device causes problems.
- */
- return(1);
- }
- }
-
-#if defined(O_CREAT) && !defined(WIN32)
- /* For some reason Win32 can't write to files created this way */
-
- /* chmod(..., 0600) is too late to protect the file,
- * permissions should be restrictive from the start */
- int fd = open(file, O_CREAT, 0600);
- if (fd != -1)
- out = fdopen(fd, "wb");
-#endif
- if (out == NULL)
- out = fopen(file,"wb");
- if (out == NULL) goto err;
-
-#ifndef NO_CHMOD
- chmod(file,0600);
-#endif
- n=RAND_DATA;
- for (;;)
- {
- i=(n > BUFSIZE)?BUFSIZE:n;
- n-=BUFSIZE;
- if (RAND_bytes(buf,i) <= 0)
- rand_err=1;
- i=fwrite(buf,1,i,out);
- if (i <= 0)
- {
- ret=0;
- break;
- }
- ret+=i;
- if (n <= 0) break;
- }
-#ifdef VMS
- /* Try to delete older versions of the file, until there aren't
- any */
- {
- char *tmpf;
-
- tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */
- if (tmpf)
- {
- strcpy(tmpf, file);
- strcat(tmpf, ";-1");
- while(delete(tmpf) == 0)
- ;
- rename(file,";1"); /* Make sure it's version 1, or we
- will reach the limit (32767) at
- some point... */
- }
- }
-#endif /* VMS */
-
- fclose(out);
- memset(buf,0,BUFSIZE);
-err:
- return (rand_err ? -1 : ret);
- }
-
-const char *RAND_file_name(char *buf, size_t size)
- {
- char *s = NULL;
- int ok = 0;
- struct stat sb;
-
- if (issetugid() == 0)
- s = getenv("RANDFILE");
- if (s != NULL && *s && strlen(s) + 1 < size)
- {
- strlcpy(buf,s,size);
- ok = 1;
- }
- else
- {
- if (issetugid() == 0)
- s=getenv("HOME");
-#ifdef DEFAULT_HOME
- if (s == NULL)
- {
- s = DEFAULT_HOME;
- }
-#endif
- if (s && *s && strlen(s)+strlen(RFILE)+2 < size)
- {
- strlcpy(buf,s,size);
-#ifndef VMS
- strcat(buf,"/");
-#endif
- strlcat(buf,RFILE,size);
- ok = 1;
- }
- else
- buf[0] = '\0'; /* no file name */
- }
-
-#ifdef DEVRANDOM
- /* given that all random loads just fail if the file can't be
- * seen on a stat, we stat the file we're returning, if it
- * fails, use DEVRANDOM instead. this allows the user to
- * use their own source for good random data, but defaults
- * to something hopefully decent if that isn't available.
- */
-
- if (!ok)
- if (strlcpy(buf,DEVRANDOM,size) >= size) {
- return(NULL);
- }
- if (stat(buf,&sb) == -1)
- if (strlcpy(buf,DEVRANDOM,size) >= size) {
- return(NULL);
- }
-
-#endif
- return(buf);
- }
-
diff --git a/src/lib/libcrypto/rc2/rc2.h b/src/lib/libcrypto/rc2/rc2.h
deleted file mode 100644
index 076c0a067c..0000000000
--- a/src/lib/libcrypto/rc2/rc2.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/* crypto/rc2/rc2.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC2_H
-#define HEADER_RC2_H
-
-#ifdef NO_RC2
-#error RC2 is disabled.
-#endif
-
-#define RC2_ENCRYPT 1
-#define RC2_DECRYPT 0
-
-#include <openssl/opensslconf.h> /* RC2_INT */
-#define RC2_BLOCK 8
-#define RC2_KEY_LENGTH 16
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct rc2_key_st
- {
- RC2_INT data[64];
- } RC2_KEY;
-
-
-void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
-void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key,
- int enc);
-void RC2_encrypt(unsigned long *data,RC2_KEY *key);
-void RC2_decrypt(unsigned long *data,RC2_KEY *key);
-void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- RC2_KEY *ks, unsigned char *iv, int enc);
-void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, RC2_KEY *schedule, unsigned char *ivec,
- int *num, int enc);
-void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, RC2_KEY *schedule, unsigned char *ivec,
- int *num);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/rc2/rc2_cbc.c b/src/lib/libcrypto/rc2/rc2_cbc.c
deleted file mode 100644
index 74f48d3d87..0000000000
--- a/src/lib/libcrypto/rc2/rc2_cbc.c
+++ /dev/null
@@ -1,226 +0,0 @@
-/* crypto/rc2/rc2_cbc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- RC2_KEY *ks, unsigned char *iv, int encrypt)
- {
- register unsigned long tin0,tin1;
- register unsigned long tout0,tout1,xor0,xor1;
- register long l=length;
- unsigned long tin[2];
-
- if (encrypt)
- {
- c2l(iv,tout0);
- c2l(iv,tout1);
- iv-=8;
- for (l-=8; l>=0; l-=8)
- {
- c2l(in,tin0);
- c2l(in,tin1);
- tin0^=tout0;
- tin1^=tout1;
- tin[0]=tin0;
- tin[1]=tin1;
- RC2_encrypt(tin,ks);
- tout0=tin[0]; l2c(tout0,out);
- tout1=tin[1]; l2c(tout1,out);
- }
- if (l != -8)
- {
- c2ln(in,tin0,tin1,l+8);
- tin0^=tout0;
- tin1^=tout1;
- tin[0]=tin0;
- tin[1]=tin1;
- RC2_encrypt(tin,ks);
- tout0=tin[0]; l2c(tout0,out);
- tout1=tin[1]; l2c(tout1,out);
- }
- l2c(tout0,iv);
- l2c(tout1,iv);
- }
- else
- {
- c2l(iv,xor0);
- c2l(iv,xor1);
- iv-=8;
- for (l-=8; l>=0; l-=8)
- {
- c2l(in,tin0); tin[0]=tin0;
- c2l(in,tin1); tin[1]=tin1;
- RC2_decrypt(tin,ks);
- tout0=tin[0]^xor0;
- tout1=tin[1]^xor1;
- l2c(tout0,out);
- l2c(tout1,out);
- xor0=tin0;
- xor1=tin1;
- }
- if (l != -8)
- {
- c2l(in,tin0); tin[0]=tin0;
- c2l(in,tin1); tin[1]=tin1;
- RC2_decrypt(tin,ks);
- tout0=tin[0]^xor0;
- tout1=tin[1]^xor1;
- l2cn(tout0,tout1,out,l+8);
- xor0=tin0;
- xor1=tin1;
- }
- l2c(xor0,iv);
- l2c(xor1,iv);
- }
- tin0=tin1=tout0=tout1=xor0=xor1=0;
- tin[0]=tin[1]=0;
- }
-
-void RC2_encrypt(unsigned long *d, RC2_KEY *key)
- {
- int i,n;
- register RC2_INT *p0,*p1;
- register RC2_INT x0,x1,x2,x3,t;
- unsigned long l;
-
- l=d[0];
- x0=(RC2_INT)l&0xffff;
- x1=(RC2_INT)(l>>16L);
- l=d[1];
- x2=(RC2_INT)l&0xffff;
- x3=(RC2_INT)(l>>16L);
-
- n=3;
- i=5;
-
- p0=p1= &(key->data[0]);
- for (;;)
- {
- t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff;
- x0=(t<<1)|(t>>15);
- t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff;
- x1=(t<<2)|(t>>14);
- t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff;
- x2=(t<<3)|(t>>13);
- t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff;
- x3=(t<<5)|(t>>11);
-
- if (--i == 0)
- {
- if (--n == 0) break;
- i=(n == 2)?6:5;
-
- x0+=p1[x3&0x3f];
- x1+=p1[x0&0x3f];
- x2+=p1[x1&0x3f];
- x3+=p1[x2&0x3f];
- }
- }
-
- d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
- d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
- }
-
-void RC2_decrypt(unsigned long *d, RC2_KEY *key)
- {
- int i,n;
- register RC2_INT *p0,*p1;
- register RC2_INT x0,x1,x2,x3,t;
- unsigned long l;
-
- l=d[0];
- x0=(RC2_INT)l&0xffff;
- x1=(RC2_INT)(l>>16L);
- l=d[1];
- x2=(RC2_INT)l&0xffff;
- x3=(RC2_INT)(l>>16L);
-
- n=3;
- i=5;
-
- p0= &(key->data[63]);
- p1= &(key->data[0]);
- for (;;)
- {
- t=((x3<<11)|(x3>>5))&0xffff;
- x3=(t-(x0& ~x2)-(x1&x2)- *(p0--))&0xffff;
- t=((x2<<13)|(x2>>3))&0xffff;
- x2=(t-(x3& ~x1)-(x0&x1)- *(p0--))&0xffff;
- t=((x1<<14)|(x1>>2))&0xffff;
- x1=(t-(x2& ~x0)-(x3&x0)- *(p0--))&0xffff;
- t=((x0<<15)|(x0>>1))&0xffff;
- x0=(t-(x1& ~x3)-(x2&x3)- *(p0--))&0xffff;
-
- if (--i == 0)
- {
- if (--n == 0) break;
- i=(n == 2)?6:5;
-
- x3=(x3-p1[x2&0x3f])&0xffff;
- x2=(x2-p1[x1&0x3f])&0xffff;
- x1=(x1-p1[x0&0x3f])&0xffff;
- x0=(x0-p1[x3&0x3f])&0xffff;
- }
- }
-
- d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
- d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
- }
-
diff --git a/src/lib/libcrypto/rc2/rc2_ecb.c b/src/lib/libcrypto/rc2/rc2_ecb.c
deleted file mode 100644
index d3e8c2718a..0000000000
--- a/src/lib/libcrypto/rc2/rc2_ecb.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/rc2/rc2_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-#include <openssl/opensslv.h>
-
-const char *RC2_version="RC2" OPENSSL_VERSION_PTEXT;
-
-/* RC2 as implemented frm a posting from
- * Newsgroups: sci.crypt
- * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
- * Subject: Specification for Ron Rivests Cipher No.2
- * Message-ID: <4fk39f$f70@net.auckland.ac.nz>
- * Date: 11 Feb 1996 06:45:03 GMT
- */
-
-void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *ks,
- int encrypt)
- {
- unsigned long l,d[2];
-
- c2l(in,l); d[0]=l;
- c2l(in,l); d[1]=l;
- if (encrypt)
- RC2_encrypt(d,ks);
- else
- RC2_decrypt(d,ks);
- l=d[0]; l2c(l,out);
- l=d[1]; l2c(l,out);
- l=d[0]=d[1]=0;
- }
-
diff --git a/src/lib/libcrypto/rc2/rc2_locl.h b/src/lib/libcrypto/rc2/rc2_locl.h
deleted file mode 100644
index 565cd17619..0000000000
--- a/src/lib/libcrypto/rc2/rc2_locl.h
+++ /dev/null
@@ -1,156 +0,0 @@
-/* crypto/rc2/rc2_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#undef c2l
-#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
- case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
- case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
- case 5: l2|=((unsigned long)(*(--(c)))); \
- case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
- case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
- case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
- case 1: l1|=((unsigned long)(*(--(c)))); \
- } \
- }
-
-#undef l2c
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
- } \
- }
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c)))) ; \
- case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
- case 6: l2|=((unsigned long)(*(--(c))))<<16; \
- case 5: l2|=((unsigned long)(*(--(c))))<<24; \
- case 4: l1 =((unsigned long)(*(--(c)))) ; \
- case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
- case 2: l1|=((unsigned long)(*(--(c))))<<16; \
- case 1: l1|=((unsigned long)(*(--(c))))<<24; \
- } \
- }
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
- } \
- }
-
-#undef n2l
-#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-#define C_RC2(n) \
- t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \
- x0=(t<<1)|(t>>15); \
- t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \
- x1=(t<<2)|(t>>14); \
- t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \
- x2=(t<<3)|(t>>13); \
- t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \
- x3=(t<<5)|(t>>11);
-
diff --git a/src/lib/libcrypto/rc2/rc2_skey.c b/src/lib/libcrypto/rc2/rc2_skey.c
deleted file mode 100644
index cab3080c73..0000000000
--- a/src/lib/libcrypto/rc2/rc2_skey.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/* crypto/rc2/rc2_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-static unsigned char key_table[256]={
- 0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79,
- 0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e,
- 0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5,
- 0x87,0xb3,0x4f,0x13,0x61,0x45,0x6d,0x8d,0x09,0x81,0x7d,0x32,
- 0xbd,0x8f,0x40,0xeb,0x86,0xb7,0x7b,0x0b,0xf0,0x95,0x21,0x22,
- 0x5c,0x6b,0x4e,0x82,0x54,0xd6,0x65,0x93,0xce,0x60,0xb2,0x1c,
- 0x73,0x56,0xc0,0x14,0xa7,0x8c,0xf1,0xdc,0x12,0x75,0xca,0x1f,
- 0x3b,0xbe,0xe4,0xd1,0x42,0x3d,0xd4,0x30,0xa3,0x3c,0xb6,0x26,
- 0x6f,0xbf,0x0e,0xda,0x46,0x69,0x07,0x57,0x27,0xf2,0x1d,0x9b,
- 0xbc,0x94,0x43,0x03,0xf8,0x11,0xc7,0xf6,0x90,0xef,0x3e,0xe7,
- 0x06,0xc3,0xd5,0x2f,0xc8,0x66,0x1e,0xd7,0x08,0xe8,0xea,0xde,
- 0x80,0x52,0xee,0xf7,0x84,0xaa,0x72,0xac,0x35,0x4d,0x6a,0x2a,
- 0x96,0x1a,0xd2,0x71,0x5a,0x15,0x49,0x74,0x4b,0x9f,0xd0,0x5e,
- 0x04,0x18,0xa4,0xec,0xc2,0xe0,0x41,0x6e,0x0f,0x51,0xcb,0xcc,
- 0x24,0x91,0xaf,0x50,0xa1,0xf4,0x70,0x39,0x99,0x7c,0x3a,0x85,
- 0x23,0xb8,0xb4,0x7a,0xfc,0x02,0x36,0x5b,0x25,0x55,0x97,0x31,
- 0x2d,0x5d,0xfa,0x98,0xe3,0x8a,0x92,0xae,0x05,0xdf,0x29,0x10,
- 0x67,0x6c,0xba,0xc9,0xd3,0x00,0xe6,0xcf,0xe1,0x9e,0xa8,0x2c,
- 0x63,0x16,0x01,0x3f,0x58,0xe2,0x89,0xa9,0x0d,0x38,0x34,0x1b,
- 0xab,0x33,0xff,0xb0,0xbb,0x48,0x0c,0x5f,0xb9,0xb1,0xcd,0x2e,
- 0xc5,0xf3,0xdb,0x47,0xe5,0xa5,0x9c,0x77,0x0a,0xa6,0x20,0x68,
- 0xfe,0x7f,0xc1,0xad,
- };
-
-/* It has come to my attention that there are 2 versions of the RC2
- * key schedule. One which is normal, and anther which has a hook to
- * use a reduced key length.
- * BSAFE uses the 'retarded' version. What I previously shipped is
- * the same as specifying 1024 for the 'bits' parameter. Bsafe uses
- * a version where the bits parameter is the same as len*8 */
-void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
- {
- int i,j;
- unsigned char *k;
- RC2_INT *ki;
- unsigned int c,d;
-
- k= (unsigned char *)&(key->data[0]);
- *k=0; /* for if there is a zero length key */
-
- if (len > 128) len=128;
- if (bits <= 0) bits=1024;
- if (bits > 1024) bits=1024;
-
- for (i=0; i<len; i++)
- k[i]=data[i];
-
- /* expand table */
- d=k[len-1];
- j=0;
- for (i=len; i < 128; i++,j++)
- {
- d=key_table[(k[j]+d)&0xff];
- k[i]=d;
- }
-
- /* hmm.... key reduction to 'bits' bits */
-
- j=(bits+7)>>3;
- i=128-j;
- c= (0xff>>(-bits & 0x07));
-
- d=key_table[k[i]&c];
- k[i]=d;
- while (i--)
- {
- d=key_table[k[i+j]^d];
- k[i]=d;
- }
-
- /* copy from bytes into RC2_INT's */
- ki= &(key->data[63]);
- for (i=127; i>=0; i-=2)
- *(ki--)=((k[i]<<8)|k[i-1])&0xffff;
- }
-
diff --git a/src/lib/libcrypto/rc2/rc2cfb64.c b/src/lib/libcrypto/rc2/rc2cfb64.c
deleted file mode 100644
index b3a0158a6e..0000000000
--- a/src/lib/libcrypto/rc2/rc2cfb64.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/rc2/rc2cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, RC2_KEY *schedule, unsigned char *ivec,
- int *num, int encrypt)
- {
- register unsigned long v0,v1,t;
- register int n= *num;
- register long l=length;
- unsigned long ti[2];
- unsigned char *iv,c,cc;
-
- iv=(unsigned char *)ivec;
- if (encrypt)
- {
- while (l--)
- {
- if (n == 0)
- {
- c2l(iv,v0); ti[0]=v0;
- c2l(iv,v1); ti[1]=v1;
- RC2_encrypt((unsigned long *)ti,schedule);
- iv=(unsigned char *)ivec;
- t=ti[0]; l2c(t,iv);
- t=ti[1]; l2c(t,iv);
- iv=(unsigned char *)ivec;
- }
- c= *(in++)^iv[n];
- *(out++)=c;
- iv[n]=c;
- n=(n+1)&0x07;
- }
- }
- else
- {
- while (l--)
- {
- if (n == 0)
- {
- c2l(iv,v0); ti[0]=v0;
- c2l(iv,v1); ti[1]=v1;
- RC2_encrypt((unsigned long *)ti,schedule);
- iv=(unsigned char *)ivec;
- t=ti[0]; l2c(t,iv);
- t=ti[1]; l2c(t,iv);
- iv=(unsigned char *)ivec;
- }
- cc= *(in++);
- c=iv[n];
- iv[n]=cc;
- *(out++)=c^cc;
- n=(n+1)&0x07;
- }
- }
- v0=v1=ti[0]=ti[1]=t=c=cc=0;
- *num=n;
- }
-
diff --git a/src/lib/libcrypto/rc2/rc2ofb64.c b/src/lib/libcrypto/rc2/rc2ofb64.c
deleted file mode 100644
index 9e297867ed..0000000000
--- a/src/lib/libcrypto/rc2/rc2ofb64.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/rc2/rc2ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, RC2_KEY *schedule, unsigned char *ivec,
- int *num)
- {
- register unsigned long v0,v1,t;
- register int n= *num;
- register long l=length;
- unsigned char d[8];
- register char *dp;
- unsigned long ti[2];
- unsigned char *iv;
- int save=0;
-
- iv=(unsigned char *)ivec;
- c2l(iv,v0);
- c2l(iv,v1);
- ti[0]=v0;
- ti[1]=v1;
- dp=(char *)d;
- l2c(v0,dp);
- l2c(v1,dp);
- while (l--)
- {
- if (n == 0)
- {
- RC2_encrypt((unsigned long *)ti,schedule);
- dp=(char *)d;
- t=ti[0]; l2c(t,dp);
- t=ti[1]; l2c(t,dp);
- save++;
- }
- *(out++)= *(in++)^d[n];
- n=(n+1)&0x07;
- }
- if (save)
- {
- v0=ti[0];
- v1=ti[1];
- iv=(unsigned char *)ivec;
- l2c(v0,iv);
- l2c(v1,iv);
- }
- t=v0=v1=ti[0]=ti[1]=0;
- *num=n;
- }
-
diff --git a/src/lib/libcrypto/rc2/rrc2.doc b/src/lib/libcrypto/rc2/rrc2.doc
deleted file mode 100644
index f93ee003d2..0000000000
--- a/src/lib/libcrypto/rc2/rrc2.doc
+++ /dev/null
@@ -1,219 +0,0 @@
->From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996
-Article 23601 of sci.crypt:
-Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news
->From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
-Newsgroups: sci.crypt
-Subject: Specification for Ron Rivests Cipher No.2
-Date: 11 Feb 1996 06:45:03 GMT
-Organization: University of Auckland
-Lines: 203
-Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
-Message-ID: <4fk39f$f70@net.auckland.ac.nz>
-NNTP-Posting-Host: cs26.cs.auckland.ac.nz
-X-Newsreader: NN version 6.5.0 #3 (NOV)
-
-
-
-
- Ron Rivest's Cipher No.2
- ------------------------
-
-Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may
-refer to it by other names) is word oriented, operating on a block of 64 bits
-divided into four 16-bit words, with a key table of 64 words. All data units
-are little-endian. This functional description of the algorithm is based in
-the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using
-the same general layout, terminology, and pseudocode style.
-
-
-Notation and RRC.2 Primitive Operations
-
-RRC.2 uses the following primitive operations:
-
-1. Two's-complement addition of words, denoted by "+". The inverse operation,
- subtraction, is denoted by "-".
-2. Bitwise exclusive OR, denoted by "^".
-3. Bitwise AND, denoted by "&".
-4. Bitwise NOT, denoted by "~".
-5. A left-rotation of words; the rotation of word x left by y is denoted
- x <<< y. The inverse operation, right-rotation, is denoted x >>> y.
-
-These operations are directly and efficiently supported by most processors.
-
-
-The RRC.2 Algorithm
-
-RRC.2 consists of three components, a *key expansion* algorithm, an
-*encryption* algorithm, and a *decryption* algorithm.
-
-
-Key Expansion
-
-The purpose of the key-expansion routine is to expand the user's key K to fill
-the expanded key array S, so S resembles an array of random binary words
-determined by the user's secret key K.
-
-Initialising the S-box
-
-RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of
-Beale Cipher No.1 XOR'd with a one-time pad. The Beale Ciphers predate modern
-cryptography by enough time that there should be no concerns about trapdoors
-hidden in the data. They have been published widely, and the S-box can be
-easily recreated from the one-time pad values and the Beale Cipher data taken
-from a standard source. To initialise the S-box:
-
- for i = 0 to 255 do
- sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ]
-
-The contents of Beale Cipher No.1 and the necessary one-time pad are given as
-an appendix at the end of this document. For efficiency, implementors may wish
-to skip the Beale Cipher expansion and store the sBox table directly.
-
-Expanding the Secret Key to 128 Bytes
-
-The secret key is first expanded to fill 128 bytes (64 words). The expansion
-consists of taking the sum of the first and last bytes in the user key, looking
-up the sum (modulo 256) in the S-box, and appending the result to the key. The
-operation is repeated with the second byte and new last byte of the key until
-all 128 bytes have been generated. Note that the following pseudocode treats
-the S array as an array of 128 bytes rather than 64 words.
-
- for j = 0 to length-1 do
- S[ j ] = K[ j ]
- for j = length to 127 do
- s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ];
-
-At this point it is possible to perform a truncation of the effective key
-length to ease the creation of espionage-enabled software products. However
-since the author cannot conceive why anyone would want to do this, it will not
-be considered further.
-
-The final phase of the key expansion involves replacing the first byte of S
-with the entry selected from the S-box:
-
- S[ 0 ] = sBox[ S[ 0 ] ]
-
-
-Encryption
-
-The cipher has 16 full rounds, each divided into 4 subrounds. Two of the full
-rounds perform an additional transformation on the data. Note that the
-following pseudocode treats the S array as an array of 64 words rather than 128
-bytes.
-
- for i = 0 to 15 do
- j = i * 4;
- word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1
- word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2
- word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3
- word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5
-
-In addition the fifth and eleventh rounds add the contents of the S-box indexed
-by one of the data words to another of the data words following the four
-subrounds as follows:
-
- word0 = word0 + S[ word3 & 63 ];
- word1 = word1 + S[ word0 & 63 ];
- word2 = word2 + S[ word1 & 63 ];
- word3 = word3 + S[ word2 & 63 ];
-
-
-Decryption
-
-The decryption operation is simply the inverse of the encryption operation.
-Note that the following pseudocode treats the S array as an array of 64 words
-rather than 128 bytes.
-
- for i = 15 downto 0 do
- j = i * 4;
- word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ]
- word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ]
- word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ]
- word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ]
-
-In addition the fifth and eleventh rounds subtract the contents of the S-box
-indexed by one of the data words from another one of the data words following
-the four subrounds as follows:
-
- word3 = word3 - S[ word2 & 63 ]
- word2 = word2 - S[ word1 & 63 ]
- word1 = word1 - S[ word0 & 63 ]
- word0 = word0 - S[ word3 & 63 ]
-
-
-Test Vectors
-
-The following test vectors may be used to test the correctness of an RRC.2
-implementation:
-
- Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
- Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
- Cipher: 0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7
-
- Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
- Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
- Cipher: 0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74
-
- Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
- Plain: 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
- Cipher: 0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E
-
- Key: 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
- Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
- Cipher: 0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31
-
-
-Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for
- Creating the S-Box
-
-Beale Cipher No.1.
-
- 71, 194, 38,1701, 89, 76, 11, 83,1629, 48, 94, 63, 132, 16, 111, 95,
- 84, 341, 975, 14, 40, 64, 27, 81, 139, 213, 63, 90,1120, 8, 15, 3,
- 126,2018, 40, 74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231,
- 124, 211, 486, 225, 401, 370, 11, 101, 305, 139, 189, 17, 33, 88, 208, 193,
- 145, 1, 94, 73, 416, 918, 263, 28, 500, 538, 356, 117, 136, 219, 27, 176,
- 130, 10, 460, 25, 485, 18, 436, 65, 84, 200, 283, 118, 320, 138, 36, 416,
- 280, 15, 71, 224, 961, 44, 16, 401, 39, 88, 61, 304, 12, 21, 24, 283,
- 134, 92, 63, 246, 486, 682, 7, 219, 184, 360, 780, 18, 64, 463, 474, 131,
- 160, 79, 73, 440, 95, 18, 64, 581, 34, 69, 128, 367, 460, 17, 81, 12,
- 103, 820, 62, 110, 97, 103, 862, 70, 60,1317, 471, 540, 208, 121, 890, 346,
- 36, 150, 59, 568, 614, 13, 120, 63, 219, 812,2160,1780, 99, 35, 18, 21,
- 136, 872, 15, 28, 170, 88, 4, 30, 44, 112, 18, 147, 436, 195, 320, 37,
- 122, 113, 6, 140, 8, 120, 305, 42, 58, 461, 44, 106, 301, 13, 408, 680,
- 93, 86, 116, 530, 82, 568, 9, 102, 38, 416, 89, 71, 216, 728, 965, 818,
- 2, 38, 121, 195, 14, 326, 148, 234, 18, 55, 131, 234, 361, 824, 5, 81,
- 623, 48, 961, 19, 26, 33, 10,1101, 365, 92, 88, 181, 275, 346, 201, 206
-
-One-time Pad.
-
- 158, 186, 223, 97, 64, 145, 190, 190, 117, 217, 163, 70, 206, 176, 183, 194,
- 146, 43, 248, 141, 3, 54, 72, 223, 233, 153, 91, 210, 36, 131, 244, 161,
- 105, 120, 113, 191, 113, 86, 19, 245, 213, 221, 43, 27, 242, 157, 73, 213,
- 193, 92, 166, 10, 23, 197, 112, 110, 193, 30, 156, 51, 125, 51, 158, 67,
- 197, 215, 59, 218, 110, 246, 181, 0, 135, 76, 164, 97, 47, 87, 234, 108,
- 144, 127, 6, 6, 222, 172, 80, 144, 22, 245, 207, 70, 227, 182, 146, 134,
- 119, 176, 73, 58, 135, 69, 23, 198, 0, 170, 32, 171, 176, 129, 91, 24,
- 126, 77, 248, 0, 118, 69, 57, 60, 190, 171, 217, 61, 136, 169, 196, 84,
- 168, 167, 163, 102, 223, 64, 174, 178, 166, 239, 242, 195, 249, 92, 59, 38,
- 241, 46, 236, 31, 59, 114, 23, 50, 119, 186, 7, 66, 212, 97, 222, 182,
- 230, 118, 122, 86, 105, 92, 179, 243, 255, 189, 223, 164, 194, 215, 98, 44,
- 17, 20, 53, 153, 137, 224, 176, 100, 208, 114, 36, 200, 145, 150, 215, 20,
- 87, 44, 252, 20, 235, 242, 163, 132, 63, 18, 5, 122, 74, 97, 34, 97,
- 142, 86, 146, 221, 179, 166, 161, 74, 69, 182, 88, 120, 128, 58, 76, 155,
- 15, 30, 77, 216, 165, 117, 107, 90, 169, 127, 143, 181, 208, 137, 200, 127,
- 170, 195, 26, 84, 255, 132, 150, 58, 103, 250, 120, 221, 237, 37, 8, 99
-
-
-Implementation
-
-A non-US based programmer who has never seen any encryption code before will
-shortly be implementing RRC.2 based solely on this specification and not on
-knowledge of any other encryption algorithms. Stand by.
-
-
-
diff --git a/src/lib/libcrypto/rc2/version b/src/lib/libcrypto/rc2/version
deleted file mode 100644
index 6f89d595f1..0000000000
--- a/src/lib/libcrypto/rc2/version
+++ /dev/null
@@ -1,22 +0,0 @@
-1.1 23/08/96 - eay
- Changed RC2_set_key() so it now takes another argument. Many
- thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the
- clarification and origional specification of RC2. BSAFE uses
- this last parameter, 'bits'. It the key is 128 bits, BSAFE
- also sets this parameter to 128. The old behaviour can be
- duplicated by setting this parameter to 1024.
-
-1.0 08/04/96 - eay
- First version of SSLeay with rc2. This has been written from the spec
- posted sci.crypt. It is in this directory under rrc2.doc
- I have no test values for any mode other than ecb, my wrappers for the
- other modes should be ok since they are basically the same as
- the ones taken from idea and des :-). I have implemented them as
- little-endian operators.
- While rc2 is included because it is used with SSL, I don't know how
- far I trust it. It is about the same speed as IDEA and DES.
- So if you are paranoid, used Tripple DES, else IDEA. If RC2
- does get used more, perhaps more people will look for weaknesses in
- it.
-
-
diff --git a/src/lib/libcrypto/rc4/asm/rc4-586.pl b/src/lib/libcrypto/rc4/asm/rc4-586.pl
deleted file mode 100644
index 7ef889e5a1..0000000000
--- a/src/lib/libcrypto/rc4/asm/rc4-586.pl
+++ /dev/null
@@ -1,173 +0,0 @@
-#!/usr/local/bin/perl
-
-# define for pentium pro friendly version
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"rc4-586.pl");
-
-$tx="eax";
-$ty="ebx";
-$x="ecx";
-$y="edx";
-$in="esi";
-$out="edi";
-$d="ebp";
-
-&RC4("RC4");
-
-&asm_finish();
-
-sub RC4_loop
- {
- local($n,$p,$char)=@_;
-
- &comment("Round $n");
-
- if ($char)
- {
- if ($p >= 0)
- {
- &mov($ty, &swtmp(2));
- &cmp($ty, $in);
- &jle(&label("finished"));
- &inc($in);
- }
- else
- {
- &add($ty, 8);
- &inc($in);
- &cmp($ty, $in);
- &jl(&label("finished"));
- &mov(&swtmp(2), $ty);
- }
- }
- # Moved out
- # &mov( $tx, &DWP(0,$d,$x,4)) if $p < 0;
-
- &add( $y, $tx);
- &and( $y, 0xff);
- &inc( $x); # NEXT ROUND
- &mov( $ty, &DWP(0,$d,$y,4));
- # XXX
- &mov( &DWP(-4,$d,$x,4),$ty); # AGI
- &add( $ty, $tx);
- &and( $x, 0xff); # NEXT ROUND
- &and( $ty, 0xff);
- &mov( &DWP(0,$d,$y,4),$tx);
- &nop();
- &mov( $ty, &DWP(0,$d,$ty,4));
- &mov( $tx, &DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND
- # XXX
-
- if (!$char)
- {
- #moved up into last round
- if ($p >= 1)
- {
- &add( $out, 8)
- }
- &movb( &BP($n,"esp","",0), &LB($ty));
- }
- else
- {
- # Note in+=8 has occured
- &movb( &HB($ty), &BP(-1,$in,"",0));
- # XXX
- &xorb(&LB($ty), &HB($ty));
- # XXX
- &movb(&BP($n,$out,"",0),&LB($ty));
- }
- }
-
-
-sub RC4
- {
- local($name)=@_;
-
- &function_begin_B($name,"");
-
- &comment("");
-
- &push("ebp");
- &push("ebx");
- &mov( $d, &wparam(0)); # key
- &mov( $ty, &wparam(1)); # num
- &push("esi");
- &push("edi");
-
- &mov( $x, &DWP(0,$d,"",1));
- &mov( $y, &DWP(4,$d,"",1));
-
- &mov( $in, &wparam(2));
- &inc( $x);
-
- &stack_push(3); # 3 temp variables
- &add( $d, 8);
- &and( $x, 0xff);
-
- &lea( $ty, &DWP(-8,$ty,$in));
-
- # check for 0 length input
-
- &mov( $out, &wparam(3));
- &mov( &swtmp(2), $ty); # this is now address to exit at
- &mov( $tx, &DWP(0,$d,$x,4));
-
- &cmp( $ty, $in);
- &jl( &label("end")); # less than 8 bytes
-
- &set_label("start");
-
- # filling DELAY SLOT
- &add( $in, 8);
-
- &RC4_loop(0,-1,0);
- &RC4_loop(1,0,0);
- &RC4_loop(2,0,0);
- &RC4_loop(3,0,0);
- &RC4_loop(4,0,0);
- &RC4_loop(5,0,0);
- &RC4_loop(6,0,0);
- &RC4_loop(7,1,0);
-
- &comment("apply the cipher text");
- # xor the cipher data with input
-
- #&add( $out, 8); #moved up into last round
-
- &mov( $tx, &swtmp(0));
- &mov( $ty, &DWP(-8,$in,"",0));
- &xor( $tx, $ty);
- &mov( $ty, &DWP(-4,$in,"",0));
- &mov( &DWP(-8,$out,"",0), $tx);
- &mov( $tx, &swtmp(1));
- &xor( $tx, $ty);
- &mov( $ty, &swtmp(2)); # load end ptr;
- &mov( &DWP(-4,$out,"",0), $tx);
- &mov( $tx, &DWP(0,$d,$x,4));
- &cmp($in, $ty);
- &jle(&label("start"));
-
- &set_label("end");
-
- # There is quite a bit of extra crap in RC4_loop() for this
- # first round
- &RC4_loop(0,-1,1);
- &RC4_loop(1,0,1);
- &RC4_loop(2,0,1);
- &RC4_loop(3,0,1);
- &RC4_loop(4,0,1);
- &RC4_loop(5,0,1);
- &RC4_loop(6,1,1);
-
- &set_label("finished");
- &dec( $x);
- &stack_pop(3);
- &mov( &DWP(-4,$d,"",0),$y);
- &movb( &BP(-8,$d,"",0),&LB($x));
-
- &function_end($name);
- }
-
diff --git a/src/lib/libcrypto/rc4/rc4.h b/src/lib/libcrypto/rc4/rc4.h
deleted file mode 100644
index 40251024a4..0000000000
--- a/src/lib/libcrypto/rc4/rc4.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/rc4/rc4.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC4_H
-#define HEADER_RC4_H
-
-#ifdef NO_RC4
-#error RC4 is disabled.
-#endif
-
-#include <openssl/opensslconf.h> /* RC4_INT */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct rc4_key_st
- {
- RC4_INT x,y;
- RC4_INT data[256];
- } RC4_KEY;
-
-
-const char *RC4_options(void);
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
-void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
- unsigned char *outdata);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/rc4/rc4_enc.c b/src/lib/libcrypto/rc4/rc4_enc.c
deleted file mode 100644
index d5f18a3a70..0000000000
--- a/src/lib/libcrypto/rc4/rc4_enc.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/* crypto/rc4/rc4_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc4.h>
-#include "rc4_locl.h"
-
-/* RC4 as implemented from a posting from
- * Newsgroups: sci.crypt
- * From: sterndark@netcom.com (David Sterndark)
- * Subject: RC4 Algorithm revealed.
- * Message-ID: <sternCvKL4B.Hyy@netcom.com>
- * Date: Wed, 14 Sep 1994 06:35:31 GMT
- */
-
-void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
- unsigned char *outdata)
- {
- register RC4_INT *d;
- register RC4_INT x,y,tx,ty;
- int i;
-
- x=key->x;
- y=key->y;
- d=key->data;
-
-#if defined(RC4_CHUNK)
- /*
- * The original reason for implementing this(*) was the fact that
- * pre-21164a Alpha CPUs don't have byte load/store instructions
- * and e.g. a byte store has to be done with 64-bit load, shift,
- * and, or and finally 64-bit store. Peaking data and operating
- * at natural word size made it possible to reduce amount of
- * instructions as well as to perform early read-ahead without
- * suffering from RAW (read-after-write) hazard. This resulted
- * in ~40%(**) performance improvement on 21064 box with gcc.
- * But it's not only Alpha users who win here:-) Thanks to the
- * early-n-wide read-ahead this implementation also exhibits
- * >40% speed-up on SPARC and 20-30% on 64-bit MIPS (depending
- * on sizeof(RC4_INT)).
- *
- * (*) "this" means code which recognizes the case when input
- * and output pointers appear to be aligned at natural CPU
- * word boundary
- * (**) i.e. according to 'apps/openssl speed rc4' benchmark,
- * crypto/rc4/rc4speed.c exhibits almost 70% speed-up...
- *
- * Cavets.
- *
- * - RC4_CHUNK="unsigned long long" should be a #1 choice for
- * UltraSPARC. Unfortunately gcc generates very slow code
- * (2.5-3 times slower than one generated by Sun's WorkShop
- * C) and therefore gcc (at least 2.95 and earlier) should
- * always be told that RC4_CHUNK="unsigned long".
- *
- * <appro@fy.chalmers.se>
- */
-
-# define RC4_STEP ( \
- x=(x+1) &0xff, \
- tx=d[x], \
- y=(tx+y)&0xff, \
- ty=d[y], \
- d[y]=tx, \
- d[x]=ty, \
- (RC4_CHUNK)d[(tx+ty)&0xff]\
- )
-
- if ( ( ((unsigned long)indata & (sizeof(RC4_CHUNK)-1)) |
- ((unsigned long)outdata & (sizeof(RC4_CHUNK)-1)) ) == 0 )
- {
- RC4_CHUNK ichunk,otp;
- const union { long one; char little; } is_endian = {1};
-
- /*
- * I reckon we can afford to implement both endian
- * cases and to decide which way to take at run-time
- * because the machine code appears to be very compact
- * and redundant 1-2KB is perfectly tolerable (i.e.
- * in case the compiler fails to eliminate it:-). By
- * suggestion from Terrel Larson <terr@terralogic.net>
- * who also stands for the is_endian union:-)
- *
- * Special notes.
- *
- * - is_endian is declared automatic as doing otherwise
- * (declaring static) prevents gcc from eliminating
- * the redundant code;
- * - compilers (those I've tried) don't seem to have
- * problems eliminating either the operators guarded
- * by "if (sizeof(RC4_CHUNK)==8)" or the condition
- * expressions themselves so I've got 'em to replace
- * corresponding #ifdefs from the previous version;
- * - I chose to let the redundant switch cases when
- * sizeof(RC4_CHUNK)!=8 be (were also #ifdefed
- * before);
- * - in case you wonder "&(sizeof(RC4_CHUNK)*8-1)" in
- * [LB]ESHFT guards against "shift is out of range"
- * warnings when sizeof(RC4_CHUNK)!=8
- *
- * <appro@fy.chalmers.se>
- */
- if (!is_endian.little)
- { /* BIG-ENDIAN CASE */
-# define BESHFT(c) (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1))
- for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK))
- {
- ichunk = *(RC4_CHUNK *)indata;
- otp = RC4_STEP<<BESHFT(0);
- otp |= RC4_STEP<<BESHFT(1);
- otp |= RC4_STEP<<BESHFT(2);
- otp |= RC4_STEP<<BESHFT(3);
- if (sizeof(RC4_CHUNK)==8)
- {
- otp |= RC4_STEP<<BESHFT(4);
- otp |= RC4_STEP<<BESHFT(5);
- otp |= RC4_STEP<<BESHFT(6);
- otp |= RC4_STEP<<BESHFT(7);
- }
- *(RC4_CHUNK *)outdata = otp^ichunk;
- indata += sizeof(RC4_CHUNK);
- outdata += sizeof(RC4_CHUNK);
- }
- if (len)
- {
- RC4_CHUNK mask=(RC4_CHUNK)-1, ochunk;
-
- ichunk = *(RC4_CHUNK *)indata;
- ochunk = *(RC4_CHUNK *)outdata;
- otp = 0;
- i = BESHFT(0);
- mask <<= (sizeof(RC4_CHUNK)-len)<<3;
- switch (len&(sizeof(RC4_CHUNK)-1))
- {
- case 7: otp = RC4_STEP<<i, i-=8;
- case 6: otp |= RC4_STEP<<i, i-=8;
- case 5: otp |= RC4_STEP<<i, i-=8;
- case 4: otp |= RC4_STEP<<i, i-=8;
- case 3: otp |= RC4_STEP<<i, i-=8;
- case 2: otp |= RC4_STEP<<i, i-=8;
- case 1: otp |= RC4_STEP<<i, i-=8;
- case 0: ; /*
- * it's never the case,
- * but it has to be here
- * for ultrix?
- */
- }
- ochunk &= ~mask;
- ochunk |= (otp^ichunk) & mask;
- *(RC4_CHUNK *)outdata = ochunk;
- }
- key->x=x;
- key->y=y;
- return;
- }
- else
- { /* LITTLE-ENDIAN CASE */
-# define LESHFT(c) (((c)*8)&(sizeof(RC4_CHUNK)*8-1))
- for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK))
- {
- ichunk = *(RC4_CHUNK *)indata;
- otp = RC4_STEP;
- otp |= RC4_STEP<<8;
- otp |= RC4_STEP<<16;
- otp |= RC4_STEP<<24;
- if (sizeof(RC4_CHUNK)==8)
- {
- otp |= RC4_STEP<<LESHFT(4);
- otp |= RC4_STEP<<LESHFT(5);
- otp |= RC4_STEP<<LESHFT(6);
- otp |= RC4_STEP<<LESHFT(7);
- }
- *(RC4_CHUNK *)outdata = otp^ichunk;
- indata += sizeof(RC4_CHUNK);
- outdata += sizeof(RC4_CHUNK);
- }
- if (len)
- {
- RC4_CHUNK mask=(RC4_CHUNK)-1, ochunk;
-
- ichunk = *(RC4_CHUNK *)indata;
- ochunk = *(RC4_CHUNK *)outdata;
- otp = 0;
- i = 0;
- mask >>= (sizeof(RC4_CHUNK)-len)<<3;
- switch (len&(sizeof(RC4_CHUNK)-1))
- {
- case 7: otp = RC4_STEP, i+=8;
- case 6: otp |= RC4_STEP<<i, i+=8;
- case 5: otp |= RC4_STEP<<i, i+=8;
- case 4: otp |= RC4_STEP<<i, i+=8;
- case 3: otp |= RC4_STEP<<i, i+=8;
- case 2: otp |= RC4_STEP<<i, i+=8;
- case 1: otp |= RC4_STEP<<i, i+=8;
- case 0: ; /*
- * it's never the case,
- * but it has to be here
- * for ultrix?
- */
- }
- ochunk &= ~mask;
- ochunk |= (otp^ichunk) & mask;
- *(RC4_CHUNK *)outdata = ochunk;
- }
- key->x=x;
- key->y=y;
- return;
- }
- }
-#endif
-#define LOOP(in,out) \
- x=((x+1)&0xff); \
- tx=d[x]; \
- y=(tx+y)&0xff; \
- d[x]=ty=d[y]; \
- d[y]=tx; \
- (out) = d[(tx+ty)&0xff]^ (in);
-
-#ifndef RC4_INDEX
-#define RC4_LOOP(a,b,i) LOOP(*((a)++),*((b)++))
-#else
-#define RC4_LOOP(a,b,i) LOOP(a[i],b[i])
-#endif
-
- i=(int)(len>>3L);
- if (i)
- {
- for (;;)
- {
- RC4_LOOP(indata,outdata,0);
- RC4_LOOP(indata,outdata,1);
- RC4_LOOP(indata,outdata,2);
- RC4_LOOP(indata,outdata,3);
- RC4_LOOP(indata,outdata,4);
- RC4_LOOP(indata,outdata,5);
- RC4_LOOP(indata,outdata,6);
- RC4_LOOP(indata,outdata,7);
-#ifdef RC4_INDEX
- indata+=8;
- outdata+=8;
-#endif
- if (--i == 0) break;
- }
- }
- i=(int)len&0x07;
- if (i)
- {
- for (;;)
- {
- RC4_LOOP(indata,outdata,0); if (--i == 0) break;
- RC4_LOOP(indata,outdata,1); if (--i == 0) break;
- RC4_LOOP(indata,outdata,2); if (--i == 0) break;
- RC4_LOOP(indata,outdata,3); if (--i == 0) break;
- RC4_LOOP(indata,outdata,4); if (--i == 0) break;
- RC4_LOOP(indata,outdata,5); if (--i == 0) break;
- RC4_LOOP(indata,outdata,6); if (--i == 0) break;
- }
- }
- key->x=x;
- key->y=y;
- }
diff --git a/src/lib/libcrypto/rc4/rc4_locl.h b/src/lib/libcrypto/rc4/rc4_locl.h
deleted file mode 100644
index 3bb80b6ce9..0000000000
--- a/src/lib/libcrypto/rc4/rc4_locl.h
+++ /dev/null
@@ -1,4 +0,0 @@
-#ifndef HEADER_RC4_LOCL_H
-#define HEADER_RC4_LOCL_H
-#include <openssl/opensslconf.h>
-#endif
diff --git a/src/lib/libcrypto/rc4/rc4_skey.c b/src/lib/libcrypto/rc4/rc4_skey.c
deleted file mode 100644
index bb10c1ebe2..0000000000
--- a/src/lib/libcrypto/rc4/rc4_skey.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* crypto/rc4/rc4_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc4.h>
-#include "rc4_locl.h"
-#include <openssl/opensslv.h>
-
-const char *RC4_version="RC4" OPENSSL_VERSION_PTEXT;
-
-const char *RC4_options(void)
- {
-#ifdef RC4_INDEX
- if (sizeof(RC4_INT) == 1)
- return("rc4(idx,char)");
- else
- return("rc4(idx,int)");
-#else
- if (sizeof(RC4_INT) == 1)
- return("rc4(ptr,char)");
- else
- return("rc4(ptr,int)");
-#endif
- }
-
-/* RC4 as implemented from a posting from
- * Newsgroups: sci.crypt
- * From: sterndark@netcom.com (David Sterndark)
- * Subject: RC4 Algorithm revealed.
- * Message-ID: <sternCvKL4B.Hyy@netcom.com>
- * Date: Wed, 14 Sep 1994 06:35:31 GMT
- */
-
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
- {
- register RC4_INT tmp;
- register int id1,id2;
- register RC4_INT *d;
- unsigned int i;
-
- d= &(key->data[0]);
- for (i=0; i<256; i++)
- d[i]=i;
- key->x = 0;
- key->y = 0;
- id1=id2=0;
-
-#define SK_LOOP(n) { \
- tmp=d[(n)]; \
- id2 = (data[id1] + tmp + id2) & 0xff; \
- if (++id1 == len) id1=0; \
- d[(n)]=d[id2]; \
- d[id2]=tmp; }
-
- for (i=0; i < 256; i+=4)
- {
- SK_LOOP(i+0);
- SK_LOOP(i+1);
- SK_LOOP(i+2);
- SK_LOOP(i+3);
- }
- }
-
diff --git a/src/lib/libcrypto/ripemd/README b/src/lib/libcrypto/ripemd/README
deleted file mode 100644
index 7097707264..0000000000
--- a/src/lib/libcrypto/ripemd/README
+++ /dev/null
@@ -1,15 +0,0 @@
-RIPEMD-160
-http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
-
-This is my implementation of RIPEMD-160. The pentium assember is a little
-off the pace since I only get 1050 cycles, while the best is 1013.
-I have a few ideas for how to get another 20 or so cycles, but at
-this point I will not bother right now. I belive the trick will be
-to remove my 'copy X array onto stack' until inside the RIP1() finctions the
-first time round. To do this I need another register and will only have one
-temporary one. A bit tricky.... I can also cleanup the saving of the 5 words
-after the first half of the calculation. I should read the origional
-value, add then write. Currently I just save the new and read the origioal.
-I then read both at the end. Bad.
-
-eric (20-Jan-1998)
diff --git a/src/lib/libcrypto/ripemd/asm/rmd-586.pl b/src/lib/libcrypto/ripemd/asm/rmd-586.pl
deleted file mode 100644
index 0ab6f76bff..0000000000
--- a/src/lib/libcrypto/ripemd/asm/rmd-586.pl
+++ /dev/null
@@ -1,590 +0,0 @@
-#!/usr/local/bin/perl
-
-# Normal is the
-# ripemd160_block_asm_host_order(RIPEMD160_CTX *c, ULONG *X,int blocks);
-
-$normal=0;
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-$A="ecx";
-$B="esi";
-$C="edi";
-$D="ebx";
-$E="ebp";
-$tmp1="eax";
-$tmp2="edx";
-
-$KL1=0x5A827999;
-$KL2=0x6ED9EBA1;
-$KL3=0x8F1BBCDC;
-$KL4=0xA953FD4E;
-$KR0=0x50A28BE6;
-$KR1=0x5C4DD124;
-$KR2=0x6D703EF3;
-$KR3=0x7A6D76E9;
-
-
-@wl=( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15,
- 7, 4,13, 1,10, 6,15, 3,12, 0, 9, 5, 2,14,11, 8,
- 3,10,14, 4, 9,15, 8, 1, 2, 7, 0, 6,13,11, 5,12,
- 1, 9,11,10, 0, 8,12, 4,13, 3, 7,15,14, 5, 6, 2,
- 4, 0, 5, 9, 7,12, 2,10,14, 1, 3, 8,11, 6,15,13,
- );
-
-@wr=( 5,14, 7, 0, 9, 2,11, 4,13, 6,15, 8, 1,10, 3,12,
- 6,11, 3, 7, 0,13, 5,10,14,15, 8,12, 4, 9, 1, 2,
- 15, 5, 1, 3, 7,14, 6, 9,11, 8,12, 2,10, 0, 4,13,
- 8, 6, 4, 1, 3,11,15, 0, 5,12, 2,13, 9, 7,10,14,
- 12,15,10, 4, 1, 5, 8, 7, 6, 2,13,14, 0, 3, 9,11,
- );
-
-@sl=( 11,14,15,12, 5, 8, 7, 9,11,13,14,15, 6, 7, 9, 8,
- 7, 6, 8,13,11, 9, 7,15, 7,12,15, 9,11, 7,13,12,
- 11,13, 6, 7,14, 9,13,15,14, 8,13, 6, 5,12, 7, 5,
- 11,12,14,15,14,15, 9, 8, 9,14, 5, 6, 8, 6, 5,12,
- 9,15, 5,11, 6, 8,13,12, 5,12,13,14,11, 8, 5, 6,
- );
-
-@sr=( 8, 9, 9,11,13,15,15, 5, 7, 7, 8,11,14,14,12, 6,
- 9,13,15, 7,12, 8, 9,11, 7, 7,12, 7, 6,15,13,11,
- 9, 7,15,11, 8, 6, 6,14,12,13, 5,14,13,13, 7, 5,
- 15, 5, 8,11,14,14, 6,14, 6, 9,12, 9,12, 5,15, 8,
- 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11,
- );
-
-&ripemd160_block("ripemd160_block_asm_host_order");
-&asm_finish();
-
-sub Xv
- {
- local($n)=@_;
- return(&swtmp($n));
- # tmp on stack
- }
-
-sub Np
- {
- local($p)=@_;
- local(%n)=($A,$E,$B,$A,$C,$B,$D,$C,$E,$D);
- return($n{$p});
- }
-
-sub RIP1
- {
- local($a,$b,$c,$d,$e,$pos,$s,$o,$pos2)=@_;
-
- &comment($p++);
- if ($p & 1)
- {
- #&mov($tmp1, $c) if $o == -1;
- &xor($tmp1, $d) if $o == -1;
- &mov($tmp2, &Xv($pos));
- &xor($tmp1, $b);
- &add($a, $tmp2);
- &rotl($c, 10);
- &add($a, $tmp1);
- &mov($tmp1, &Np($c)); # NEXT
- # XXX
- &rotl($a, $s);
- &add($a, $e);
- }
- else
- {
- &xor($tmp1, $d);
- &mov($tmp2, &Xv($pos));
- &xor($tmp1, $b);
- &add($a, $tmp1);
- &mov($tmp1, &Np($c)) if $o <= 0;
- &mov($tmp1, -1) if $o == 1;
- # XXX if $o == 2;
- &rotl($c, 10);
- &add($a, $tmp2);
- &xor($tmp1, &Np($d)) if $o <= 0;
- &mov($tmp2, &Xv($pos2)) if $o == 1;
- &mov($tmp2, &wparam(0)) if $o == 2;
- &rotl($a, $s);
- &add($a, $e);
- }
- }
-
-sub RIP2
- {
- local($a,$b,$c,$d,$e,$pos,$pos2,$s,$K,$o)=@_;
-
-# XXXXXX
- &comment($p++);
- if ($p & 1)
- {
-# &mov($tmp2, &Xv($pos)) if $o < -1;
-# &mov($tmp1, -1) if $o < -1;
-
- &add($a, $tmp2);
- &mov($tmp2, $c);
- &sub($tmp1, $b);
- &and($tmp2, $b);
- &and($tmp1, $d);
- &or($tmp2, $tmp1);
- &mov($tmp1, &Xv($pos2)) if $o <= 0; # XXXXXXXXXXXXXX
- # XXX
- &rotl($c, 10);
- &lea($a, &DWP($K,$a,$tmp2,1));
- &mov($tmp2, -1) if $o <= 0;
- # XXX
- &rotl($a, $s);
- &add($a, $e);
- }
- else
- {
- # XXX
- &add($a, $tmp1);
- &mov($tmp1, $c);
- &sub($tmp2, $b);
- &and($tmp1, $b);
- &and($tmp2, $d);
- if ($o != 2)
- {
- &or($tmp1, $tmp2);
- &mov($tmp2, &Xv($pos2)) if $o <= 0;
- &mov($tmp2, -1) if $o == 1;
- &rotl($c, 10);
- &lea($a, &DWP($K,$a,$tmp1,1));
- &mov($tmp1, -1) if $o <= 0;
- &sub($tmp2, &Np($c)) if $o == 1;
- } else {
- &or($tmp2, $tmp1);
- &mov($tmp1, &Np($c));
- &rotl($c, 10);
- &lea($a, &DWP($K,$a,$tmp2,1));
- &xor($tmp1, &Np($d));
- }
- &rotl($a, $s);
- &add($a, $e);
- }
- }
-
-sub RIP3
- {
- local($a,$b,$c,$d,$e,$pos,$s,$K,$o,$pos2)=@_;
-
- &comment($p++);
- if ($p & 1)
- {
-# &mov($tmp2, -1) if $o < -1;
-# &sub($tmp2, $c) if $o < -1;
- &mov($tmp1, &Xv($pos));
- &or($tmp2, $b);
- &add($a, $tmp1);
- &xor($tmp2, $d);
- &mov($tmp1, -1) if $o <= 0; # NEXT
- # XXX
- &rotl($c, 10);
- &lea($a, &DWP($K,$a,$tmp2,1));
- &sub($tmp1, &Np($c)) if $o <= 0; # NEXT
- # XXX
- &rotl($a, $s);
- &add($a, $e);
- }
- else
- {
- &mov($tmp2, &Xv($pos));
- &or($tmp1, $b);
- &add($a, $tmp2);
- &xor($tmp1, $d);
- &mov($tmp2, -1) if $o <= 0; # NEXT
- &mov($tmp2, -1) if $o == 1;
- &mov($tmp2, &Xv($pos2)) if $o == 2;
- &rotl($c, 10);
- &lea($a, &DWP($K,$a,$tmp1,1));
- &sub($tmp2, &Np($c)) if $o <= 0; # NEXT
- &mov($tmp1, &Np($d)) if $o == 1;
- &mov($tmp1, -1) if $o == 2;
- &rotl($a, $s);
- &add($a, $e);
- }
- }
-
-sub RIP4
- {
- local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
-
- &comment($p++);
- if ($p & 1)
- {
-# &mov($tmp2, -1) if $o == -2;
-# &mov($tmp1, $d) if $o == -2;
- &sub($tmp2, $d);
- &and($tmp1, $b);
- &and($tmp2, $c);
- &or($tmp2, $tmp1);
- &mov($tmp1, &Xv($pos));
- &rotl($c, 10);
- &lea($a, &DWP($K,$a,$tmp2));
- &mov($tmp2, -1) unless $o > 0; # NEXT
- # XXX
- &add($a, $tmp1);
- &mov($tmp1, &Np($d)) unless $o > 0; # NEXT
- # XXX
- &rotl($a, $s);
- &add($a, $e);
- }
- else
- {
- &sub($tmp2, $d);
- &and($tmp1, $b);
- &and($tmp2, $c);
- &or($tmp2, $tmp1);
- &mov($tmp1, &Xv($pos));
- &rotl($c, 10);
- &lea($a, &DWP($K,$a,$tmp2));
- &mov($tmp2, -1) if $o == 0; # NEXT
- &mov($tmp2, -1) if $o == 1;
- &mov($tmp2, -1) if $o == 2;
- # XXX
- &add($a, $tmp1);
- &mov($tmp1, &Np($d)) if $o == 0; # NEXT
- &sub($tmp2, &Np($d)) if $o == 1;
- &sub($tmp2, &Np($c)) if $o == 2;
- # XXX
- &rotl($a, $s);
- &add($a, $e);
- }
- }
-
-sub RIP5
- {
- local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
-
- &comment($p++);
- if ($p & 1)
- {
- &mov($tmp2, -1) if $o == -2;
- &sub($tmp2, $d) if $o == -2;
- &mov($tmp1, &Xv($pos));
- &or($tmp2, $c);
- &add($a, $tmp1);
- &xor($tmp2, $b);
- &mov($tmp1, -1) if $o <= 0;
- # XXX
- &rotl($c, 10);
- &lea($a, &DWP($K,$a,$tmp2,1));
- &sub($tmp1, &Np($d)) if $o <= 0;
- # XXX
- &rotl($a, $s);
- &add($a, $e);
- }
- else
- {
- &mov($tmp2, &Xv($pos));
- &or($tmp1, $c);
- &add($a, $tmp2);
- &xor($tmp1, $b);
- &mov($tmp2, -1) if $o <= 0;
- &mov($tmp2, &wparam(0)) if $o == 1; # Middle code
- &mov($tmp2, -1) if $o == 2;
- &rotl($c, 10);
- &lea($a, &DWP($K,$a,$tmp1,1));
- &sub($tmp2, &Np($d)) if $o <= 0;
- &mov(&swtmp(16), $A) if $o == 1;
- &mov($tmp1, &Np($d)) if $o == 2;
- &rotl($a, $s);
- &add($a, $e);
- }
- }
-
-sub ripemd160_block
- {
- local($name)=@_;
-
- &function_begin_B($name,"",3);
-
- # parameter 1 is the RIPEMD160_CTX structure.
- # A 0
- # B 4
- # C 8
- # D 12
- # E 16
-
- &mov($tmp2, &wparam(0));
- &mov($tmp1, &wparam(1));
- &push("esi");
- &mov($A, &DWP( 0,$tmp2,"",0));
- &push("edi");
- &mov($B, &DWP( 4,$tmp2,"",0));
- &push("ebp");
- &mov($C, &DWP( 8,$tmp2,"",0));
- &push("ebx");
- &stack_push(16+5+6);
- # Special comment about the figure of 6.
- # Idea is to pad the current frame so
- # that the top of the stack gets fairly
- # aligned. Well, as you realize it would
- # always depend on how the frame below is
- # aligned. The good news are that gcc-2.95
- # and later does keep first argument at
- # least double-wise aligned.
- # <appro@fy.chalmers.se>
-
- &set_label("start") unless $normal;
- &comment("");
-
- # &mov($tmp1, &wparam(1)); # Done at end of loop
- # &mov($tmp2, &wparam(0)); # Done at end of loop
-
- for ($z=0; $z<16; $z+=2)
- {
- &mov($D, &DWP( $z*4,$tmp1,"",0));
- &mov($E, &DWP( ($z+1)*4,$tmp1,"",0));
- &mov(&swtmp($z), $D);
- &mov(&swtmp($z+1), $E);
- }
- &mov($tmp1, $C);
- &mov($D, &DWP(12,$tmp2,"",0));
- &mov($E, &DWP(16,$tmp2,"",0));
-
- &RIP1($A,$B,$C,$D,$E,$wl[ 0],$sl[ 0],-1);
- &RIP1($E,$A,$B,$C,$D,$wl[ 1],$sl[ 1],0);
- &RIP1($D,$E,$A,$B,$C,$wl[ 2],$sl[ 2],0);
- &RIP1($C,$D,$E,$A,$B,$wl[ 3],$sl[ 3],0);
- &RIP1($B,$C,$D,$E,$A,$wl[ 4],$sl[ 4],0);
- &RIP1($A,$B,$C,$D,$E,$wl[ 5],$sl[ 5],0);
- &RIP1($E,$A,$B,$C,$D,$wl[ 6],$sl[ 6],0);
- &RIP1($D,$E,$A,$B,$C,$wl[ 7],$sl[ 7],0);
- &RIP1($C,$D,$E,$A,$B,$wl[ 8],$sl[ 8],0);
- &RIP1($B,$C,$D,$E,$A,$wl[ 9],$sl[ 9],0);
- &RIP1($A,$B,$C,$D,$E,$wl[10],$sl[10],0);
- &RIP1($E,$A,$B,$C,$D,$wl[11],$sl[11],0);
- &RIP1($D,$E,$A,$B,$C,$wl[12],$sl[12],0);
- &RIP1($C,$D,$E,$A,$B,$wl[13],$sl[13],0);
- &RIP1($B,$C,$D,$E,$A,$wl[14],$sl[14],0);
- &RIP1($A,$B,$C,$D,$E,$wl[15],$sl[15],1,$wl[16]);
-
- &RIP2($E,$A,$B,$C,$D,$wl[16],$wl[17],$sl[16],$KL1,-1);
- &RIP2($D,$E,$A,$B,$C,$wl[17],$wl[18],$sl[17],$KL1,0);
- &RIP2($C,$D,$E,$A,$B,$wl[18],$wl[19],$sl[18],$KL1,0);
- &RIP2($B,$C,$D,$E,$A,$wl[19],$wl[20],$sl[19],$KL1,0);
- &RIP2($A,$B,$C,$D,$E,$wl[20],$wl[21],$sl[20],$KL1,0);
- &RIP2($E,$A,$B,$C,$D,$wl[21],$wl[22],$sl[21],$KL1,0);
- &RIP2($D,$E,$A,$B,$C,$wl[22],$wl[23],$sl[22],$KL1,0);
- &RIP2($C,$D,$E,$A,$B,$wl[23],$wl[24],$sl[23],$KL1,0);
- &RIP2($B,$C,$D,$E,$A,$wl[24],$wl[25],$sl[24],$KL1,0);
- &RIP2($A,$B,$C,$D,$E,$wl[25],$wl[26],$sl[25],$KL1,0);
- &RIP2($E,$A,$B,$C,$D,$wl[26],$wl[27],$sl[26],$KL1,0);
- &RIP2($D,$E,$A,$B,$C,$wl[27],$wl[28],$sl[27],$KL1,0);
- &RIP2($C,$D,$E,$A,$B,$wl[28],$wl[29],$sl[28],$KL1,0);
- &RIP2($B,$C,$D,$E,$A,$wl[29],$wl[30],$sl[29],$KL1,0);
- &RIP2($A,$B,$C,$D,$E,$wl[30],$wl[31],$sl[30],$KL1,0);
- &RIP2($E,$A,$B,$C,$D,$wl[31],$wl[32],$sl[31],$KL1,1);
-
- &RIP3($D,$E,$A,$B,$C,$wl[32],$sl[32],$KL2,-1);
- &RIP3($C,$D,$E,$A,$B,$wl[33],$sl[33],$KL2,0);
- &RIP3($B,$C,$D,$E,$A,$wl[34],$sl[34],$KL2,0);
- &RIP3($A,$B,$C,$D,$E,$wl[35],$sl[35],$KL2,0);
- &RIP3($E,$A,$B,$C,$D,$wl[36],$sl[36],$KL2,0);
- &RIP3($D,$E,$A,$B,$C,$wl[37],$sl[37],$KL2,0);
- &RIP3($C,$D,$E,$A,$B,$wl[38],$sl[38],$KL2,0);
- &RIP3($B,$C,$D,$E,$A,$wl[39],$sl[39],$KL2,0);
- &RIP3($A,$B,$C,$D,$E,$wl[40],$sl[40],$KL2,0);
- &RIP3($E,$A,$B,$C,$D,$wl[41],$sl[41],$KL2,0);
- &RIP3($D,$E,$A,$B,$C,$wl[42],$sl[42],$KL2,0);
- &RIP3($C,$D,$E,$A,$B,$wl[43],$sl[43],$KL2,0);
- &RIP3($B,$C,$D,$E,$A,$wl[44],$sl[44],$KL2,0);
- &RIP3($A,$B,$C,$D,$E,$wl[45],$sl[45],$KL2,0);
- &RIP3($E,$A,$B,$C,$D,$wl[46],$sl[46],$KL2,0);
- &RIP3($D,$E,$A,$B,$C,$wl[47],$sl[47],$KL2,1);
-
- &RIP4($C,$D,$E,$A,$B,$wl[48],$sl[48],$KL3,-1);
- &RIP4($B,$C,$D,$E,$A,$wl[49],$sl[49],$KL3,0);
- &RIP4($A,$B,$C,$D,$E,$wl[50],$sl[50],$KL3,0);
- &RIP4($E,$A,$B,$C,$D,$wl[51],$sl[51],$KL3,0);
- &RIP4($D,$E,$A,$B,$C,$wl[52],$sl[52],$KL3,0);
- &RIP4($C,$D,$E,$A,$B,$wl[53],$sl[53],$KL3,0);
- &RIP4($B,$C,$D,$E,$A,$wl[54],$sl[54],$KL3,0);
- &RIP4($A,$B,$C,$D,$E,$wl[55],$sl[55],$KL3,0);
- &RIP4($E,$A,$B,$C,$D,$wl[56],$sl[56],$KL3,0);
- &RIP4($D,$E,$A,$B,$C,$wl[57],$sl[57],$KL3,0);
- &RIP4($C,$D,$E,$A,$B,$wl[58],$sl[58],$KL3,0);
- &RIP4($B,$C,$D,$E,$A,$wl[59],$sl[59],$KL3,0);
- &RIP4($A,$B,$C,$D,$E,$wl[60],$sl[60],$KL3,0);
- &RIP4($E,$A,$B,$C,$D,$wl[61],$sl[61],$KL3,0);
- &RIP4($D,$E,$A,$B,$C,$wl[62],$sl[62],$KL3,0);
- &RIP4($C,$D,$E,$A,$B,$wl[63],$sl[63],$KL3,1);
-
- &RIP5($B,$C,$D,$E,$A,$wl[64],$sl[64],$KL4,-1);
- &RIP5($A,$B,$C,$D,$E,$wl[65],$sl[65],$KL4,0);
- &RIP5($E,$A,$B,$C,$D,$wl[66],$sl[66],$KL4,0);
- &RIP5($D,$E,$A,$B,$C,$wl[67],$sl[67],$KL4,0);
- &RIP5($C,$D,$E,$A,$B,$wl[68],$sl[68],$KL4,0);
- &RIP5($B,$C,$D,$E,$A,$wl[69],$sl[69],$KL4,0);
- &RIP5($A,$B,$C,$D,$E,$wl[70],$sl[70],$KL4,0);
- &RIP5($E,$A,$B,$C,$D,$wl[71],$sl[71],$KL4,0);
- &RIP5($D,$E,$A,$B,$C,$wl[72],$sl[72],$KL4,0);
- &RIP5($C,$D,$E,$A,$B,$wl[73],$sl[73],$KL4,0);
- &RIP5($B,$C,$D,$E,$A,$wl[74],$sl[74],$KL4,0);
- &RIP5($A,$B,$C,$D,$E,$wl[75],$sl[75],$KL4,0);
- &RIP5($E,$A,$B,$C,$D,$wl[76],$sl[76],$KL4,0);
- &RIP5($D,$E,$A,$B,$C,$wl[77],$sl[77],$KL4,0);
- &RIP5($C,$D,$E,$A,$B,$wl[78],$sl[78],$KL4,0);
- &RIP5($B,$C,$D,$E,$A,$wl[79],$sl[79],$KL4,1);
-
- # &mov($tmp2, &wparam(0)); # moved into last RIP5
- # &mov(&swtmp(16), $A);
- &mov($A, &DWP( 0,$tmp2,"",0));
- &mov(&swtmp(16+1), $B);
- &mov(&swtmp(16+2), $C);
- &mov($B, &DWP( 4,$tmp2,"",0));
- &mov(&swtmp(16+3), $D);
- &mov($C, &DWP( 8,$tmp2,"",0));
- &mov(&swtmp(16+4), $E);
- &mov($D, &DWP(12,$tmp2,"",0));
- &mov($E, &DWP(16,$tmp2,"",0));
-
- &RIP5($A,$B,$C,$D,$E,$wr[ 0],$sr[ 0],$KR0,-2);
- &RIP5($E,$A,$B,$C,$D,$wr[ 1],$sr[ 1],$KR0,0);
- &RIP5($D,$E,$A,$B,$C,$wr[ 2],$sr[ 2],$KR0,0);
- &RIP5($C,$D,$E,$A,$B,$wr[ 3],$sr[ 3],$KR0,0);
- &RIP5($B,$C,$D,$E,$A,$wr[ 4],$sr[ 4],$KR0,0);
- &RIP5($A,$B,$C,$D,$E,$wr[ 5],$sr[ 5],$KR0,0);
- &RIP5($E,$A,$B,$C,$D,$wr[ 6],$sr[ 6],$KR0,0);
- &RIP5($D,$E,$A,$B,$C,$wr[ 7],$sr[ 7],$KR0,0);
- &RIP5($C,$D,$E,$A,$B,$wr[ 8],$sr[ 8],$KR0,0);
- &RIP5($B,$C,$D,$E,$A,$wr[ 9],$sr[ 9],$KR0,0);
- &RIP5($A,$B,$C,$D,$E,$wr[10],$sr[10],$KR0,0);
- &RIP5($E,$A,$B,$C,$D,$wr[11],$sr[11],$KR0,0);
- &RIP5($D,$E,$A,$B,$C,$wr[12],$sr[12],$KR0,0);
- &RIP5($C,$D,$E,$A,$B,$wr[13],$sr[13],$KR0,0);
- &RIP5($B,$C,$D,$E,$A,$wr[14],$sr[14],$KR0,0);
- &RIP5($A,$B,$C,$D,$E,$wr[15],$sr[15],$KR0,2);
-
- &RIP4($E,$A,$B,$C,$D,$wr[16],$sr[16],$KR1,-2);
- &RIP4($D,$E,$A,$B,$C,$wr[17],$sr[17],$KR1,0);
- &RIP4($C,$D,$E,$A,$B,$wr[18],$sr[18],$KR1,0);
- &RIP4($B,$C,$D,$E,$A,$wr[19],$sr[19],$KR1,0);
- &RIP4($A,$B,$C,$D,$E,$wr[20],$sr[20],$KR1,0);
- &RIP4($E,$A,$B,$C,$D,$wr[21],$sr[21],$KR1,0);
- &RIP4($D,$E,$A,$B,$C,$wr[22],$sr[22],$KR1,0);
- &RIP4($C,$D,$E,$A,$B,$wr[23],$sr[23],$KR1,0);
- &RIP4($B,$C,$D,$E,$A,$wr[24],$sr[24],$KR1,0);
- &RIP4($A,$B,$C,$D,$E,$wr[25],$sr[25],$KR1,0);
- &RIP4($E,$A,$B,$C,$D,$wr[26],$sr[26],$KR1,0);
- &RIP4($D,$E,$A,$B,$C,$wr[27],$sr[27],$KR1,0);
- &RIP4($C,$D,$E,$A,$B,$wr[28],$sr[28],$KR1,0);
- &RIP4($B,$C,$D,$E,$A,$wr[29],$sr[29],$KR1,0);
- &RIP4($A,$B,$C,$D,$E,$wr[30],$sr[30],$KR1,0);
- &RIP4($E,$A,$B,$C,$D,$wr[31],$sr[31],$KR1,2);
-
- &RIP3($D,$E,$A,$B,$C,$wr[32],$sr[32],$KR2,-2);
- &RIP3($C,$D,$E,$A,$B,$wr[33],$sr[33],$KR2,0);
- &RIP3($B,$C,$D,$E,$A,$wr[34],$sr[34],$KR2,0);
- &RIP3($A,$B,$C,$D,$E,$wr[35],$sr[35],$KR2,0);
- &RIP3($E,$A,$B,$C,$D,$wr[36],$sr[36],$KR2,0);
- &RIP3($D,$E,$A,$B,$C,$wr[37],$sr[37],$KR2,0);
- &RIP3($C,$D,$E,$A,$B,$wr[38],$sr[38],$KR2,0);
- &RIP3($B,$C,$D,$E,$A,$wr[39],$sr[39],$KR2,0);
- &RIP3($A,$B,$C,$D,$E,$wr[40],$sr[40],$KR2,0);
- &RIP3($E,$A,$B,$C,$D,$wr[41],$sr[41],$KR2,0);
- &RIP3($D,$E,$A,$B,$C,$wr[42],$sr[42],$KR2,0);
- &RIP3($C,$D,$E,$A,$B,$wr[43],$sr[43],$KR2,0);
- &RIP3($B,$C,$D,$E,$A,$wr[44],$sr[44],$KR2,0);
- &RIP3($A,$B,$C,$D,$E,$wr[45],$sr[45],$KR2,0);
- &RIP3($E,$A,$B,$C,$D,$wr[46],$sr[46],$KR2,0);
- &RIP3($D,$E,$A,$B,$C,$wr[47],$sr[47],$KR2,2,$wr[48]);
-
- &RIP2($C,$D,$E,$A,$B,$wr[48],$wr[49],$sr[48],$KR3,-2);
- &RIP2($B,$C,$D,$E,$A,$wr[49],$wr[50],$sr[49],$KR3,0);
- &RIP2($A,$B,$C,$D,$E,$wr[50],$wr[51],$sr[50],$KR3,0);
- &RIP2($E,$A,$B,$C,$D,$wr[51],$wr[52],$sr[51],$KR3,0);
- &RIP2($D,$E,$A,$B,$C,$wr[52],$wr[53],$sr[52],$KR3,0);
- &RIP2($C,$D,$E,$A,$B,$wr[53],$wr[54],$sr[53],$KR3,0);
- &RIP2($B,$C,$D,$E,$A,$wr[54],$wr[55],$sr[54],$KR3,0);
- &RIP2($A,$B,$C,$D,$E,$wr[55],$wr[56],$sr[55],$KR3,0);
- &RIP2($E,$A,$B,$C,$D,$wr[56],$wr[57],$sr[56],$KR3,0);
- &RIP2($D,$E,$A,$B,$C,$wr[57],$wr[58],$sr[57],$KR3,0);
- &RIP2($C,$D,$E,$A,$B,$wr[58],$wr[59],$sr[58],$KR3,0);
- &RIP2($B,$C,$D,$E,$A,$wr[59],$wr[60],$sr[59],$KR3,0);
- &RIP2($A,$B,$C,$D,$E,$wr[60],$wr[61],$sr[60],$KR3,0);
- &RIP2($E,$A,$B,$C,$D,$wr[61],$wr[62],$sr[61],$KR3,0);
- &RIP2($D,$E,$A,$B,$C,$wr[62],$wr[63],$sr[62],$KR3,0);
- &RIP2($C,$D,$E,$A,$B,$wr[63],$wr[64],$sr[63],$KR3,2);
-
- &RIP1($B,$C,$D,$E,$A,$wr[64],$sr[64],-2);
- &RIP1($A,$B,$C,$D,$E,$wr[65],$sr[65],0);
- &RIP1($E,$A,$B,$C,$D,$wr[66],$sr[66],0);
- &RIP1($D,$E,$A,$B,$C,$wr[67],$sr[67],0);
- &RIP1($C,$D,$E,$A,$B,$wr[68],$sr[68],0);
- &RIP1($B,$C,$D,$E,$A,$wr[69],$sr[69],0);
- &RIP1($A,$B,$C,$D,$E,$wr[70],$sr[70],0);
- &RIP1($E,$A,$B,$C,$D,$wr[71],$sr[71],0);
- &RIP1($D,$E,$A,$B,$C,$wr[72],$sr[72],0);
- &RIP1($C,$D,$E,$A,$B,$wr[73],$sr[73],0);
- &RIP1($B,$C,$D,$E,$A,$wr[74],$sr[74],0);
- &RIP1($A,$B,$C,$D,$E,$wr[75],$sr[75],0);
- &RIP1($E,$A,$B,$C,$D,$wr[76],$sr[76],0);
- &RIP1($D,$E,$A,$B,$C,$wr[77],$sr[77],0);
- &RIP1($C,$D,$E,$A,$B,$wr[78],$sr[78],0);
- &RIP1($B,$C,$D,$E,$A,$wr[79],$sr[79],2);
-
- # &mov($tmp2, &wparam(0)); # Moved into last round
-
- &mov($tmp1, &DWP( 4,$tmp2,"",0)); # ctx->B
- &add($D, $tmp1);
- &mov($tmp1, &swtmp(16+2)); # $c
- &add($D, $tmp1);
-
- &mov($tmp1, &DWP( 8,$tmp2,"",0)); # ctx->C
- &add($E, $tmp1);
- &mov($tmp1, &swtmp(16+3)); # $d
- &add($E, $tmp1);
-
- &mov($tmp1, &DWP(12,$tmp2,"",0)); # ctx->D
- &add($A, $tmp1);
- &mov($tmp1, &swtmp(16+4)); # $e
- &add($A, $tmp1);
-
-
- &mov($tmp1, &DWP(16,$tmp2,"",0)); # ctx->E
- &add($B, $tmp1);
- &mov($tmp1, &swtmp(16+0)); # $a
- &add($B, $tmp1);
-
- &mov($tmp1, &DWP( 0,$tmp2,"",0)); # ctx->A
- &add($C, $tmp1);
- &mov($tmp1, &swtmp(16+1)); # $b
- &add($C, $tmp1);
-
- &mov($tmp1, &wparam(2));
-
- &mov(&DWP( 0,$tmp2,"",0), $D);
- &mov(&DWP( 4,$tmp2,"",0), $E);
- &mov(&DWP( 8,$tmp2,"",0), $A);
- &sub($tmp1,1);
- &mov(&DWP(12,$tmp2,"",0), $B);
- &mov(&DWP(16,$tmp2,"",0), $C);
-
- &jle(&label("get_out"));
-
- &mov(&wparam(2),$tmp1);
- &mov($C, $A);
- &mov($tmp1, &wparam(1));
- &mov($A, $D);
- &add($tmp1, 64);
- &mov($B, $E);
- &mov(&wparam(1),$tmp1);
-
- &jmp(&label("start"));
-
- &set_label("get_out");
-
- &stack_pop(16+5+6);
-
- &pop("ebx");
- &pop("ebp");
- &pop("edi");
- &pop("esi");
- &ret();
- &function_end_B($name);
- }
-
diff --git a/src/lib/libcrypto/ripemd/ripemd.h b/src/lib/libcrypto/ripemd/ripemd.h
deleted file mode 100644
index dd1627cf40..0000000000
--- a/src/lib/libcrypto/ripemd/ripemd.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/* crypto/ripemd/ripemd.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RIPEMD_H
-#define HEADER_RIPEMD_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef NO_RIPEMD
-#error RIPEMD is disabled.
-#endif
-
-#if defined(WIN16) || defined(__LP32__)
-#define RIPEMD160_LONG unsigned long
-#elif defined(_CRAY) || defined(__ILP64__)
-#define RIPEMD160_LONG unsigned long
-#define RIPEMD160_LONG_LOG2 3
-#else
-#define RIPEMD160_LONG unsigned int
-#endif
-
-#define RIPEMD160_CBLOCK 64
-#define RIPEMD160_LBLOCK (RIPEMD160_CBLOCK/4)
-#define RIPEMD160_DIGEST_LENGTH 20
-
-typedef struct RIPEMD160state_st
- {
- RIPEMD160_LONG A,B,C,D,E;
- RIPEMD160_LONG Nl,Nh;
- RIPEMD160_LONG data[RIPEMD160_LBLOCK];
- int num;
- } RIPEMD160_CTX;
-
-void RIPEMD160_Init(RIPEMD160_CTX *c);
-void RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, unsigned long len);
-void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
-unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
- unsigned char *md);
-void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b);
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/ripemd/rmd_dgst.c b/src/lib/libcrypto/ripemd/rmd_dgst.c
deleted file mode 100644
index bdfae270b6..0000000000
--- a/src/lib/libcrypto/ripemd/rmd_dgst.c
+++ /dev/null
@@ -1,493 +0,0 @@
-/* crypto/ripemd/rmd_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "rmd_locl.h"
-#include <openssl/opensslv.h>
-
-const char *RMD160_version="RIPE-MD160" OPENSSL_VERSION_PTEXT;
-
-# ifdef RMD160_ASM
- void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,int num);
-# define ripemd160_block ripemd160_block_x86
-# else
- void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,int num);
-# endif
-
-void RIPEMD160_Init(RIPEMD160_CTX *c)
- {
- c->A=RIPEMD160_A;
- c->B=RIPEMD160_B;
- c->C=RIPEMD160_C;
- c->D=RIPEMD160_D;
- c->E=RIPEMD160_E;
- c->Nl=0;
- c->Nh=0;
- c->num=0;
- }
-
-#ifndef ripemd160_block_host_order
-#ifdef X
-#undef X
-#endif
-#define X(i) XX[i]
-void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num)
- {
- const RIPEMD160_LONG *XX=p;
- register unsigned long A,B,C,D,E;
- register unsigned long a,b,c,d,e;
-
- for (;num--;XX+=HASH_LBLOCK)
- {
-
- A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
-
- RIP1(A,B,C,D,E,WL00,SL00);
- RIP1(E,A,B,C,D,WL01,SL01);
- RIP1(D,E,A,B,C,WL02,SL02);
- RIP1(C,D,E,A,B,WL03,SL03);
- RIP1(B,C,D,E,A,WL04,SL04);
- RIP1(A,B,C,D,E,WL05,SL05);
- RIP1(E,A,B,C,D,WL06,SL06);
- RIP1(D,E,A,B,C,WL07,SL07);
- RIP1(C,D,E,A,B,WL08,SL08);
- RIP1(B,C,D,E,A,WL09,SL09);
- RIP1(A,B,C,D,E,WL10,SL10);
- RIP1(E,A,B,C,D,WL11,SL11);
- RIP1(D,E,A,B,C,WL12,SL12);
- RIP1(C,D,E,A,B,WL13,SL13);
- RIP1(B,C,D,E,A,WL14,SL14);
- RIP1(A,B,C,D,E,WL15,SL15);
-
- RIP2(E,A,B,C,D,WL16,SL16,KL1);
- RIP2(D,E,A,B,C,WL17,SL17,KL1);
- RIP2(C,D,E,A,B,WL18,SL18,KL1);
- RIP2(B,C,D,E,A,WL19,SL19,KL1);
- RIP2(A,B,C,D,E,WL20,SL20,KL1);
- RIP2(E,A,B,C,D,WL21,SL21,KL1);
- RIP2(D,E,A,B,C,WL22,SL22,KL1);
- RIP2(C,D,E,A,B,WL23,SL23,KL1);
- RIP2(B,C,D,E,A,WL24,SL24,KL1);
- RIP2(A,B,C,D,E,WL25,SL25,KL1);
- RIP2(E,A,B,C,D,WL26,SL26,KL1);
- RIP2(D,E,A,B,C,WL27,SL27,KL1);
- RIP2(C,D,E,A,B,WL28,SL28,KL1);
- RIP2(B,C,D,E,A,WL29,SL29,KL1);
- RIP2(A,B,C,D,E,WL30,SL30,KL1);
- RIP2(E,A,B,C,D,WL31,SL31,KL1);
-
- RIP3(D,E,A,B,C,WL32,SL32,KL2);
- RIP3(C,D,E,A,B,WL33,SL33,KL2);
- RIP3(B,C,D,E,A,WL34,SL34,KL2);
- RIP3(A,B,C,D,E,WL35,SL35,KL2);
- RIP3(E,A,B,C,D,WL36,SL36,KL2);
- RIP3(D,E,A,B,C,WL37,SL37,KL2);
- RIP3(C,D,E,A,B,WL38,SL38,KL2);
- RIP3(B,C,D,E,A,WL39,SL39,KL2);
- RIP3(A,B,C,D,E,WL40,SL40,KL2);
- RIP3(E,A,B,C,D,WL41,SL41,KL2);
- RIP3(D,E,A,B,C,WL42,SL42,KL2);
- RIP3(C,D,E,A,B,WL43,SL43,KL2);
- RIP3(B,C,D,E,A,WL44,SL44,KL2);
- RIP3(A,B,C,D,E,WL45,SL45,KL2);
- RIP3(E,A,B,C,D,WL46,SL46,KL2);
- RIP3(D,E,A,B,C,WL47,SL47,KL2);
-
- RIP4(C,D,E,A,B,WL48,SL48,KL3);
- RIP4(B,C,D,E,A,WL49,SL49,KL3);
- RIP4(A,B,C,D,E,WL50,SL50,KL3);
- RIP4(E,A,B,C,D,WL51,SL51,KL3);
- RIP4(D,E,A,B,C,WL52,SL52,KL3);
- RIP4(C,D,E,A,B,WL53,SL53,KL3);
- RIP4(B,C,D,E,A,WL54,SL54,KL3);
- RIP4(A,B,C,D,E,WL55,SL55,KL3);
- RIP4(E,A,B,C,D,WL56,SL56,KL3);
- RIP4(D,E,A,B,C,WL57,SL57,KL3);
- RIP4(C,D,E,A,B,WL58,SL58,KL3);
- RIP4(B,C,D,E,A,WL59,SL59,KL3);
- RIP4(A,B,C,D,E,WL60,SL60,KL3);
- RIP4(E,A,B,C,D,WL61,SL61,KL3);
- RIP4(D,E,A,B,C,WL62,SL62,KL3);
- RIP4(C,D,E,A,B,WL63,SL63,KL3);
-
- RIP5(B,C,D,E,A,WL64,SL64,KL4);
- RIP5(A,B,C,D,E,WL65,SL65,KL4);
- RIP5(E,A,B,C,D,WL66,SL66,KL4);
- RIP5(D,E,A,B,C,WL67,SL67,KL4);
- RIP5(C,D,E,A,B,WL68,SL68,KL4);
- RIP5(B,C,D,E,A,WL69,SL69,KL4);
- RIP5(A,B,C,D,E,WL70,SL70,KL4);
- RIP5(E,A,B,C,D,WL71,SL71,KL4);
- RIP5(D,E,A,B,C,WL72,SL72,KL4);
- RIP5(C,D,E,A,B,WL73,SL73,KL4);
- RIP5(B,C,D,E,A,WL74,SL74,KL4);
- RIP5(A,B,C,D,E,WL75,SL75,KL4);
- RIP5(E,A,B,C,D,WL76,SL76,KL4);
- RIP5(D,E,A,B,C,WL77,SL77,KL4);
- RIP5(C,D,E,A,B,WL78,SL78,KL4);
- RIP5(B,C,D,E,A,WL79,SL79,KL4);
-
- a=A; b=B; c=C; d=D; e=E;
- /* Do other half */
- A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
-
- RIP5(A,B,C,D,E,WR00,SR00,KR0);
- RIP5(E,A,B,C,D,WR01,SR01,KR0);
- RIP5(D,E,A,B,C,WR02,SR02,KR0);
- RIP5(C,D,E,A,B,WR03,SR03,KR0);
- RIP5(B,C,D,E,A,WR04,SR04,KR0);
- RIP5(A,B,C,D,E,WR05,SR05,KR0);
- RIP5(E,A,B,C,D,WR06,SR06,KR0);
- RIP5(D,E,A,B,C,WR07,SR07,KR0);
- RIP5(C,D,E,A,B,WR08,SR08,KR0);
- RIP5(B,C,D,E,A,WR09,SR09,KR0);
- RIP5(A,B,C,D,E,WR10,SR10,KR0);
- RIP5(E,A,B,C,D,WR11,SR11,KR0);
- RIP5(D,E,A,B,C,WR12,SR12,KR0);
- RIP5(C,D,E,A,B,WR13,SR13,KR0);
- RIP5(B,C,D,E,A,WR14,SR14,KR0);
- RIP5(A,B,C,D,E,WR15,SR15,KR0);
-
- RIP4(E,A,B,C,D,WR16,SR16,KR1);
- RIP4(D,E,A,B,C,WR17,SR17,KR1);
- RIP4(C,D,E,A,B,WR18,SR18,KR1);
- RIP4(B,C,D,E,A,WR19,SR19,KR1);
- RIP4(A,B,C,D,E,WR20,SR20,KR1);
- RIP4(E,A,B,C,D,WR21,SR21,KR1);
- RIP4(D,E,A,B,C,WR22,SR22,KR1);
- RIP4(C,D,E,A,B,WR23,SR23,KR1);
- RIP4(B,C,D,E,A,WR24,SR24,KR1);
- RIP4(A,B,C,D,E,WR25,SR25,KR1);
- RIP4(E,A,B,C,D,WR26,SR26,KR1);
- RIP4(D,E,A,B,C,WR27,SR27,KR1);
- RIP4(C,D,E,A,B,WR28,SR28,KR1);
- RIP4(B,C,D,E,A,WR29,SR29,KR1);
- RIP4(A,B,C,D,E,WR30,SR30,KR1);
- RIP4(E,A,B,C,D,WR31,SR31,KR1);
-
- RIP3(D,E,A,B,C,WR32,SR32,KR2);
- RIP3(C,D,E,A,B,WR33,SR33,KR2);
- RIP3(B,C,D,E,A,WR34,SR34,KR2);
- RIP3(A,B,C,D,E,WR35,SR35,KR2);
- RIP3(E,A,B,C,D,WR36,SR36,KR2);
- RIP3(D,E,A,B,C,WR37,SR37,KR2);
- RIP3(C,D,E,A,B,WR38,SR38,KR2);
- RIP3(B,C,D,E,A,WR39,SR39,KR2);
- RIP3(A,B,C,D,E,WR40,SR40,KR2);
- RIP3(E,A,B,C,D,WR41,SR41,KR2);
- RIP3(D,E,A,B,C,WR42,SR42,KR2);
- RIP3(C,D,E,A,B,WR43,SR43,KR2);
- RIP3(B,C,D,E,A,WR44,SR44,KR2);
- RIP3(A,B,C,D,E,WR45,SR45,KR2);
- RIP3(E,A,B,C,D,WR46,SR46,KR2);
- RIP3(D,E,A,B,C,WR47,SR47,KR2);
-
- RIP2(C,D,E,A,B,WR48,SR48,KR3);
- RIP2(B,C,D,E,A,WR49,SR49,KR3);
- RIP2(A,B,C,D,E,WR50,SR50,KR3);
- RIP2(E,A,B,C,D,WR51,SR51,KR3);
- RIP2(D,E,A,B,C,WR52,SR52,KR3);
- RIP2(C,D,E,A,B,WR53,SR53,KR3);
- RIP2(B,C,D,E,A,WR54,SR54,KR3);
- RIP2(A,B,C,D,E,WR55,SR55,KR3);
- RIP2(E,A,B,C,D,WR56,SR56,KR3);
- RIP2(D,E,A,B,C,WR57,SR57,KR3);
- RIP2(C,D,E,A,B,WR58,SR58,KR3);
- RIP2(B,C,D,E,A,WR59,SR59,KR3);
- RIP2(A,B,C,D,E,WR60,SR60,KR3);
- RIP2(E,A,B,C,D,WR61,SR61,KR3);
- RIP2(D,E,A,B,C,WR62,SR62,KR3);
- RIP2(C,D,E,A,B,WR63,SR63,KR3);
-
- RIP1(B,C,D,E,A,WR64,SR64);
- RIP1(A,B,C,D,E,WR65,SR65);
- RIP1(E,A,B,C,D,WR66,SR66);
- RIP1(D,E,A,B,C,WR67,SR67);
- RIP1(C,D,E,A,B,WR68,SR68);
- RIP1(B,C,D,E,A,WR69,SR69);
- RIP1(A,B,C,D,E,WR70,SR70);
- RIP1(E,A,B,C,D,WR71,SR71);
- RIP1(D,E,A,B,C,WR72,SR72);
- RIP1(C,D,E,A,B,WR73,SR73);
- RIP1(B,C,D,E,A,WR74,SR74);
- RIP1(A,B,C,D,E,WR75,SR75);
- RIP1(E,A,B,C,D,WR76,SR76);
- RIP1(D,E,A,B,C,WR77,SR77);
- RIP1(C,D,E,A,B,WR78,SR78);
- RIP1(B,C,D,E,A,WR79,SR79);
-
- D =ctx->B+c+D;
- ctx->B=ctx->C+d+E;
- ctx->C=ctx->D+e+A;
- ctx->D=ctx->E+a+B;
- ctx->E=ctx->A+b+C;
- ctx->A=D;
-
- }
- }
-#endif
-
-#ifndef ripemd160_block_data_order
-#ifdef X
-#undef X
-#endif
-void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, int num)
- {
- const unsigned char *data=p;
- register unsigned long A,B,C,D,E;
- unsigned long a,b,c,d,e,l;
-#ifndef MD32_XARRAY
- /* See comment in crypto/sha/sha_locl.h for details. */
- unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
- XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-# define X(i) XX##i
-#else
- RIPEMD160_LONG XX[16];
-# define X(i) XX[i]
-#endif
-
- for (;num--;)
- {
-
- A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
-
- HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
- RIP1(A,B,C,D,E,WL00,SL00); HOST_c2l(data,l); X( 2)=l;
- RIP1(E,A,B,C,D,WL01,SL01); HOST_c2l(data,l); X( 3)=l;
- RIP1(D,E,A,B,C,WL02,SL02); HOST_c2l(data,l); X( 4)=l;
- RIP1(C,D,E,A,B,WL03,SL03); HOST_c2l(data,l); X( 5)=l;
- RIP1(B,C,D,E,A,WL04,SL04); HOST_c2l(data,l); X( 6)=l;
- RIP1(A,B,C,D,E,WL05,SL05); HOST_c2l(data,l); X( 7)=l;
- RIP1(E,A,B,C,D,WL06,SL06); HOST_c2l(data,l); X( 8)=l;
- RIP1(D,E,A,B,C,WL07,SL07); HOST_c2l(data,l); X( 9)=l;
- RIP1(C,D,E,A,B,WL08,SL08); HOST_c2l(data,l); X(10)=l;
- RIP1(B,C,D,E,A,WL09,SL09); HOST_c2l(data,l); X(11)=l;
- RIP1(A,B,C,D,E,WL10,SL10); HOST_c2l(data,l); X(12)=l;
- RIP1(E,A,B,C,D,WL11,SL11); HOST_c2l(data,l); X(13)=l;
- RIP1(D,E,A,B,C,WL12,SL12); HOST_c2l(data,l); X(14)=l;
- RIP1(C,D,E,A,B,WL13,SL13); HOST_c2l(data,l); X(15)=l;
- RIP1(B,C,D,E,A,WL14,SL14);
- RIP1(A,B,C,D,E,WL15,SL15);
-
- RIP2(E,A,B,C,D,WL16,SL16,KL1);
- RIP2(D,E,A,B,C,WL17,SL17,KL1);
- RIP2(C,D,E,A,B,WL18,SL18,KL1);
- RIP2(B,C,D,E,A,WL19,SL19,KL1);
- RIP2(A,B,C,D,E,WL20,SL20,KL1);
- RIP2(E,A,B,C,D,WL21,SL21,KL1);
- RIP2(D,E,A,B,C,WL22,SL22,KL1);
- RIP2(C,D,E,A,B,WL23,SL23,KL1);
- RIP2(B,C,D,E,A,WL24,SL24,KL1);
- RIP2(A,B,C,D,E,WL25,SL25,KL1);
- RIP2(E,A,B,C,D,WL26,SL26,KL1);
- RIP2(D,E,A,B,C,WL27,SL27,KL1);
- RIP2(C,D,E,A,B,WL28,SL28,KL1);
- RIP2(B,C,D,E,A,WL29,SL29,KL1);
- RIP2(A,B,C,D,E,WL30,SL30,KL1);
- RIP2(E,A,B,C,D,WL31,SL31,KL1);
-
- RIP3(D,E,A,B,C,WL32,SL32,KL2);
- RIP3(C,D,E,A,B,WL33,SL33,KL2);
- RIP3(B,C,D,E,A,WL34,SL34,KL2);
- RIP3(A,B,C,D,E,WL35,SL35,KL2);
- RIP3(E,A,B,C,D,WL36,SL36,KL2);
- RIP3(D,E,A,B,C,WL37,SL37,KL2);
- RIP3(C,D,E,A,B,WL38,SL38,KL2);
- RIP3(B,C,D,E,A,WL39,SL39,KL2);
- RIP3(A,B,C,D,E,WL40,SL40,KL2);
- RIP3(E,A,B,C,D,WL41,SL41,KL2);
- RIP3(D,E,A,B,C,WL42,SL42,KL2);
- RIP3(C,D,E,A,B,WL43,SL43,KL2);
- RIP3(B,C,D,E,A,WL44,SL44,KL2);
- RIP3(A,B,C,D,E,WL45,SL45,KL2);
- RIP3(E,A,B,C,D,WL46,SL46,KL2);
- RIP3(D,E,A,B,C,WL47,SL47,KL2);
-
- RIP4(C,D,E,A,B,WL48,SL48,KL3);
- RIP4(B,C,D,E,A,WL49,SL49,KL3);
- RIP4(A,B,C,D,E,WL50,SL50,KL3);
- RIP4(E,A,B,C,D,WL51,SL51,KL3);
- RIP4(D,E,A,B,C,WL52,SL52,KL3);
- RIP4(C,D,E,A,B,WL53,SL53,KL3);
- RIP4(B,C,D,E,A,WL54,SL54,KL3);
- RIP4(A,B,C,D,E,WL55,SL55,KL3);
- RIP4(E,A,B,C,D,WL56,SL56,KL3);
- RIP4(D,E,A,B,C,WL57,SL57,KL3);
- RIP4(C,D,E,A,B,WL58,SL58,KL3);
- RIP4(B,C,D,E,A,WL59,SL59,KL3);
- RIP4(A,B,C,D,E,WL60,SL60,KL3);
- RIP4(E,A,B,C,D,WL61,SL61,KL3);
- RIP4(D,E,A,B,C,WL62,SL62,KL3);
- RIP4(C,D,E,A,B,WL63,SL63,KL3);
-
- RIP5(B,C,D,E,A,WL64,SL64,KL4);
- RIP5(A,B,C,D,E,WL65,SL65,KL4);
- RIP5(E,A,B,C,D,WL66,SL66,KL4);
- RIP5(D,E,A,B,C,WL67,SL67,KL4);
- RIP5(C,D,E,A,B,WL68,SL68,KL4);
- RIP5(B,C,D,E,A,WL69,SL69,KL4);
- RIP5(A,B,C,D,E,WL70,SL70,KL4);
- RIP5(E,A,B,C,D,WL71,SL71,KL4);
- RIP5(D,E,A,B,C,WL72,SL72,KL4);
- RIP5(C,D,E,A,B,WL73,SL73,KL4);
- RIP5(B,C,D,E,A,WL74,SL74,KL4);
- RIP5(A,B,C,D,E,WL75,SL75,KL4);
- RIP5(E,A,B,C,D,WL76,SL76,KL4);
- RIP5(D,E,A,B,C,WL77,SL77,KL4);
- RIP5(C,D,E,A,B,WL78,SL78,KL4);
- RIP5(B,C,D,E,A,WL79,SL79,KL4);
-
- a=A; b=B; c=C; d=D; e=E;
- /* Do other half */
- A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
-
- RIP5(A,B,C,D,E,WR00,SR00,KR0);
- RIP5(E,A,B,C,D,WR01,SR01,KR0);
- RIP5(D,E,A,B,C,WR02,SR02,KR0);
- RIP5(C,D,E,A,B,WR03,SR03,KR0);
- RIP5(B,C,D,E,A,WR04,SR04,KR0);
- RIP5(A,B,C,D,E,WR05,SR05,KR0);
- RIP5(E,A,B,C,D,WR06,SR06,KR0);
- RIP5(D,E,A,B,C,WR07,SR07,KR0);
- RIP5(C,D,E,A,B,WR08,SR08,KR0);
- RIP5(B,C,D,E,A,WR09,SR09,KR0);
- RIP5(A,B,C,D,E,WR10,SR10,KR0);
- RIP5(E,A,B,C,D,WR11,SR11,KR0);
- RIP5(D,E,A,B,C,WR12,SR12,KR0);
- RIP5(C,D,E,A,B,WR13,SR13,KR0);
- RIP5(B,C,D,E,A,WR14,SR14,KR0);
- RIP5(A,B,C,D,E,WR15,SR15,KR0);
-
- RIP4(E,A,B,C,D,WR16,SR16,KR1);
- RIP4(D,E,A,B,C,WR17,SR17,KR1);
- RIP4(C,D,E,A,B,WR18,SR18,KR1);
- RIP4(B,C,D,E,A,WR19,SR19,KR1);
- RIP4(A,B,C,D,E,WR20,SR20,KR1);
- RIP4(E,A,B,C,D,WR21,SR21,KR1);
- RIP4(D,E,A,B,C,WR22,SR22,KR1);
- RIP4(C,D,E,A,B,WR23,SR23,KR1);
- RIP4(B,C,D,E,A,WR24,SR24,KR1);
- RIP4(A,B,C,D,E,WR25,SR25,KR1);
- RIP4(E,A,B,C,D,WR26,SR26,KR1);
- RIP4(D,E,A,B,C,WR27,SR27,KR1);
- RIP4(C,D,E,A,B,WR28,SR28,KR1);
- RIP4(B,C,D,E,A,WR29,SR29,KR1);
- RIP4(A,B,C,D,E,WR30,SR30,KR1);
- RIP4(E,A,B,C,D,WR31,SR31,KR1);
-
- RIP3(D,E,A,B,C,WR32,SR32,KR2);
- RIP3(C,D,E,A,B,WR33,SR33,KR2);
- RIP3(B,C,D,E,A,WR34,SR34,KR2);
- RIP3(A,B,C,D,E,WR35,SR35,KR2);
- RIP3(E,A,B,C,D,WR36,SR36,KR2);
- RIP3(D,E,A,B,C,WR37,SR37,KR2);
- RIP3(C,D,E,A,B,WR38,SR38,KR2);
- RIP3(B,C,D,E,A,WR39,SR39,KR2);
- RIP3(A,B,C,D,E,WR40,SR40,KR2);
- RIP3(E,A,B,C,D,WR41,SR41,KR2);
- RIP3(D,E,A,B,C,WR42,SR42,KR2);
- RIP3(C,D,E,A,B,WR43,SR43,KR2);
- RIP3(B,C,D,E,A,WR44,SR44,KR2);
- RIP3(A,B,C,D,E,WR45,SR45,KR2);
- RIP3(E,A,B,C,D,WR46,SR46,KR2);
- RIP3(D,E,A,B,C,WR47,SR47,KR2);
-
- RIP2(C,D,E,A,B,WR48,SR48,KR3);
- RIP2(B,C,D,E,A,WR49,SR49,KR3);
- RIP2(A,B,C,D,E,WR50,SR50,KR3);
- RIP2(E,A,B,C,D,WR51,SR51,KR3);
- RIP2(D,E,A,B,C,WR52,SR52,KR3);
- RIP2(C,D,E,A,B,WR53,SR53,KR3);
- RIP2(B,C,D,E,A,WR54,SR54,KR3);
- RIP2(A,B,C,D,E,WR55,SR55,KR3);
- RIP2(E,A,B,C,D,WR56,SR56,KR3);
- RIP2(D,E,A,B,C,WR57,SR57,KR3);
- RIP2(C,D,E,A,B,WR58,SR58,KR3);
- RIP2(B,C,D,E,A,WR59,SR59,KR3);
- RIP2(A,B,C,D,E,WR60,SR60,KR3);
- RIP2(E,A,B,C,D,WR61,SR61,KR3);
- RIP2(D,E,A,B,C,WR62,SR62,KR3);
- RIP2(C,D,E,A,B,WR63,SR63,KR3);
-
- RIP1(B,C,D,E,A,WR64,SR64);
- RIP1(A,B,C,D,E,WR65,SR65);
- RIP1(E,A,B,C,D,WR66,SR66);
- RIP1(D,E,A,B,C,WR67,SR67);
- RIP1(C,D,E,A,B,WR68,SR68);
- RIP1(B,C,D,E,A,WR69,SR69);
- RIP1(A,B,C,D,E,WR70,SR70);
- RIP1(E,A,B,C,D,WR71,SR71);
- RIP1(D,E,A,B,C,WR72,SR72);
- RIP1(C,D,E,A,B,WR73,SR73);
- RIP1(B,C,D,E,A,WR74,SR74);
- RIP1(A,B,C,D,E,WR75,SR75);
- RIP1(E,A,B,C,D,WR76,SR76);
- RIP1(D,E,A,B,C,WR77,SR77);
- RIP1(C,D,E,A,B,WR78,SR78);
- RIP1(B,C,D,E,A,WR79,SR79);
-
- D =ctx->B+c+D;
- ctx->B=ctx->C+d+E;
- ctx->C=ctx->D+e+A;
- ctx->D=ctx->E+a+B;
- ctx->E=ctx->A+b+C;
- ctx->A=D;
-
- }
- }
-#endif
diff --git a/src/lib/libcrypto/ripemd/rmd_locl.h b/src/lib/libcrypto/ripemd/rmd_locl.h
deleted file mode 100644
index f537b88867..0000000000
--- a/src/lib/libcrypto/ripemd/rmd_locl.h
+++ /dev/null
@@ -1,160 +0,0 @@
-/* crypto/ripemd/rmd_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#include <openssl/ripemd.h>
-
-#ifndef RIPEMD160_LONG_LOG2
-#define RIPEMD160_LONG_LOG2 2 /* default to 32 bits */
-#endif
-
-/*
- * DO EXAMINE COMMENTS IN crypto/md5/md5_locl.h & crypto/md5/md5_dgst.c
- * FOR EXPLANATIONS ON FOLLOWING "CODE."
- * <appro@fy.chalmers.se>
- */
-#ifdef RMD160_ASM
-# if defined(__i386) || defined(_M_IX86) || defined(__INTEL__)
-# define ripemd160_block_host_order ripemd160_block_asm_host_order
-# endif
-#endif
-
-void ripemd160_block_host_order (RIPEMD160_CTX *c, const void *p,int num);
-void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,int num);
-
-#if defined(__i386) || defined(_M_IX86) || defined(__INTEL__)
-#define ripemd160_block_data_order ripemd160_block_host_order
-#endif
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG RIPEMD160_LONG
-#define HASH_LONG_LOG2 RIPEMD160_LONG_LOG2
-#define HASH_CTX RIPEMD160_CTX
-#define HASH_CBLOCK RIPEMD160_CBLOCK
-#define HASH_LBLOCK RIPEMD160_LBLOCK
-#define HASH_UPDATE RIPEMD160_Update
-#define HASH_TRANSFORM RIPEMD160_Transform
-#define HASH_FINAL RIPEMD160_Final
-#define HASH_BLOCK_HOST_ORDER ripemd160_block_host_order
-#define HASH_MAKE_STRING(c,s) do { \
- unsigned long ll; \
- ll=(c)->A; HOST_l2c(ll,(s)); \
- ll=(c)->B; HOST_l2c(ll,(s)); \
- ll=(c)->C; HOST_l2c(ll,(s)); \
- ll=(c)->D; HOST_l2c(ll,(s)); \
- ll=(c)->E; HOST_l2c(ll,(s)); \
- } while (0)
-#if !defined(L_ENDIAN) || defined(ripemd160_block_data_order)
-#define HASH_BLOCK_DATA_ORDER ripemd160_block_data_order
-#endif
-
-#include "md32_common.h"
-
-#if 0
-#define F1(x,y,z) ((x)^(y)^(z))
-#define F2(x,y,z) (((x)&(y))|((~x)&z))
-#define F3(x,y,z) (((x)|(~y))^(z))
-#define F4(x,y,z) (((x)&(z))|((y)&(~(z))))
-#define F5(x,y,z) ((x)^((y)|(~(z))))
-#else
-/*
- * Transformed F2 and F4 are courtesy of Wei Dai <weidai@eskimo.com>
- */
-#define F1(x,y,z) ((x) ^ (y) ^ (z))
-#define F2(x,y,z) ((((y) ^ (z)) & (x)) ^ (z))
-#define F3(x,y,z) (((~(y)) | (x)) ^ (z))
-#define F4(x,y,z) ((((x) ^ (y)) & (z)) ^ (y))
-#define F5(x,y,z) (((~(z)) | (y)) ^ (x))
-#endif
-
-#define RIPEMD160_A 0x67452301L
-#define RIPEMD160_B 0xEFCDAB89L
-#define RIPEMD160_C 0x98BADCFEL
-#define RIPEMD160_D 0x10325476L
-#define RIPEMD160_E 0xC3D2E1F0L
-
-#include "rmdconst.h"
-
-#define RIP1(a,b,c,d,e,w,s) { \
- a+=F1(b,c,d)+X(w); \
- a=ROTATE(a,s)+e; \
- c=ROTATE(c,10); }
-
-#define RIP2(a,b,c,d,e,w,s,K) { \
- a+=F2(b,c,d)+X(w)+K; \
- a=ROTATE(a,s)+e; \
- c=ROTATE(c,10); }
-
-#define RIP3(a,b,c,d,e,w,s,K) { \
- a+=F3(b,c,d)+X(w)+K; \
- a=ROTATE(a,s)+e; \
- c=ROTATE(c,10); }
-
-#define RIP4(a,b,c,d,e,w,s,K) { \
- a+=F4(b,c,d)+X(w)+K; \
- a=ROTATE(a,s)+e; \
- c=ROTATE(c,10); }
-
-#define RIP5(a,b,c,d,e,w,s,K) { \
- a+=F5(b,c,d)+X(w)+K; \
- a=ROTATE(a,s)+e; \
- c=ROTATE(c,10); }
-
diff --git a/src/lib/libcrypto/ripemd/rmd_one.c b/src/lib/libcrypto/ripemd/rmd_one.c
deleted file mode 100644
index efdf2dd6ef..0000000000
--- a/src/lib/libcrypto/ripemd/rmd_one.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* crypto/ripemd/rmd_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/ripemd.h>
-
-unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
- unsigned char *md)
- {
- RIPEMD160_CTX c;
- static unsigned char m[RIPEMD160_DIGEST_LENGTH];
-
- if (md == NULL) md=m;
- RIPEMD160_Init(&c);
- RIPEMD160_Update(&c,d,n);
- RIPEMD160_Final(md,&c);
- memset(&c,0,sizeof(c)); /* security consideration */
- return(md);
- }
-
diff --git a/src/lib/libcrypto/ripemd/rmdconst.h b/src/lib/libcrypto/ripemd/rmdconst.h
deleted file mode 100644
index 59c48dead1..0000000000
--- a/src/lib/libcrypto/ripemd/rmdconst.h
+++ /dev/null
@@ -1,399 +0,0 @@
-/* crypto/ripemd/rmdconst.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#define KL0 0x00000000L
-#define KL1 0x5A827999L
-#define KL2 0x6ED9EBA1L
-#define KL3 0x8F1BBCDCL
-#define KL4 0xA953FD4EL
-
-#define KR0 0x50A28BE6L
-#define KR1 0x5C4DD124L
-#define KR2 0x6D703EF3L
-#define KR3 0x7A6D76E9L
-#define KR4 0x00000000L
-
-#define WL00 0
-#define SL00 11
-#define WL01 1
-#define SL01 14
-#define WL02 2
-#define SL02 15
-#define WL03 3
-#define SL03 12
-#define WL04 4
-#define SL04 5
-#define WL05 5
-#define SL05 8
-#define WL06 6
-#define SL06 7
-#define WL07 7
-#define SL07 9
-#define WL08 8
-#define SL08 11
-#define WL09 9
-#define SL09 13
-#define WL10 10
-#define SL10 14
-#define WL11 11
-#define SL11 15
-#define WL12 12
-#define SL12 6
-#define WL13 13
-#define SL13 7
-#define WL14 14
-#define SL14 9
-#define WL15 15
-#define SL15 8
-
-#define WL16 7
-#define SL16 7
-#define WL17 4
-#define SL17 6
-#define WL18 13
-#define SL18 8
-#define WL19 1
-#define SL19 13
-#define WL20 10
-#define SL20 11
-#define WL21 6
-#define SL21 9
-#define WL22 15
-#define SL22 7
-#define WL23 3
-#define SL23 15
-#define WL24 12
-#define SL24 7
-#define WL25 0
-#define SL25 12
-#define WL26 9
-#define SL26 15
-#define WL27 5
-#define SL27 9
-#define WL28 2
-#define SL28 11
-#define WL29 14
-#define SL29 7
-#define WL30 11
-#define SL30 13
-#define WL31 8
-#define SL31 12
-
-#define WL32 3
-#define SL32 11
-#define WL33 10
-#define SL33 13
-#define WL34 14
-#define SL34 6
-#define WL35 4
-#define SL35 7
-#define WL36 9
-#define SL36 14
-#define WL37 15
-#define SL37 9
-#define WL38 8
-#define SL38 13
-#define WL39 1
-#define SL39 15
-#define WL40 2
-#define SL40 14
-#define WL41 7
-#define SL41 8
-#define WL42 0
-#define SL42 13
-#define WL43 6
-#define SL43 6
-#define WL44 13
-#define SL44 5
-#define WL45 11
-#define SL45 12
-#define WL46 5
-#define SL46 7
-#define WL47 12
-#define SL47 5
-
-#define WL48 1
-#define SL48 11
-#define WL49 9
-#define SL49 12
-#define WL50 11
-#define SL50 14
-#define WL51 10
-#define SL51 15
-#define WL52 0
-#define SL52 14
-#define WL53 8
-#define SL53 15
-#define WL54 12
-#define SL54 9
-#define WL55 4
-#define SL55 8
-#define WL56 13
-#define SL56 9
-#define WL57 3
-#define SL57 14
-#define WL58 7
-#define SL58 5
-#define WL59 15
-#define SL59 6
-#define WL60 14
-#define SL60 8
-#define WL61 5
-#define SL61 6
-#define WL62 6
-#define SL62 5
-#define WL63 2
-#define SL63 12
-
-#define WL64 4
-#define SL64 9
-#define WL65 0
-#define SL65 15
-#define WL66 5
-#define SL66 5
-#define WL67 9
-#define SL67 11
-#define WL68 7
-#define SL68 6
-#define WL69 12
-#define SL69 8
-#define WL70 2
-#define SL70 13
-#define WL71 10
-#define SL71 12
-#define WL72 14
-#define SL72 5
-#define WL73 1
-#define SL73 12
-#define WL74 3
-#define SL74 13
-#define WL75 8
-#define SL75 14
-#define WL76 11
-#define SL76 11
-#define WL77 6
-#define SL77 8
-#define WL78 15
-#define SL78 5
-#define WL79 13
-#define SL79 6
-
-#define WR00 5
-#define SR00 8
-#define WR01 14
-#define SR01 9
-#define WR02 7
-#define SR02 9
-#define WR03 0
-#define SR03 11
-#define WR04 9
-#define SR04 13
-#define WR05 2
-#define SR05 15
-#define WR06 11
-#define SR06 15
-#define WR07 4
-#define SR07 5
-#define WR08 13
-#define SR08 7
-#define WR09 6
-#define SR09 7
-#define WR10 15
-#define SR10 8
-#define WR11 8
-#define SR11 11
-#define WR12 1
-#define SR12 14
-#define WR13 10
-#define SR13 14
-#define WR14 3
-#define SR14 12
-#define WR15 12
-#define SR15 6
-
-#define WR16 6
-#define SR16 9
-#define WR17 11
-#define SR17 13
-#define WR18 3
-#define SR18 15
-#define WR19 7
-#define SR19 7
-#define WR20 0
-#define SR20 12
-#define WR21 13
-#define SR21 8
-#define WR22 5
-#define SR22 9
-#define WR23 10
-#define SR23 11
-#define WR24 14
-#define SR24 7
-#define WR25 15
-#define SR25 7
-#define WR26 8
-#define SR26 12
-#define WR27 12
-#define SR27 7
-#define WR28 4
-#define SR28 6
-#define WR29 9
-#define SR29 15
-#define WR30 1
-#define SR30 13
-#define WR31 2
-#define SR31 11
-
-#define WR32 15
-#define SR32 9
-#define WR33 5
-#define SR33 7
-#define WR34 1
-#define SR34 15
-#define WR35 3
-#define SR35 11
-#define WR36 7
-#define SR36 8
-#define WR37 14
-#define SR37 6
-#define WR38 6
-#define SR38 6
-#define WR39 9
-#define SR39 14
-#define WR40 11
-#define SR40 12
-#define WR41 8
-#define SR41 13
-#define WR42 12
-#define SR42 5
-#define WR43 2
-#define SR43 14
-#define WR44 10
-#define SR44 13
-#define WR45 0
-#define SR45 13
-#define WR46 4
-#define SR46 7
-#define WR47 13
-#define SR47 5
-
-#define WR48 8
-#define SR48 15
-#define WR49 6
-#define SR49 5
-#define WR50 4
-#define SR50 8
-#define WR51 1
-#define SR51 11
-#define WR52 3
-#define SR52 14
-#define WR53 11
-#define SR53 14
-#define WR54 15
-#define SR54 6
-#define WR55 0
-#define SR55 14
-#define WR56 5
-#define SR56 6
-#define WR57 12
-#define SR57 9
-#define WR58 2
-#define SR58 12
-#define WR59 13
-#define SR59 9
-#define WR60 9
-#define SR60 12
-#define WR61 7
-#define SR61 5
-#define WR62 10
-#define SR62 15
-#define WR63 14
-#define SR63 8
-
-#define WR64 12
-#define SR64 8
-#define WR65 15
-#define SR65 5
-#define WR66 10
-#define SR66 12
-#define WR67 4
-#define SR67 9
-#define WR68 1
-#define SR68 12
-#define WR69 5
-#define SR69 5
-#define WR70 8
-#define SR70 14
-#define WR71 7
-#define SR71 6
-#define WR72 6
-#define SR72 8
-#define WR73 2
-#define SR73 13
-#define WR74 13
-#define SR74 6
-#define WR75 14
-#define SR75 5
-#define WR76 0
-#define SR76 15
-#define WR77 3
-#define SR77 13
-#define WR78 9
-#define SR78 11
-#define WR79 11
-#define SR79 11
-
diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h
deleted file mode 100644
index bda636a365..0000000000
--- a/src/lib/libcrypto/rsa/rsa.h
+++ /dev/null
@@ -1,357 +0,0 @@
-/* crypto/rsa/rsa.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RSA_H
-#define HEADER_RSA_H
-
-#ifndef NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/bn.h>
-#include <openssl/crypto.h>
-
-#ifdef NO_RSA
-#error RSA is disabled.
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct rsa_st RSA;
-
-typedef struct rsa_meth_st
- {
- const char *name;
- int (*rsa_pub_enc)(int flen,unsigned char *from,unsigned char *to,
- RSA *rsa,int padding);
- int (*rsa_pub_dec)(int flen,unsigned char *from,unsigned char *to,
- RSA *rsa,int padding);
- int (*rsa_priv_enc)(int flen,unsigned char *from,unsigned char *to,
- RSA *rsa,int padding);
- int (*rsa_priv_dec)(int flen,unsigned char *from,unsigned char *to,
- RSA *rsa,int padding);
- int (*rsa_mod_exp)(BIGNUM *r0,BIGNUM *I,RSA *rsa); /* Can be null */
- int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx); /* Can be null */
- int (*init)(RSA *rsa); /* called at new */
- int (*finish)(RSA *rsa); /* called at free */
- int flags; /* RSA_METHOD_FLAG_* things */
- char *app_data; /* may be needed! */
-/* New sign and verify functions: some libraries don't allow arbitrary data
- * to be signed/verified: this allows them to be used. Note: for this to work
- * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used
- * RSA_sign(), RSA_verify() should be used instead. Note: for backwards
- * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
- * option is set in 'flags'.
- */
- int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigret, unsigned int *siglen, RSA *rsa);
- int (*rsa_verify)(int dtype, unsigned char *m, unsigned int m_len,
- unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
- } RSA_METHOD;
-
-struct rsa_st
- {
- /* The first parameter is used to pickup errors where
- * this is passed instead of aEVP_PKEY, it is set to 0 */
- int pad;
- int version;
-#if 0
- RSA_METHOD *meth;
-#else
- struct engine_st *engine;
-#endif
- BIGNUM *n;
- BIGNUM *e;
- BIGNUM *d;
- BIGNUM *p;
- BIGNUM *q;
- BIGNUM *dmp1;
- BIGNUM *dmq1;
- BIGNUM *iqmp;
- /* be careful using this if the RSA structure is shared */
- CRYPTO_EX_DATA ex_data;
- int references;
- int flags;
-
- /* Used to cache montgomery values */
- BN_MONT_CTX *_method_mod_n;
- BN_MONT_CTX *_method_mod_p;
- BN_MONT_CTX *_method_mod_q;
-
- /* all BIGNUM values are actually in the following data, if it is not
- * NULL */
- char *bignum_data;
- BN_BLINDING *blinding;
- };
-
-#define RSA_3 0x3L
-#define RSA_F4 0x10001L
-
-#define RSA_METHOD_FLAG_NO_CHECK 0x01 /* don't check pub/private match */
-
-#define RSA_FLAG_CACHE_PUBLIC 0x02
-#define RSA_FLAG_CACHE_PRIVATE 0x04
-#define RSA_FLAG_BLINDING 0x08
-#define RSA_FLAG_THREAD_SAFE 0x10
-/* This flag means the private key operations will be handled by rsa_mod_exp
- * and that they do not depend on the private key components being present:
- * for example a key stored in external hardware. Without this flag bn_mod_exp
- * gets called when private key components are absent.
- */
-#define RSA_FLAG_EXT_PKEY 0x20
-
-/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.
- */
-#define RSA_FLAG_SIGN_VER 0x40
-
-#define RSA_PKCS1_PADDING 1
-#define RSA_SSLV23_PADDING 2
-#define RSA_NO_PADDING 3
-#define RSA_PKCS1_OAEP_PADDING 4
-
-#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
-#define RSA_get_app_data(s) RSA_get_ex_data(s,0)
-
-RSA * RSA_new(void);
-#if 0
-RSA * RSA_new_method(RSA_METHOD *method);
-#else
-RSA * RSA_new_method(struct engine_st *engine);
-#endif
-int RSA_size(RSA *);
-RSA * RSA_generate_key(int bits, unsigned long e,void
- (*callback)(int,int,void *),void *cb_arg);
-int RSA_check_key(RSA *);
- /* next 4 return -1 on error */
-int RSA_public_encrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-int RSA_private_encrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-int RSA_public_decrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-int RSA_private_decrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-void RSA_free (RSA *r);
-
-int RSA_flags(RSA *r);
-
-void RSA_set_default_openssl_method(RSA_METHOD *meth);
-RSA_METHOD *RSA_get_default_openssl_method(void);
-RSA_METHOD *RSA_get_method(RSA *rsa);
-#if 0
-RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth);
-#else
-int RSA_set_method(RSA *rsa, struct engine_st *engine);
-#endif
-
-/* This function needs the memory locking malloc callbacks to be installed */
-int RSA_memory_lock(RSA *r);
-
-/* If you have RSAref compiled in. */
-RSA_METHOD *RSA_PKCS1_RSAref(void);
-
-/* these are the actual SSLeay RSA functions */
-RSA_METHOD *RSA_PKCS1_SSLeay(void);
-
-RSA_METHOD *RSA_null_method(void);
-
-void ERR_load_RSA_strings(void );
-
-RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
-int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
-RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
-int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
-#ifndef NO_FP_API
-int RSA_print_fp(FILE *fp, RSA *r,int offset);
-#endif
-
-#ifndef NO_BIO
-int RSA_print(BIO *bp, RSA *r,int offset);
-#endif
-
-int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey);
-RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey);
-RSA *d2i_RSA_NET_2(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey);
-
-int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
-RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
-/* Naughty internal function required elsewhere, to handle a MS structure
- * that is the same as the netscape one :-) */
-RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, int (*cb)());
-
-/* The following 2 functions sign and verify a X509_SIG ASN1 object
- * inside PKCS#1 padded RSA encryption */
-int RSA_sign(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-int RSA_verify(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
-/* The following 2 function sign and verify a ASN1_OCTET_STRING
- * object inside PKCS#1 padded RSA encryption */
-int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
-int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
-void RSA_blinding_off(RSA *rsa);
-
-int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen,
- unsigned char *f,int fl);
-int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen,
- unsigned char *f,int fl,int rsa_len);
-int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
- unsigned char *f,int fl);
-int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
- unsigned char *f,int fl,int rsa_len);
-int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,
- unsigned char *f,int fl,unsigned char *p,
- int pl);
-int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen,
- unsigned char *f,int fl,int rsa_len,
- unsigned char *p,int pl);
-int RSA_padding_add_SSLv23(unsigned char *to,int tlen,
- unsigned char *f,int fl);
-int RSA_padding_check_SSLv23(unsigned char *to,int tlen,
- unsigned char *f,int fl,int rsa_len);
-int RSA_padding_add_none(unsigned char *to,int tlen,
- unsigned char *f,int fl);
-int RSA_padding_check_none(unsigned char *to,int tlen,
- unsigned char *f,int fl,int rsa_len);
-
-int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int RSA_set_ex_data(RSA *r,int idx,void *arg);
-void *RSA_get_ex_data(RSA *r, int idx);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the RSA functions. */
-
-/* Function codes. */
-#define RSA_F_MEMORY_LOCK 100
-#define RSA_F_RSA_CHECK_KEY 123
-#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
-#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
-#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
-#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
-#define RSA_F_RSA_GENERATE_KEY 105
-#define RSA_F_RSA_NEW_METHOD 106
-#define RSA_F_RSA_NULL 124
-#define RSA_F_RSA_PADDING_ADD_NONE 107
-#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
-#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
-#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
-#define RSA_F_RSA_PADDING_ADD_SSLV23 110
-#define RSA_F_RSA_PADDING_CHECK_NONE 111
-#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
-#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
-#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
-#define RSA_F_RSA_PADDING_CHECK_SSLV23 114
-#define RSA_F_RSA_PRINT 115
-#define RSA_F_RSA_PRINT_FP 116
-#define RSA_F_RSA_SIGN 117
-#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
-#define RSA_F_RSA_VERIFY 119
-#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
-
-/* Reason codes. */
-#define RSA_R_ALGORITHM_MISMATCH 100
-#define RSA_R_BAD_E_VALUE 101
-#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
-#define RSA_R_BAD_PAD_BYTE_COUNT 103
-#define RSA_R_BAD_SIGNATURE 104
-#define RSA_R_BLOCK_TYPE_IS_NOT_01 106
-#define RSA_R_BLOCK_TYPE_IS_NOT_02 107
-#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108
-#define RSA_R_DATA_TOO_LARGE 109
-#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
-#define RSA_R_DATA_TOO_SMALL 111
-#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
-#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
-#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
-#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
-#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
-#define RSA_R_INVALID_MESSAGE_LENGTH 131
-#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
-#define RSA_R_KEY_SIZE_TOO_SMALL 120
-#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
-#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
-#define RSA_R_OAEP_DECODING_ERROR 121
-#define RSA_R_PADDING_CHECK_FAILED 114
-#define RSA_R_P_NOT_PRIME 128
-#define RSA_R_Q_NOT_PRIME 129
-#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
-#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
-#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
-#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
-#define RSA_R_UNKNOWN_PADDING_TYPE 118
-#define RSA_R_WRONG_SIGNATURE_LENGTH 119
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/rsa/rsa_chk.c b/src/lib/libcrypto/rsa/rsa_chk.c
deleted file mode 100644
index 91b9115798..0000000000
--- a/src/lib/libcrypto/rsa/rsa_chk.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/* crypto/rsa/rsa_chk.c -*- Mode: C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-
-int RSA_check_key(RSA *key)
- {
- BIGNUM *i, *j, *k, *l, *m;
- BN_CTX *ctx;
- int r;
- int ret=1;
-
- i = BN_new();
- j = BN_new();
- k = BN_new();
- l = BN_new();
- m = BN_new();
- ctx = BN_CTX_new();
- if (i == NULL || j == NULL || k == NULL || l == NULL ||
- m == NULL || ctx == NULL)
- {
- ret = -1;
- RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* p prime? */
- r = BN_is_prime(key->p, BN_prime_checks, NULL, NULL, NULL);
- if (r != 1)
- {
- ret = r;
- if (r != 0)
- goto err;
- RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
- }
-
- /* q prime? */
- r = BN_is_prime(key->q, BN_prime_checks, NULL, NULL, NULL);
- if (r != 1)
- {
- ret = r;
- if (r != 0)
- goto err;
- RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
- }
-
- /* n = p*q? */
- r = BN_mul(i, key->p, key->q, ctx);
- if (!r) { ret = -1; goto err; }
-
- if (BN_cmp(i, key->n) != 0)
- {
- ret = 0;
- RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q);
- }
-
- /* d*e = 1 mod lcm(p-1,q-1)? */
-
- r = BN_sub(i, key->p, BN_value_one());
- if (!r) { ret = -1; goto err; }
- r = BN_sub(j, key->q, BN_value_one());
- if (!r) { ret = -1; goto err; }
-
- /* now compute k = lcm(i,j) */
- r = BN_mul(l, i, j, ctx);
- if (!r) { ret = -1; goto err; }
- r = BN_gcd(m, i, j, ctx);
- if (!r) { ret = -1; goto err; }
- r = BN_div(k, NULL, l, m, ctx); /* remainder is 0 */
- if (!r) { ret = -1; goto err; }
-
- r = BN_mod_mul(i, key->d, key->e, k, ctx);
- if (!r) { ret = -1; goto err; }
-
- if (!BN_is_one(i))
- {
- ret = 0;
- RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1);
- }
-
- if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL)
- {
- /* dmp1 = d mod (p-1)? */
- r = BN_sub(i, key->p, BN_value_one());
- if (!r) { ret = -1; goto err; }
-
- r = BN_mod(j, key->d, i, ctx);
- if (!r) { ret = -1; goto err; }
-
- if (BN_cmp(j, key->dmp1) != 0)
- {
- ret = 0;
- RSAerr(RSA_F_RSA_CHECK_KEY,
- RSA_R_DMP1_NOT_CONGRUENT_TO_D);
- }
-
- /* dmq1 = d mod (q-1)? */
- r = BN_sub(i, key->q, BN_value_one());
- if (!r) { ret = -1; goto err; }
-
- r = BN_mod(j, key->d, i, ctx);
- if (!r) { ret = -1; goto err; }
-
- if (BN_cmp(j, key->dmq1) != 0)
- {
- ret = 0;
- RSAerr(RSA_F_RSA_CHECK_KEY,
- RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
- }
-
- /* iqmp = q^-1 mod p? */
- if(!BN_mod_inverse(i, key->q, key->p, ctx))
- {
- ret = -1;
- goto err;
- }
-
- if (BN_cmp(i, key->iqmp) != 0)
- {
- ret = 0;
- RSAerr(RSA_F_RSA_CHECK_KEY,
- RSA_R_IQMP_NOT_INVERSE_OF_Q);
- }
- }
-
- err:
- if (i != NULL) BN_free(i);
- if (j != NULL) BN_free(j);
- if (k != NULL) BN_free(k);
- if (l != NULL) BN_free(l);
- if (m != NULL) BN_free(m);
- if (ctx != NULL) BN_CTX_free(ctx);
- return (ret);
- }
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c
deleted file mode 100644
index cde5ca27d5..0000000000
--- a/src/lib/libcrypto/rsa/rsa_eay.c
+++ /dev/null
@@ -1,579 +0,0 @@
-/* crypto/rsa/rsa_eay.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-#include <openssl/engine.h>
-
-#ifndef RSA_NULL
-
-static int RSA_eay_public_encrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-static int RSA_eay_private_encrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-static int RSA_eay_public_decrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-static int RSA_eay_private_decrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
-static int RSA_eay_init(RSA *rsa);
-static int RSA_eay_finish(RSA *rsa);
-static RSA_METHOD rsa_pkcs1_eay_meth={
- "Eric Young's PKCS#1 RSA",
- RSA_eay_public_encrypt,
- RSA_eay_public_decrypt,
- RSA_eay_private_encrypt,
- RSA_eay_private_decrypt,
- RSA_eay_mod_exp,
- BN_mod_exp_mont,
- RSA_eay_init,
- RSA_eay_finish,
- 0,
- NULL,
- };
-
-RSA_METHOD *RSA_PKCS1_SSLeay(void)
- {
- return(&rsa_pkcs1_eay_meth);
- }
-
-static int RSA_eay_public_encrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding)
- {
- const RSA_METHOD *meth;
- BIGNUM f,ret;
- int i,j,k,num=0,r= -1;
- unsigned char *buf=NULL;
- BN_CTX *ctx=NULL;
-
- meth = ENGINE_get_RSA(rsa->engine);
- BN_init(&f);
- BN_init(&ret);
- if ((ctx=BN_CTX_new()) == NULL) goto err;
- num=BN_num_bytes(rsa->n);
- if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
- {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- switch (padding)
- {
- case RSA_PKCS1_PADDING:
- i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen);
- break;
-#ifndef NO_SHA
- case RSA_PKCS1_OAEP_PADDING:
- i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0);
- break;
-#endif
- case RSA_SSLV23_PADDING:
- i=RSA_padding_add_SSLv23(buf,num,from,flen);
- break;
- case RSA_NO_PADDING:
- i=RSA_padding_add_none(buf,num,from,flen);
- break;
- default:
- RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
- goto err;
- }
- if (i <= 0) goto err;
-
- if (BN_bin2bn(buf,num,&f) == NULL) goto err;
-
- if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
- {
- BN_MONT_CTX* bn_mont_ctx;
- if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
- goto err;
- if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
- {
- BN_MONT_CTX_free(bn_mont_ctx);
- goto err;
- }
- if (rsa->_method_mod_n == NULL) /* other thread may have finished first */
- {
- CRYPTO_w_lock(CRYPTO_LOCK_RSA);
- if (rsa->_method_mod_n == NULL)
- {
- rsa->_method_mod_n = bn_mont_ctx;
- bn_mont_ctx = NULL;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
- }
- if (bn_mont_ctx)
- BN_MONT_CTX_free(bn_mont_ctx);
- }
-
- if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
- rsa->_method_mod_n)) goto err;
-
- /* put in leading 0 bytes if the number is less than the
- * length of the modulus */
- j=BN_num_bytes(&ret);
- i=BN_bn2bin(&ret,&(to[num-j]));
- for (k=0; k<(num-i); k++)
- to[k]=0;
-
- r=num;
-err:
- if (ctx != NULL) BN_CTX_free(ctx);
- BN_clear_free(&f);
- BN_clear_free(&ret);
- if (buf != NULL)
- {
- memset(buf,0,num);
- OPENSSL_free(buf);
- }
- return(r);
- }
-
-static int RSA_eay_private_encrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding)
- {
- const RSA_METHOD *meth;
- BIGNUM f,ret;
- int i,j,k,num=0,r= -1;
- unsigned char *buf=NULL;
- BN_CTX *ctx=NULL;
-
- meth = ENGINE_get_RSA(rsa->engine);
- BN_init(&f);
- BN_init(&ret);
-
- if ((ctx=BN_CTX_new()) == NULL) goto err;
- num=BN_num_bytes(rsa->n);
- if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- switch (padding)
- {
- case RSA_PKCS1_PADDING:
- i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen);
- break;
- case RSA_NO_PADDING:
- i=RSA_padding_add_none(buf,num,from,flen);
- break;
- case RSA_SSLV23_PADDING:
- default:
- RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
- goto err;
- }
- if (i <= 0) goto err;
-
- if (BN_bin2bn(buf,num,&f) == NULL) goto err;
-
- if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
- RSA_blinding_on(rsa,ctx);
- if (rsa->flags & RSA_FLAG_BLINDING)
- if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
-
- if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
- ((rsa->p != NULL) &&
- (rsa->q != NULL) &&
- (rsa->dmp1 != NULL) &&
- (rsa->dmq1 != NULL) &&
- (rsa->iqmp != NULL)) )
- { if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
- else
- {
- if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err;
- }
-
- if (rsa->flags & RSA_FLAG_BLINDING)
- if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err;
-
- /* put in leading 0 bytes if the number is less than the
- * length of the modulus */
- j=BN_num_bytes(&ret);
- i=BN_bn2bin(&ret,&(to[num-j]));
- for (k=0; k<(num-i); k++)
- to[k]=0;
-
- r=num;
-err:
- if (ctx != NULL) BN_CTX_free(ctx);
- BN_clear_free(&ret);
- BN_clear_free(&f);
- if (buf != NULL)
- {
- memset(buf,0,num);
- OPENSSL_free(buf);
- }
- return(r);
- }
-
-static int RSA_eay_private_decrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding)
- {
- const RSA_METHOD *meth;
- BIGNUM f,ret;
- int j,num=0,r= -1;
- unsigned char *p;
- unsigned char *buf=NULL;
- BN_CTX *ctx=NULL;
-
- meth = ENGINE_get_RSA(rsa->engine);
- BN_init(&f);
- BN_init(&ret);
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
-
- num=BN_num_bytes(rsa->n);
-
- if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* This check was for equality but PGP does evil things
- * and chops off the top '0' bytes */
- if (flen > num)
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
- goto err;
- }
-
- /* make data into a big number */
- if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err;
-
- if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
- RSA_blinding_on(rsa,ctx);
- if (rsa->flags & RSA_FLAG_BLINDING)
- if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
-
- /* do the decrypt */
- if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
- ((rsa->p != NULL) &&
- (rsa->q != NULL) &&
- (rsa->dmp1 != NULL) &&
- (rsa->dmq1 != NULL) &&
- (rsa->iqmp != NULL)) )
- { if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
- else
- {
- if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL))
- goto err;
- }
-
- if (rsa->flags & RSA_FLAG_BLINDING)
- if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err;
-
- p=buf;
- j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */
-
- switch (padding)
- {
- case RSA_PKCS1_PADDING:
- r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num);
- break;
-#ifndef NO_SHA
- case RSA_PKCS1_OAEP_PADDING:
- r=RSA_padding_check_PKCS1_OAEP(to,num,buf,j,num,NULL,0);
- break;
-#endif
- case RSA_SSLV23_PADDING:
- r=RSA_padding_check_SSLv23(to,num,buf,j,num);
- break;
- case RSA_NO_PADDING:
- r=RSA_padding_check_none(to,num,buf,j,num);
- break;
- default:
- RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
- goto err;
- }
- if (r < 0)
- RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED);
-
-err:
- if (ctx != NULL) BN_CTX_free(ctx);
- BN_clear_free(&f);
- BN_clear_free(&ret);
- if (buf != NULL)
- {
- memset(buf,0,num);
- OPENSSL_free(buf);
- }
- return(r);
- }
-
-static int RSA_eay_public_decrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding)
- {
- const RSA_METHOD *meth;
- BIGNUM f,ret;
- int i,num=0,r= -1;
- unsigned char *p;
- unsigned char *buf=NULL;
- BN_CTX *ctx=NULL;
-
- meth = ENGINE_get_RSA(rsa->engine);
- BN_init(&f);
- BN_init(&ret);
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
-
- num=BN_num_bytes(rsa->n);
- buf=(unsigned char *)OPENSSL_malloc(num);
- if (buf == NULL)
- {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* This check was for equality but PGP does evil things
- * and chops off the top '0' bytes */
- if (flen > num)
- {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
- goto err;
- }
-
- if (BN_bin2bn(from,flen,&f) == NULL) goto err;
- /* do the decrypt */
- if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
- {
- BN_MONT_CTX* bn_mont_ctx;
- if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
- goto err;
- if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
- {
- BN_MONT_CTX_free(bn_mont_ctx);
- goto err;
- }
- if (rsa->_method_mod_n == NULL) /* other thread may have finished first */
- {
- CRYPTO_w_lock(CRYPTO_LOCK_RSA);
- if (rsa->_method_mod_n == NULL)
- {
- rsa->_method_mod_n = bn_mont_ctx;
- bn_mont_ctx = NULL;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
- }
- if (bn_mont_ctx)
- BN_MONT_CTX_free(bn_mont_ctx);
- }
-
- if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
- rsa->_method_mod_n)) goto err;
-
- p=buf;
- i=BN_bn2bin(&ret,p);
-
- switch (padding)
- {
- case RSA_PKCS1_PADDING:
- r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num);
- break;
- case RSA_NO_PADDING:
- r=RSA_padding_check_none(to,num,buf,i,num);
- break;
- default:
- RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
- goto err;
- }
- if (r < 0)
- RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED);
-
-err:
- if (ctx != NULL) BN_CTX_free(ctx);
- BN_clear_free(&f);
- BN_clear_free(&ret);
- if (buf != NULL)
- {
- memset(buf,0,num);
- OPENSSL_free(buf);
- }
- return(r);
- }
-
-static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
- {
- const RSA_METHOD *meth;
- BIGNUM r1,m1,vrfy;
- int ret=0;
- BN_CTX *ctx;
-
- meth = ENGINE_get_RSA(rsa->engine);
- if ((ctx=BN_CTX_new()) == NULL) goto err;
- BN_init(&m1);
- BN_init(&r1);
- BN_init(&vrfy);
-
- if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
- {
- if (rsa->_method_mod_p == NULL)
- {
- BN_MONT_CTX* bn_mont_ctx;
- if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
- goto err;
- if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->p,ctx))
- {
- BN_MONT_CTX_free(bn_mont_ctx);
- goto err;
- }
- if (rsa->_method_mod_p == NULL) /* other thread may have finished first */
- {
- CRYPTO_w_lock(CRYPTO_LOCK_RSA);
- if (rsa->_method_mod_p == NULL)
- {
- rsa->_method_mod_p = bn_mont_ctx;
- bn_mont_ctx = NULL;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
- }
- if (bn_mont_ctx)
- BN_MONT_CTX_free(bn_mont_ctx);
- }
-
- if (rsa->_method_mod_q == NULL)
- {
- BN_MONT_CTX* bn_mont_ctx;
- if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
- goto err;
- if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->q,ctx))
- {
- BN_MONT_CTX_free(bn_mont_ctx);
- goto err;
- }
- if (rsa->_method_mod_q == NULL) /* other thread may have finished first */
- {
- CRYPTO_w_lock(CRYPTO_LOCK_RSA);
- if (rsa->_method_mod_q == NULL)
- {
- rsa->_method_mod_q = bn_mont_ctx;
- bn_mont_ctx = NULL;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
- }
- if (bn_mont_ctx)
- BN_MONT_CTX_free(bn_mont_ctx);
- }
- }
-
- if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
- if (!meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx,
- rsa->_method_mod_q)) goto err;
-
- if (!BN_mod(&r1,I,rsa->p,ctx)) goto err;
- if (!meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx,
- rsa->_method_mod_p)) goto err;
-
- if (!BN_sub(r0,r0,&m1)) goto err;
- /* This will help stop the size of r0 increasing, which does
- * affect the multiply if it optimised for a power of 2 size */
- if (r0->neg)
- if (!BN_add(r0,r0,rsa->p)) goto err;
-
- if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err;
- if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err;
- /* If p < q it is occasionally possible for the correction of
- * adding 'p' if r0 is negative above to leave the result still
- * negative. This can break the private key operations: the following
- * second correction should *always* correct this rare occurrence.
- * This will *never* happen with OpenSSL generated keys because
- * they ensure p > q [steve]
- */
- if (r0->neg)
- if (!BN_add(r0,r0,rsa->p)) goto err;
- if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err;
- if (!BN_add(r0,&r1,&m1)) goto err;
-
- if (rsa->e && rsa->n)
- {
- if (!meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err;
- if (BN_cmp(I, &vrfy) != 0)
- {
- if (!meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err;
- }
- }
- ret=1;
-err:
- BN_clear_free(&m1);
- BN_clear_free(&r1);
- BN_clear_free(&vrfy);
- BN_CTX_free(ctx);
- return(ret);
- }
-
-static int RSA_eay_init(RSA *rsa)
- {
- rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
- return(1);
- }
-
-static int RSA_eay_finish(RSA *rsa)
- {
- if (rsa->_method_mod_n != NULL)
- BN_MONT_CTX_free(rsa->_method_mod_n);
- if (rsa->_method_mod_p != NULL)
- BN_MONT_CTX_free(rsa->_method_mod_p);
- if (rsa->_method_mod_q != NULL)
- BN_MONT_CTX_free(rsa->_method_mod_q);
- return(1);
- }
-
-#endif
diff --git a/src/lib/libcrypto/rsa/rsa_err.c b/src/lib/libcrypto/rsa/rsa_err.c
deleted file mode 100644
index 1cde7c0da4..0000000000
--- a/src/lib/libcrypto/rsa/rsa_err.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* crypto/rsa/rsa_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA RSA_str_functs[]=
- {
-{ERR_PACK(0,RSA_F_MEMORY_LOCK,0), "MEMORY_LOCK"},
-{ERR_PACK(0,RSA_F_RSA_CHECK_KEY,0), "RSA_check_key"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0), "RSA_EAY_PUBLIC_ENCRYPT"},
-{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0), "RSA_generate_key"},
-{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0), "RSA_new_method"},
-{ERR_PACK(0,RSA_F_RSA_NULL,0), "RSA_NULL"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0), "RSA_padding_add_none"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,0), "RSA_padding_add_PKCS1_OAEP"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0), "RSA_padding_add_PKCS1_type_1"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0), "RSA_padding_add_PKCS1_type_2"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0), "RSA_padding_add_SSLv23"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0), "RSA_padding_check_none"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP,0), "RSA_padding_check_PKCS1_OAEP"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0), "RSA_padding_check_PKCS1_type_1"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0), "RSA_padding_check_PKCS1_type_2"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0), "RSA_padding_check_SSLv23"},
-{ERR_PACK(0,RSA_F_RSA_PRINT,0), "RSA_print"},
-{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0), "RSA_print_fp"},
-{ERR_PACK(0,RSA_F_RSA_SIGN,0), "RSA_sign"},
-{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0), "RSA_sign_ASN1_OCTET_STRING"},
-{ERR_PACK(0,RSA_F_RSA_VERIFY,0), "RSA_verify"},
-{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0), "RSA_verify_ASN1_OCTET_STRING"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA RSA_str_reasons[]=
- {
-{RSA_R_ALGORITHM_MISMATCH ,"algorithm mismatch"},
-{RSA_R_BAD_E_VALUE ,"bad e value"},
-{RSA_R_BAD_FIXED_HEADER_DECRYPT ,"bad fixed header decrypt"},
-{RSA_R_BAD_PAD_BYTE_COUNT ,"bad pad byte count"},
-{RSA_R_BAD_SIGNATURE ,"bad signature"},
-{RSA_R_BLOCK_TYPE_IS_NOT_01 ,"block type is not 01"},
-{RSA_R_BLOCK_TYPE_IS_NOT_02 ,"block type is not 02"},
-{RSA_R_DATA_GREATER_THAN_MOD_LEN ,"data greater than mod len"},
-{RSA_R_DATA_TOO_LARGE ,"data too large"},
-{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
-{RSA_R_DATA_TOO_SMALL ,"data too small"},
-{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ,"data too small for key size"},
-{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"},
-{RSA_R_DMP1_NOT_CONGRUENT_TO_D ,"dmp1 not congruent to d"},
-{RSA_R_DMQ1_NOT_CONGRUENT_TO_D ,"dmq1 not congruent to d"},
-{RSA_R_D_E_NOT_CONGRUENT_TO_1 ,"d e not congruent to 1"},
-{RSA_R_INVALID_MESSAGE_LENGTH ,"invalid message length"},
-{RSA_R_IQMP_NOT_INVERSE_OF_Q ,"iqmp not inverse of q"},
-{RSA_R_KEY_SIZE_TOO_SMALL ,"key size too small"},
-{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"},
-{RSA_R_N_DOES_NOT_EQUAL_P_Q ,"n does not equal p q"},
-{RSA_R_OAEP_DECODING_ERROR ,"oaep decoding error"},
-{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"},
-{RSA_R_P_NOT_PRIME ,"p not prime"},
-{RSA_R_Q_NOT_PRIME ,"q not prime"},
-{RSA_R_RSA_OPERATIONS_NOT_SUPPORTED ,"rsa operations not supported"},
-{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"},
-{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
-{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"},
-{RSA_R_UNKNOWN_PADDING_TYPE ,"unknown padding type"},
-{RSA_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_RSA_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_RSA,RSA_str_functs);
- ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c
deleted file mode 100644
index 00c25adbc5..0000000000
--- a/src/lib/libcrypto/rsa/rsa_gen.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/* crypto/rsa/rsa_gen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-
-RSA *RSA_generate_key(int bits, unsigned long e_value,
- void (*callback)(int,int,void *), void *cb_arg)
- {
- RSA *rsa=NULL;
- BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
- int bitsp,bitsq,ok= -1,n=0,i;
- BN_CTX *ctx=NULL,*ctx2=NULL;
-
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
- ctx2=BN_CTX_new();
- if (ctx2 == NULL) goto err;
- BN_CTX_start(ctx);
- r0 = BN_CTX_get(ctx);
- r1 = BN_CTX_get(ctx);
- r2 = BN_CTX_get(ctx);
- r3 = BN_CTX_get(ctx);
- if (r3 == NULL) goto err;
-
- bitsp=(bits+1)/2;
- bitsq=bits-bitsp;
- rsa=RSA_new();
- if (rsa == NULL) goto err;
-
- /* set e */
- rsa->e=BN_new();
- if (rsa->e == NULL) goto err;
-
-#if 1
- /* The problem is when building with 8, 16, or 32 BN_ULONG,
- * unsigned long can be larger */
- for (i=0; i<sizeof(unsigned long)*8; i++)
- {
- if (e_value & (1UL<<i))
- BN_set_bit(rsa->e,i);
- }
-#else
- if (!BN_set_word(rsa->e,e_value)) goto err;
-#endif
-
- /* generate p and q */
- for (;;)
- {
- rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg);
- if (rsa->p == NULL) goto err;
- if (!BN_sub(r2,rsa->p,BN_value_one())) goto err;
- if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
- if (BN_is_one(r1)) break;
- if (callback != NULL) callback(2,n++,cb_arg);
- BN_free(rsa->p);
- }
- if (callback != NULL) callback(3,0,cb_arg);
- for (;;)
- {
- rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg);
- if (rsa->q == NULL) goto err;
- if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;
- if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
- if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0))
- break;
- if (callback != NULL) callback(2,n++,cb_arg);
- BN_free(rsa->q);
- }
- if (callback != NULL) callback(3,1,cb_arg);
- if (BN_cmp(rsa->p,rsa->q) < 0)
- {
- tmp=rsa->p;
- rsa->p=rsa->q;
- rsa->q=tmp;
- }
-
- /* calculate n */
- rsa->n=BN_new();
- if (rsa->n == NULL) goto err;
- if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err;
-
- /* calculate d */
- if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */
- if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */
- if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */
-
-/* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */
-/* for (;;)
- {
- if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err;
- if (BN_is_one(r3)) break;
-
- if (1)
- {
- if (!BN_add_word(rsa->e,2L)) goto err;
- continue;
- }
- RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE);
- goto err;
- }
-*/
- rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */
- if (rsa->d == NULL) goto err;
-
- /* calculate d mod (p-1) */
- rsa->dmp1=BN_new();
- if (rsa->dmp1 == NULL) goto err;
- if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err;
-
- /* calculate d mod (q-1) */
- rsa->dmq1=BN_new();
- if (rsa->dmq1 == NULL) goto err;
- if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err;
-
- /* calculate inverse of q mod p */
- rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2);
- if (rsa->iqmp == NULL) goto err;
-
- ok=1;
-err:
- if (ok == -1)
- {
- RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
- ok=0;
- }
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- BN_CTX_free(ctx2);
-
- if (!ok)
- {
- if (rsa != NULL) RSA_free(rsa);
- return(NULL);
- }
- else
- return(rsa);
- }
-
diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c
deleted file mode 100644
index 94395cc22c..0000000000
--- a/src/lib/libcrypto/rsa/rsa_lib.c
+++ /dev/null
@@ -1,388 +0,0 @@
-/* crypto/rsa/rsa_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/engine.h>
-
-const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT;
-
-static RSA_METHOD *default_RSA_meth=NULL;
-static int rsa_meth_num=0;
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *rsa_meth=NULL;
-
-RSA *RSA_new(void)
- {
- return(RSA_new_method(NULL));
- }
-
-void RSA_set_default_openssl_method(RSA_METHOD *meth)
- {
- ENGINE *e;
- /* We'll need to notify the "openssl" ENGINE of this
- * change too. We won't bother locking things down at
- * our end as there was never any locking in these
- * functions! */
- if(default_RSA_meth != meth)
- {
- default_RSA_meth = meth;
- e = ENGINE_by_id("openssl");
- if(e)
- {
- ENGINE_set_RSA(e, meth);
- ENGINE_free(e);
- }
- }
- }
-
-RSA_METHOD *RSA_get_default_openssl_method(void)
-{
- if (default_RSA_meth == NULL)
- {
-#ifdef RSA_NULL
- default_RSA_meth=RSA_null_method();
-#else
-#ifdef RSAref
- default_RSA_meth=RSA_PKCS1_RSAref();
-#else
- default_RSA_meth=RSA_PKCS1_SSLeay();
-#endif
-#endif
- }
-
- return default_RSA_meth;
-}
-
-RSA_METHOD *RSA_get_method(RSA *rsa)
-{
- return ENGINE_get_RSA(rsa->engine);
-}
-
-#if 0
-RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth)
-{
- RSA_METHOD *mtmp;
- mtmp = rsa->meth;
- if (mtmp->finish) mtmp->finish(rsa);
- rsa->meth = meth;
- if (meth->init) meth->init(rsa);
- return mtmp;
-}
-#else
-int RSA_set_method(RSA *rsa, ENGINE *engine)
-{
- ENGINE *mtmp;
- RSA_METHOD *meth;
- mtmp = rsa->engine;
- meth = ENGINE_get_RSA(mtmp);
- if (!ENGINE_init(engine))
- return 0;
- if (meth->finish) meth->finish(rsa);
- rsa->engine = engine;
- meth = ENGINE_get_RSA(engine);
- if (meth->init) meth->init(rsa);
- /* SHOULD ERROR CHECK THIS!!! */
- ENGINE_finish(mtmp);
- return 1;
-}
-#endif
-
-#if 0
-RSA *RSA_new_method(RSA_METHOD *meth)
-#else
-RSA *RSA_new_method(ENGINE *engine)
-#endif
- {
- RSA_METHOD *meth;
- RSA *ret;
-
- ret=(RSA *)OPENSSL_malloc(sizeof(RSA));
- if (ret == NULL)
- {
- RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
-
- if (engine == NULL)
- {
- if((ret->engine=ENGINE_get_default_RSA()) == NULL)
- {
- OPENSSL_free(ret);
- return NULL;
- }
- }
- else
- ret->engine=engine;
- meth = ENGINE_get_RSA(ret->engine);
-
- ret->pad=0;
- ret->version=0;
- ret->n=NULL;
- ret->e=NULL;
- ret->d=NULL;
- ret->p=NULL;
- ret->q=NULL;
- ret->dmp1=NULL;
- ret->dmq1=NULL;
- ret->iqmp=NULL;
- ret->references=1;
- ret->_method_mod_n=NULL;
- ret->_method_mod_p=NULL;
- ret->_method_mod_q=NULL;
- ret->blinding=NULL;
- ret->bignum_data=NULL;
- ret->flags=meth->flags;
- CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data);
- if ((meth->init != NULL) && !meth->init(ret))
- {
- CRYPTO_free_ex_data(rsa_meth,ret,&ret->ex_data);
- OPENSSL_free(ret);
- ret=NULL;
- }
- return(ret);
- }
-
-void RSA_free(RSA *r)
- {
- RSA_METHOD *meth;
- int i;
-
- if (r == NULL) return;
-
- i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA);
-#ifdef REF_PRINT
- REF_PRINT("RSA",r);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"RSA_free, bad reference count\n");
- abort();
- }
-#endif
-
- meth = ENGINE_get_RSA(r->engine);
- if (meth->finish != NULL)
- meth->finish(r);
- ENGINE_finish(r->engine);
-
- CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data);
-
- if (r->n != NULL) BN_clear_free(r->n);
- if (r->e != NULL) BN_clear_free(r->e);
- if (r->d != NULL) BN_clear_free(r->d);
- if (r->p != NULL) BN_clear_free(r->p);
- if (r->q != NULL) BN_clear_free(r->q);
- if (r->dmp1 != NULL) BN_clear_free(r->dmp1);
- if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
- if (r->iqmp != NULL) BN_clear_free(r->iqmp);
- if (r->blinding != NULL) BN_BLINDING_free(r->blinding);
- if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data);
- OPENSSL_free(r);
- }
-
-int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
- {
- rsa_meth_num++;
- return(CRYPTO_get_ex_new_index(rsa_meth_num-1,
- &rsa_meth,argl,argp,new_func,dup_func,free_func));
- }
-
-int RSA_set_ex_data(RSA *r, int idx, void *arg)
- {
- return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
- }
-
-void *RSA_get_ex_data(RSA *r, int idx)
- {
- return(CRYPTO_get_ex_data(&r->ex_data,idx));
- }
-
-int RSA_size(RSA *r)
- {
- return(BN_num_bytes(r->n));
- }
-
-int RSA_public_encrypt(int flen, unsigned char *from, unsigned char *to,
- RSA *rsa, int padding)
- {
- return(ENGINE_get_RSA(rsa->engine)->rsa_pub_enc(flen,
- from, to, rsa, padding));
- }
-
-int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to,
- RSA *rsa, int padding)
- {
- return(ENGINE_get_RSA(rsa->engine)->rsa_priv_enc(flen,
- from, to, rsa, padding));
- }
-
-int RSA_private_decrypt(int flen, unsigned char *from, unsigned char *to,
- RSA *rsa, int padding)
- {
- return(ENGINE_get_RSA(rsa->engine)->rsa_priv_dec(flen,
- from, to, rsa, padding));
- }
-
-int RSA_public_decrypt(int flen, unsigned char *from, unsigned char *to,
- RSA *rsa, int padding)
- {
- return(ENGINE_get_RSA(rsa->engine)->rsa_pub_dec(flen,
- from, to, rsa, padding));
- }
-
-int RSA_flags(RSA *r)
- {
- return((r == NULL)?0:ENGINE_get_RSA(r->engine)->flags);
- }
-
-void RSA_blinding_off(RSA *rsa)
- {
- if (rsa->blinding != NULL)
- {
- BN_BLINDING_free(rsa->blinding);
- rsa->blinding=NULL;
- }
- rsa->flags&= ~RSA_FLAG_BLINDING;
- }
-
-int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
- {
- BIGNUM *A,*Ai;
- BN_CTX *ctx;
- int ret=0;
-
- if (p_ctx == NULL)
- {
- if ((ctx=BN_CTX_new()) == NULL) goto err;
- }
- else
- ctx=p_ctx;
-
- if (rsa->blinding != NULL)
- BN_BLINDING_free(rsa->blinding);
-
- BN_CTX_start(ctx);
- A = BN_CTX_get(ctx);
- if (!BN_rand_range(A,rsa->n)) goto err;
- if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
-
- if (!ENGINE_get_RSA(rsa->engine)->bn_mod_exp(A,A,
- rsa->e,rsa->n,ctx,rsa->_method_mod_n))
- goto err;
- rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n);
- rsa->flags|=RSA_FLAG_BLINDING;
- BN_free(Ai);
- ret=1;
-err:
- BN_CTX_end(ctx);
- if (ctx != p_ctx) BN_CTX_free(ctx);
- return(ret);
- }
-
-int RSA_memory_lock(RSA *r)
- {
- int i,j,k,off;
- char *p;
- BIGNUM *bn,**t[6],*b;
- BN_ULONG *ul;
-
- if (r->d == NULL) return(1);
- t[0]= &r->d;
- t[1]= &r->p;
- t[2]= &r->q;
- t[3]= &r->dmp1;
- t[4]= &r->dmq1;
- t[5]= &r->iqmp;
- k=sizeof(BIGNUM)*6;
- off=k/sizeof(BN_ULONG)+1;
- j=1;
- for (i=0; i<6; i++)
- j+= (*t[i])->top;
- if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL)
- {
- RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- bn=(BIGNUM *)p;
- ul=(BN_ULONG *)&(p[off]);
- for (i=0; i<6; i++)
- {
- b= *(t[i]);
- *(t[i])= &(bn[i]);
- memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM));
- bn[i].flags=BN_FLG_STATIC_DATA;
- bn[i].d=ul;
- memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top);
- ul+=b->top;
- BN_clear_free(b);
- }
-
- /* I should fix this so it can still be done */
- r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC);
-
- r->bignum_data=p;
- return(1);
- }
-
diff --git a/src/lib/libcrypto/rsa/rsa_none.c b/src/lib/libcrypto/rsa/rsa_none.c
deleted file mode 100644
index f22fce5016..0000000000
--- a/src/lib/libcrypto/rsa/rsa_none.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* crypto/rsa/rsa_none.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-
-int RSA_padding_add_none(unsigned char *to, int tlen, unsigned char *from,
- int flen)
- {
- if (flen > tlen)
- {
- RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
- return(0);
- }
-
- if (flen < tlen)
- {
- RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE);
- return(0);
- }
-
- memcpy(to,from,(unsigned int)flen);
- return(1);
- }
-
-int RSA_padding_check_none(unsigned char *to, int tlen, unsigned char *from,
- int flen, int num)
- {
-
- if (flen > tlen)
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_DATA_TOO_LARGE);
- return(-1);
- }
-
- memset(to,0,tlen-flen);
- memcpy(to+tlen-flen,from,flen);
- return(tlen);
- }
-
diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c
deleted file mode 100644
index 1849e55cd5..0000000000
--- a/src/lib/libcrypto/rsa/rsa_oaep.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/* crypto/rsa/rsa_oaep.c */
-/* Written by Ulf Moeller. This software is distributed on an "AS IS"
- basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */
-
-/* EME_OAEP as defined in RFC 2437 (PKCS #1 v2.0) */
-
-#if !defined(NO_SHA) && !defined(NO_SHA1)
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/sha.h>
-#include <openssl/rand.h>
-
-int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen);
-
-int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
- unsigned char *from, int flen, unsigned char *param, int plen)
- {
- int i, emlen = tlen - 1;
- unsigned char *db, *seed;
- unsigned char *dbmask, seedmask[SHA_DIGEST_LENGTH];
-
- if (flen > emlen - 2 * SHA_DIGEST_LENGTH - 1)
- {
- RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,
- RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
- return (0);
- }
-
- if (emlen < 2 * SHA_DIGEST_LENGTH + 1)
- {
- RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, RSA_R_KEY_SIZE_TOO_SMALL);
- return (0);
- }
-
- dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH);
- if (dbmask == NULL)
- {
- RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
- return (0);
- }
-
- to[0] = 0;
- seed = to + 1;
- db = to + SHA_DIGEST_LENGTH + 1;
-
- SHA1(param, plen, db);
- memset(db + SHA_DIGEST_LENGTH, 0,
- emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
- db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
- memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen);
- if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0)
- return (0);
-#ifdef PKCS_TESTVECT
- memcpy(seed,
- "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f",
- 20);
-#endif
-
- MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH);
- for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++)
- db[i] ^= dbmask[i];
-
- MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH);
- for (i = 0; i < SHA_DIGEST_LENGTH; i++)
- seed[i] ^= seedmask[i];
-
- OPENSSL_free(dbmask);
- return (1);
- }
-
-int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
- unsigned char *from, int flen, int num, unsigned char *param,
- int plen)
- {
- int i, dblen, mlen = -1;
- unsigned char *maskeddb;
- int lzero;
- unsigned char *db = NULL, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH];
-
- if (--num < 2 * SHA_DIGEST_LENGTH + 1)
- goto decoding_err;
-
- lzero = num - flen;
- if (lzero < 0)
- goto decoding_err;
- maskeddb = from - lzero + SHA_DIGEST_LENGTH;
-
- dblen = num - SHA_DIGEST_LENGTH;
- db = OPENSSL_malloc(dblen);
- if (db == NULL)
- {
- RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
- return (-1);
- }
-
- MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen);
- for (i = lzero; i < SHA_DIGEST_LENGTH; i++)
- seed[i] ^= from[i - lzero];
-
- MGF1(db, dblen, seed, SHA_DIGEST_LENGTH);
- for (i = 0; i < dblen; i++)
- db[i] ^= maskeddb[i];
-
- SHA1(param, plen, phash);
-
- if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0)
- goto decoding_err;
- else
- {
- for (i = SHA_DIGEST_LENGTH; i < dblen; i++)
- if (db[i] != 0x00)
- break;
- if (db[i] != 0x01 || i++ >= dblen)
- goto decoding_err;
- else
- {
- mlen = dblen - i;
- if (tlen < mlen)
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE);
- mlen = -1;
- }
- else
- memcpy(to, db + i, mlen);
- }
- }
- OPENSSL_free(db);
- return (mlen);
-
-decoding_err:
- /* to avoid chosen ciphertext attacks, the error message should not reveal
- * which kind of decoding error happened */
- RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR);
- if (db != NULL) OPENSSL_free(db);
- return -1;
- }
-
-int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen)
- {
- long i, outlen = 0;
- unsigned char cnt[4];
- SHA_CTX c;
- unsigned char md[SHA_DIGEST_LENGTH];
-
- for (i = 0; outlen < len; i++)
- {
- cnt[0] = (i >> 24) & 255, cnt[1] = (i >> 16) & 255,
- cnt[2] = (i >> 8) & 255, cnt[3] = i & 255;
- SHA1_Init(&c);
- SHA1_Update(&c, seed, seedlen);
- SHA1_Update(&c, cnt, 4);
- if (outlen + SHA_DIGEST_LENGTH <= len)
- {
- SHA1_Final(mask + outlen, &c);
- outlen += SHA_DIGEST_LENGTH;
- }
- else
- {
- SHA1_Final(md, &c);
- memcpy(mask + outlen, md, len - outlen);
- outlen = len;
- }
- }
- return (0);
- }
-#endif
diff --git a/src/lib/libcrypto/rsa/rsa_pk1.c b/src/lib/libcrypto/rsa/rsa_pk1.c
deleted file mode 100644
index 48a32bc264..0000000000
--- a/src/lib/libcrypto/rsa/rsa_pk1.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/* crypto/rsa/rsa_pk1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-
-int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
- unsigned char *from, int flen)
- {
- int j;
- unsigned char *p;
-
- if (flen > (tlen-11))
- {
- RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
- return(0);
- }
-
- p=(unsigned char *)to;
-
- *(p++)=0;
- *(p++)=1; /* Private Key BT (Block Type) */
-
- /* pad out with 0xff data */
- j=tlen-3-flen;
- memset(p,0xff,j);
- p+=j;
- *(p++)='\0';
- memcpy(p,from,(unsigned int)flen);
- return(1);
- }
-
-int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
- unsigned char *from, int flen, int num)
- {
- int i,j;
- unsigned char *p;
-
- p=from;
- if ((num != (flen+1)) || (*(p++) != 01))
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01);
- return(-1);
- }
-
- /* scan over padding data */
- j=flen-1; /* one for type. */
- for (i=0; i<j; i++)
- {
- if (*p != 0xff) /* should decrypt to 0xff */
- {
- if (*p == 0)
- { p++; break; }
- else {
- RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_FIXED_HEADER_DECRYPT);
- return(-1);
- }
- }
- p++;
- }
-
- if (i == j)
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_NULL_BEFORE_BLOCK_MISSING);
- return(-1);
- }
-
- if (i < 8)
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_PAD_BYTE_COUNT);
- return(-1);
- }
- i++; /* Skip over the '\0' */
- j-=i;
- if (j > tlen)
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE);
- return(-1);
- }
- memcpy(to,p,(unsigned int)j);
-
- return(j);
- }
-
-int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
- unsigned char *from, int flen)
- {
- int i,j;
- unsigned char *p;
-
- if (flen > (tlen-11))
- {
- RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
- return(0);
- }
-
- p=(unsigned char *)to;
-
- *(p++)=0;
- *(p++)=2; /* Public Key BT (Block Type) */
-
- /* pad out with non-zero random data */
- j=tlen-3-flen;
-
- if (RAND_bytes(p,j) <= 0)
- return(0);
- for (i=0; i<j; i++)
- {
- if (*p == '\0')
- do {
- if (RAND_bytes(p,1) <= 0)
- return(0);
- } while (*p == '\0');
- p++;
- }
-
- *(p++)='\0';
-
- memcpy(p,from,(unsigned int)flen);
- return(1);
- }
-
-int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
- unsigned char *from, int flen, int num)
- {
- int i,j;
- unsigned char *p;
-
- p=from;
- if ((num != (flen+1)) || (*(p++) != 02))
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BLOCK_TYPE_IS_NOT_02);
- return(-1);
- }
-#ifdef PKCS1_CHECK
- return(num-11);
-#endif
-
- /* scan over padding data */
- j=flen-1; /* one for type. */
- for (i=0; i<j; i++)
- if (*(p++) == 0) break;
-
- if (i == j)
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_NULL_BEFORE_BLOCK_MISSING);
- return(-1);
- }
-
- if (i < 8)
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BAD_PAD_BYTE_COUNT);
- return(-1);
- }
- i++; /* Skip over the '\0' */
- j-=i;
- if (j > tlen)
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE);
- return(-1);
- }
- memcpy(to,p,(unsigned int)j);
-
- return(j);
- }
-
diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c
deleted file mode 100644
index c77f4381ff..0000000000
--- a/src/lib/libcrypto/rsa/rsa_saos.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/* crypto/rsa/rsa_saos.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigret, unsigned int *siglen, RSA *rsa)
- {
- ASN1_OCTET_STRING sig;
- int i,j,ret=1;
- unsigned char *p,*s;
-
- sig.type=V_ASN1_OCTET_STRING;
- sig.length=m_len;
- sig.data=m;
-
- i=i2d_ASN1_OCTET_STRING(&sig,NULL);
- j=RSA_size(rsa);
- if ((i-RSA_PKCS1_PADDING) > j)
- {
- RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
- return(0);
- }
- s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1);
- if (s == NULL)
- {
- RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- p=s;
- i2d_ASN1_OCTET_STRING(&sig,&p);
- i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
- if (i <= 0)
- ret=0;
- else
- *siglen=i;
-
- memset(s,0,(unsigned int)j+1);
- OPENSSL_free(s);
- return(ret);
- }
-
-int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m,
- unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
- RSA *rsa)
- {
- int i,ret=0;
- unsigned char *p,*s;
- ASN1_OCTET_STRING *sig=NULL;
-
- if (siglen != (unsigned int)RSA_size(rsa))
- {
- RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_WRONG_SIGNATURE_LENGTH);
- return(0);
- }
-
- s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen);
- if (s == NULL)
- {
- RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
-
- if (i <= 0) goto err;
-
- p=s;
- sig=d2i_ASN1_OCTET_STRING(NULL,&p,(long)i);
- if (sig == NULL) goto err;
-
- if ( ((unsigned int)sig->length != m_len) ||
- (memcmp(m,sig->data,m_len) != 0))
- {
- RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_BAD_SIGNATURE);
- }
- else
- ret=1;
-err:
- if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);
- memset(s,0,(unsigned int)siglen);
- OPENSSL_free(s);
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c
deleted file mode 100644
index cf00876292..0000000000
--- a/src/lib/libcrypto/rsa/rsa_sign.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/* crypto/rsa/rsa_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/engine.h>
-
-/* Size of an SSL signature: MD5+SHA1 */
-#define SSL_SIG_LENGTH 36
-
-int RSA_sign(int type, unsigned char *m, unsigned int m_len,
- unsigned char *sigret, unsigned int *siglen, RSA *rsa)
- {
- X509_SIG sig;
- ASN1_TYPE parameter;
- int i,j,ret=1;
- unsigned char *p,*s = NULL;
- X509_ALGOR algor;
- ASN1_OCTET_STRING digest;
- if(rsa->flags & RSA_FLAG_SIGN_VER)
- return ENGINE_get_RSA(rsa->engine)->rsa_sign(type,
- m, m_len, sigret, siglen, rsa);
- /* Special case: SSL signature, just check the length */
- if(type == NID_md5_sha1) {
- if(m_len != SSL_SIG_LENGTH) {
- RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH);
- return(0);
- }
- i = SSL_SIG_LENGTH;
- s = m;
- } else {
- sig.algor= &algor;
- sig.algor->algorithm=OBJ_nid2obj(type);
- if (sig.algor->algorithm == NULL)
- {
- RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
- return(0);
- }
- if (sig.algor->algorithm->length == 0)
- {
- RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
- return(0);
- }
- parameter.type=V_ASN1_NULL;
- parameter.value.ptr=NULL;
- sig.algor->parameter= ¶meter;
-
- sig.digest= &digest;
- sig.digest->data=m;
- sig.digest->length=m_len;
-
- i=i2d_X509_SIG(&sig,NULL);
- }
- j=RSA_size(rsa);
- if ((i-RSA_PKCS1_PADDING) > j)
- {
- RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
- return(0);
- }
- if(type != NID_md5_sha1) {
- s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1);
- if (s == NULL)
- {
- RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- p=s;
- i2d_X509_SIG(&sig,&p);
- }
- i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
- if (i <= 0)
- ret=0;
- else
- *siglen=i;
-
- if(type != NID_md5_sha1) {
- memset(s,0,(unsigned int)j+1);
- OPENSSL_free(s);
- }
- return(ret);
- }
-
-int RSA_verify(int dtype, unsigned char *m, unsigned int m_len,
- unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
- {
- int i,ret=0,sigtype;
- unsigned char *p,*s;
- X509_SIG *sig=NULL;
-
- if (siglen != (unsigned int)RSA_size(rsa))
- {
- RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
- return(0);
- }
-
- if(rsa->flags & RSA_FLAG_SIGN_VER)
- return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype,
- m, m_len, sigbuf, siglen, rsa);
-
- s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen);
- if (s == NULL)
- {
- RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
- RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
- return(0);
- }
- i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
-
- if (i <= 0) goto err;
-
- /* Special case: SSL signature */
- if(dtype == NID_md5_sha1) {
- if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH))
- RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
- else ret = 1;
- } else {
- p=s;
- sig=d2i_X509_SIG(NULL,&p,(long)i);
-
- if (sig == NULL) goto err;
- sigtype=OBJ_obj2nid(sig->algor->algorithm);
-
-
- #ifdef RSA_DEBUG
- /* put a backward compatibility flag in EAY */
- fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
- OBJ_nid2ln(dtype));
- #endif
- if (sigtype != dtype)
- {
- if (((dtype == NID_md5) &&
- (sigtype == NID_md5WithRSAEncryption)) ||
- ((dtype == NID_md2) &&
- (sigtype == NID_md2WithRSAEncryption)))
- {
- /* ok, we will let it through */
- #if !defined(NO_STDIO) && !defined(WIN16)
- fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
- #endif
- }
- else
- {
- RSAerr(RSA_F_RSA_VERIFY,
- RSA_R_ALGORITHM_MISMATCH);
- goto err;
- }
- }
- if ( ((unsigned int)sig->digest->length != m_len) ||
- (memcmp(m,sig->digest->data,m_len) != 0))
- {
- RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
- }
- else
- ret=1;
- }
-err:
- if (sig != NULL) X509_SIG_free(sig);
- memset(s,0,(unsigned int)siglen);
- OPENSSL_free(s);
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c
deleted file mode 100644
index 482f4a8273..0000000000
--- a/src/lib/libcrypto/rsa/rsa_ssl.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/* crypto/rsa/rsa_ssl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-
-int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from,
- int flen)
- {
- int i,j;
- unsigned char *p;
-
- if (flen > (tlen-11))
- {
- RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
- return(0);
- }
-
- p=(unsigned char *)to;
-
- *(p++)=0;
- *(p++)=2; /* Public Key BT (Block Type) */
-
- /* pad out with non-zero random data */
- j=tlen-3-8-flen;
-
- if (RAND_bytes(p,j) <= 0)
- return(0);
- for (i=0; i<j; i++)
- {
- if (*p == '\0')
- do {
- if (RAND_bytes(p,1) <= 0)
- return(0);
- } while (*p == '\0');
- p++;
- }
-
- memset(p,3,8);
- p+=8;
- *(p++)='\0';
-
- memcpy(p,from,(unsigned int)flen);
- return(1);
- }
-
-int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from,
- int flen, int num)
- {
- int i,j,k;
- unsigned char *p;
-
- p=from;
- if (flen < 10)
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_SMALL);
- return(-1);
- }
- if ((num != (flen+1)) || (*(p++) != 02))
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_BLOCK_TYPE_IS_NOT_02);
- return(-1);
- }
-
- /* scan over padding data */
- j=flen-1; /* one for type */
- for (i=0; i<j; i++)
- if (*(p++) == 0) break;
-
- if ((i == j) || (i < 8))
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING);
- return(-1);
- }
- for (k= -8; k<0; k++)
- {
- if (p[k] != 0x03) break;
- }
- if (k == -1)
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK);
- return(-1);
- }
-
- i++; /* Skip over the '\0' */
- j-=i;
- if (j > tlen)
- {
- RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_LARGE);
- return(-1);
- }
- memcpy(to,p,(unsigned int)j);
-
- return(j);
- }
-
diff --git a/src/lib/libcrypto/sha/asm/sha1-586.pl b/src/lib/libcrypto/sha/asm/sha1-586.pl
deleted file mode 100644
index fe51fd0794..0000000000
--- a/src/lib/libcrypto/sha/asm/sha1-586.pl
+++ /dev/null
@@ -1,540 +0,0 @@
-#!/usr/local/bin/perl
-
-$normal=0;
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386");
-
-$A="eax";
-$B="ecx";
-$C="ebx";
-$D="edx";
-$E="edi";
-$T="esi";
-$tmp1="ebp";
-
-$off=9*4;
-
-@K=(0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6);
-
-&sha1_block_data("sha1_block_asm_data_order");
-
-&asm_finish();
-
-sub Nn
- {
- local($p)=@_;
- local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
- return($n{$p});
- }
-
-sub Np
- {
- local($p)=@_;
- local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
- local(%n)=($A,$B,$B,$C,$C,$D,$D,$E,$E,$T,$T,$A);
- return($n{$p});
- }
-
-sub Na
- {
- local($n)=@_;
- return( (($n )&0x0f),
- (($n+ 2)&0x0f),
- (($n+ 8)&0x0f),
- (($n+13)&0x0f),
- (($n+ 1)&0x0f));
- }
-
-sub X_expand
- {
- local($in)=@_;
-
- &comment("First, load the words onto the stack in network byte order");
- for ($i=0; $i<16; $i+=2)
- {
- &mov($A,&DWP(($i+0)*4,$in,"",0));# unless $i == 0;
- &mov($B,&DWP(($i+1)*4,$in,"",0));
- &bswap($A);
- &bswap($B);
- &mov(&swtmp($i+0),$A);
- &mov(&swtmp($i+1),$B);
- }
-
- &comment("We now have the X array on the stack");
- &comment("starting at sp-4");
- }
-
-# Rules of engagement
-# F is always trashable at the start, the running total.
-# E becomes the next F so it can be trashed after it has been 'accumulated'
-# F becomes A in the next round. We don't need to access it much.
-# During the X update part, the result ends up in $X[$n0].
-
-sub BODY_00_15
- {
- local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
-
-return if $n & 1;
- &comment("00_15 $n");
-
- &mov($f,$c);
-
- &mov($tmp1,$a);
- &xor($f,$d); # F2
-
- &rotl($tmp1,5); # A2
-
- &and($f,$b); # F3
- &add($tmp1,$e);
-
- &rotr($b,1); # B1 <- F
- &mov($e,&swtmp($n)); # G1
-
- &rotr($b,1); # B1 <- F
- &xor($f,$d); # F4
-
- &lea($tmp1,&DWP($K,$tmp1,$e,1));
-
-############################
-# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
-# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
-$n++;
- local($n0,$n1,$n2,$n3,$np)=&Na($n);
- ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
-
- &mov($f,$c);
-
- &add($a,$tmp1); # MOVED DOWN
- &xor($f,$d); # F2
-
- &mov($tmp1,$a);
- &and($f,$b); # F3
-
- &rotl($tmp1,5); # A2
-
- &add($tmp1,$e);
- &mov($e,&swtmp($n)); # G1
-
- &rotr($b,1); # B1 <- F
- &xor($f,$d); # F4
-
- &rotr($b,1); # B1 <- F
- &lea($tmp1,&DWP($K,$tmp1,$e,1));
-
- &add($f,$tmp1);
- }
-
-sub BODY_16_19
- {
- local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
- local($n0,$n1,$n2,$n3,$np)=&Na($n);
-
-return if $n & 1;
- &comment("16_19 $n");
-
- &nop() if ($pos < 0);
-&mov($tmp1,&swtmp($n0)); # X1
- &mov($f,&swtmp($n1)); # X2
-&xor($f,$tmp1); # X3
- &mov($tmp1,&swtmp($n2)); # X4
-&xor($f,$tmp1); # X5
- &mov($tmp1,&swtmp($n3)); # X6
-&xor($f,$tmp1); # X7 - slot
- &mov($tmp1,$c); # F1
-&rotl($f,1); # X8 - slot
- &xor($tmp1,$d); # F2
-&mov(&swtmp($n0),$f); # X9 - anytime
- &and($tmp1,$b); # F3
-&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
- &xor($tmp1,$d); # F4
-&mov($e,$a); # A1
- &add($f,$tmp1); # tot+=F();
-
-&rotl($e,5); # A2
-
-&rotr($b,1); # B1 <- F
- &add($f,$e); # tot+=a
-
-############################
-# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
-# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
-$n++;
- local($n0,$n1,$n2,$n3,$np)=&Na($n);
- ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
-
-
-&mov($f,&swtmp($n0)); # X1
- &mov($tmp1,&swtmp($n1)); # X2
-&xor($f,$tmp1); # X3
- &mov($tmp1,&swtmp($n2)); # X4
-&xor($f,$tmp1); # X5
- &mov($tmp1,&swtmp($n3)); # X6
-&rotr($c,1); #&rotr($b,1); # B1 <- F # MOVED DOWN
- &xor($f,$tmp1); # X7 - slot
-&rotl($f,1); # X8 - slot
- &mov($tmp1,$c); # F1
-&xor($tmp1,$d); # F2
- &mov(&swtmp($n0),$f); # X9 - anytime
-&and($tmp1,$b); # F3
- &lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
-
-&xor($tmp1,$d); # F4
- &mov($e,$a); # A1
-
-&rotl($e,5); # A2
-
-&rotr($b,1); # B1 <- F
- &add($f,$e); # tot+=a
-
-&rotr($b,1); # B1 <- F
- &add($f,$tmp1); # tot+=F();
-
- }
-
-sub BODY_20_39
- {
- local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
-
- &comment("20_39 $n");
- local($n0,$n1,$n2,$n3,$np)=&Na($n);
-
-&mov($f,&swtmp($n0)); # X1
- &mov($tmp1,&swtmp($n1)); # X2
-&xor($f,$tmp1); # X3
- &mov($tmp1,&swtmp($n2)); # X4
-&xor($f,$tmp1); # X5
- &mov($tmp1,&swtmp($n3)); # X6
-&xor($f,$tmp1); # X7 - slot
- &mov($tmp1,$b); # F1
-&rotl($f,1); # X8 - slot
- &xor($tmp1,$c); # F2
-&mov(&swtmp($n0),$f); # X9 - anytime
- &xor($tmp1,$d); # F3
-
-&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
- &mov($e,$a); # A1
-
-&rotl($e,5); # A2
-
-if ($n != 79) # last loop
- {
- &rotr($b,1); # B1 <- F
- &add($e,$tmp1); # tmp1=F()+a
-
- &rotr($b,1); # B2 <- F
- &add($f,$e); # tot+=tmp1;
- }
-else
- {
- &add($e,$tmp1); # tmp1=F()+a
- &mov($tmp1,&wparam(0));
-
- &rotr($b,1); # B1 <- F
- &add($f,$e); # tot+=tmp1;
-
- &rotr($b,1); # B2 <- F
- }
- }
-
-sub BODY_40_59
- {
- local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
-
- &comment("40_59 $n");
- return if $n & 1;
- local($n0,$n1,$n2,$n3,$np)=&Na($n);
-
-&mov($f,&swtmp($n0)); # X1
- &mov($tmp1,&swtmp($n1)); # X2
-&xor($f,$tmp1); # X3
- &mov($tmp1,&swtmp($n2)); # X4
-&xor($f,$tmp1); # X5
- &mov($tmp1,&swtmp($n3)); # X6
-&xor($f,$tmp1); # X7 - slot
- &mov($tmp1,$b); # F1
-&rotl($f,1); # X8 - slot
- &or($tmp1,$c); # F2
-&mov(&swtmp($n0),$f); # X9 - anytime
- &and($tmp1,$d); # F3
-
-&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
- &mov($e,$b); # F4
-
-&rotr($b,1); # B1 <- F
- &and($e,$c); # F5
-
-&or($tmp1,$e); # F6
- &mov($e,$a); # A1
-
-&rotl($e,5); # A2
-
-&add($tmp1,$e); # tmp1=F()+a
-
-############################
-# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
-# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
-$n++;
- local($n0,$n1,$n2,$n3,$np)=&Na($n);
- ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
-
- &mov($f,&swtmp($n0)); # X1
-&add($a,$tmp1); # tot+=tmp1; # moved was add f,tmp1
- &mov($tmp1,&swtmp($n1)); # X2
-&xor($f,$tmp1); # X3
- &mov($tmp1,&swtmp($n2)); # X4
-&xor($f,$tmp1); # X5
- &mov($tmp1,&swtmp($n3)); # X6
-&rotr($c,1); # B2 <- F # moved was rotr b,1
- &xor($f,$tmp1); # X7 - slot
-&rotl($f,1); # X8 - slot
- &mov($tmp1,$b); # F1
-&mov(&swtmp($n0),$f); # X9 - anytime
- &or($tmp1,$c); # F2
-&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
- &mov($e,$b); # F4
-&and($tmp1,$d); # F3
- &and($e,$c); # F5
-
-&or($tmp1,$e); # F6
- &mov($e,$a); # A1
-
-&rotl($e,5); # A2
-
-&rotr($b,1); # B1 <- F
- &add($tmp1,$e); # tmp1=F()+a
-
-&rotr($b,1); # B2 <- F
- &add($f,$tmp1); # tot+=tmp1;
- }
-
-sub BODY_60_79
- {
- &BODY_20_39(@_);
- }
-
-sub sha1_block_host
- {
- local($name, $sclabel)=@_;
-
- &function_begin_B($name,"");
-
- # parameter 1 is the MD5_CTX structure.
- # A 0
- # B 4
- # C 8
- # D 12
- # E 16
-
- &mov("ecx", &wparam(2));
- &push("esi");
- &shl("ecx",6);
- &mov("esi", &wparam(1));
- &push("ebp");
- &add("ecx","esi"); # offset to leave on
- &push("ebx");
- &mov("ebp", &wparam(0));
- &push("edi");
- &mov($D, &DWP(12,"ebp","",0));
- &stack_push(18+9);
- &mov($E, &DWP(16,"ebp","",0));
- &mov($C, &DWP( 8,"ebp","",0));
- &mov(&swtmp(17),"ecx");
-
- &comment("First we need to setup the X array");
-
- for ($i=0; $i<16; $i+=2)
- {
- &mov($A,&DWP(($i+0)*4,"esi","",0));# unless $i == 0;
- &mov($B,&DWP(($i+1)*4,"esi","",0));
- &mov(&swtmp($i+0),$A);
- &mov(&swtmp($i+1),$B);
- }
- &jmp($sclabel);
- &function_end_B($name);
- }
-
-
-sub sha1_block_data
- {
- local($name)=@_;
-
- &function_begin_B($name,"");
-
- # parameter 1 is the MD5_CTX structure.
- # A 0
- # B 4
- # C 8
- # D 12
- # E 16
-
- &mov("ecx", &wparam(2));
- &push("esi");
- &shl("ecx",6);
- &mov("esi", &wparam(1));
- &push("ebp");
- &add("ecx","esi"); # offset to leave on
- &push("ebx");
- &mov("ebp", &wparam(0));
- &push("edi");
- &mov($D, &DWP(12,"ebp","",0));
- &stack_push(18+9);
- &mov($E, &DWP(16,"ebp","",0));
- &mov($C, &DWP( 8,"ebp","",0));
- &mov(&swtmp(17),"ecx");
-
- &comment("First we need to setup the X array");
-
- &set_label("start") unless $normal;
-
- &X_expand("esi");
- &mov(&wparam(1),"esi");
-
- &set_label("shortcut", 0, 1);
- &comment("");
- &comment("Start processing");
-
- # odd start
- &mov($A, &DWP( 0,"ebp","",0));
- &mov($B, &DWP( 4,"ebp","",0));
- $X="esp";
- &BODY_00_15(-2,$K[0],$X, 0,$A,$B,$C,$D,$E,$T);
- &BODY_00_15( 0,$K[0],$X, 1,$T,$A,$B,$C,$D,$E);
- &BODY_00_15( 0,$K[0],$X, 2,$E,$T,$A,$B,$C,$D);
- &BODY_00_15( 0,$K[0],$X, 3,$D,$E,$T,$A,$B,$C);
- &BODY_00_15( 0,$K[0],$X, 4,$C,$D,$E,$T,$A,$B);
- &BODY_00_15( 0,$K[0],$X, 5,$B,$C,$D,$E,$T,$A);
- &BODY_00_15( 0,$K[0],$X, 6,$A,$B,$C,$D,$E,$T);
- &BODY_00_15( 0,$K[0],$X, 7,$T,$A,$B,$C,$D,$E);
- &BODY_00_15( 0,$K[0],$X, 8,$E,$T,$A,$B,$C,$D);
- &BODY_00_15( 0,$K[0],$X, 9,$D,$E,$T,$A,$B,$C);
- &BODY_00_15( 0,$K[0],$X,10,$C,$D,$E,$T,$A,$B);
- &BODY_00_15( 0,$K[0],$X,11,$B,$C,$D,$E,$T,$A);
- &BODY_00_15( 0,$K[0],$X,12,$A,$B,$C,$D,$E,$T);
- &BODY_00_15( 0,$K[0],$X,13,$T,$A,$B,$C,$D,$E);
- &BODY_00_15( 0,$K[0],$X,14,$E,$T,$A,$B,$C,$D);
- &BODY_00_15( 1,$K[0],$X,15,$D,$E,$T,$A,$B,$C);
- &BODY_16_19(-1,$K[0],$X,16,$C,$D,$E,$T,$A,$B);
- &BODY_16_19( 0,$K[0],$X,17,$B,$C,$D,$E,$T,$A);
- &BODY_16_19( 0,$K[0],$X,18,$A,$B,$C,$D,$E,$T);
- &BODY_16_19( 1,$K[0],$X,19,$T,$A,$B,$C,$D,$E);
-
- &BODY_20_39(-1,$K[1],$X,20,$E,$T,$A,$B,$C,$D);
- &BODY_20_39( 0,$K[1],$X,21,$D,$E,$T,$A,$B,$C);
- &BODY_20_39( 0,$K[1],$X,22,$C,$D,$E,$T,$A,$B);
- &BODY_20_39( 0,$K[1],$X,23,$B,$C,$D,$E,$T,$A);
- &BODY_20_39( 0,$K[1],$X,24,$A,$B,$C,$D,$E,$T);
- &BODY_20_39( 0,$K[1],$X,25,$T,$A,$B,$C,$D,$E);
- &BODY_20_39( 0,$K[1],$X,26,$E,$T,$A,$B,$C,$D);
- &BODY_20_39( 0,$K[1],$X,27,$D,$E,$T,$A,$B,$C);
- &BODY_20_39( 0,$K[1],$X,28,$C,$D,$E,$T,$A,$B);
- &BODY_20_39( 0,$K[1],$X,29,$B,$C,$D,$E,$T,$A);
- &BODY_20_39( 0,$K[1],$X,30,$A,$B,$C,$D,$E,$T);
- &BODY_20_39( 0,$K[1],$X,31,$T,$A,$B,$C,$D,$E);
- &BODY_20_39( 0,$K[1],$X,32,$E,$T,$A,$B,$C,$D);
- &BODY_20_39( 0,$K[1],$X,33,$D,$E,$T,$A,$B,$C);
- &BODY_20_39( 0,$K[1],$X,34,$C,$D,$E,$T,$A,$B);
- &BODY_20_39( 0,$K[1],$X,35,$B,$C,$D,$E,$T,$A);
- &BODY_20_39( 0,$K[1],$X,36,$A,$B,$C,$D,$E,$T);
- &BODY_20_39( 0,$K[1],$X,37,$T,$A,$B,$C,$D,$E);
- &BODY_20_39( 0,$K[1],$X,38,$E,$T,$A,$B,$C,$D);
- &BODY_20_39( 1,$K[1],$X,39,$D,$E,$T,$A,$B,$C);
-
- &BODY_40_59(-1,$K[2],$X,40,$C,$D,$E,$T,$A,$B);
- &BODY_40_59( 0,$K[2],$X,41,$B,$C,$D,$E,$T,$A);
- &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
- &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
- &BODY_40_59( 0,$K[2],$X,44,$E,$T,$A,$B,$C,$D);
- &BODY_40_59( 0,$K[2],$X,45,$D,$E,$T,$A,$B,$C);
- &BODY_40_59( 0,$K[2],$X,46,$C,$D,$E,$T,$A,$B);
- &BODY_40_59( 0,$K[2],$X,47,$B,$C,$D,$E,$T,$A);
- &BODY_40_59( 0,$K[2],$X,48,$A,$B,$C,$D,$E,$T);
- &BODY_40_59( 0,$K[2],$X,49,$T,$A,$B,$C,$D,$E);
- &BODY_40_59( 0,$K[2],$X,50,$E,$T,$A,$B,$C,$D);
- &BODY_40_59( 0,$K[2],$X,51,$D,$E,$T,$A,$B,$C);
- &BODY_40_59( 0,$K[2],$X,52,$C,$D,$E,$T,$A,$B);
- &BODY_40_59( 0,$K[2],$X,53,$B,$C,$D,$E,$T,$A);
- &BODY_40_59( 0,$K[2],$X,54,$A,$B,$C,$D,$E,$T);
- &BODY_40_59( 0,$K[2],$X,55,$T,$A,$B,$C,$D,$E);
- &BODY_40_59( 0,$K[2],$X,56,$E,$T,$A,$B,$C,$D);
- &BODY_40_59( 0,$K[2],$X,57,$D,$E,$T,$A,$B,$C);
- &BODY_40_59( 0,$K[2],$X,58,$C,$D,$E,$T,$A,$B);
- &BODY_40_59( 1,$K[2],$X,59,$B,$C,$D,$E,$T,$A);
-
- &BODY_60_79(-1,$K[3],$X,60,$A,$B,$C,$D,$E,$T);
- &BODY_60_79( 0,$K[3],$X,61,$T,$A,$B,$C,$D,$E);
- &BODY_60_79( 0,$K[3],$X,62,$E,$T,$A,$B,$C,$D);
- &BODY_60_79( 0,$K[3],$X,63,$D,$E,$T,$A,$B,$C);
- &BODY_60_79( 0,$K[3],$X,64,$C,$D,$E,$T,$A,$B);
- &BODY_60_79( 0,$K[3],$X,65,$B,$C,$D,$E,$T,$A);
- &BODY_60_79( 0,$K[3],$X,66,$A,$B,$C,$D,$E,$T);
- &BODY_60_79( 0,$K[3],$X,67,$T,$A,$B,$C,$D,$E);
- &BODY_60_79( 0,$K[3],$X,68,$E,$T,$A,$B,$C,$D);
- &BODY_60_79( 0,$K[3],$X,69,$D,$E,$T,$A,$B,$C);
- &BODY_60_79( 0,$K[3],$X,70,$C,$D,$E,$T,$A,$B);
- &BODY_60_79( 0,$K[3],$X,71,$B,$C,$D,$E,$T,$A);
- &BODY_60_79( 0,$K[3],$X,72,$A,$B,$C,$D,$E,$T);
- &BODY_60_79( 0,$K[3],$X,73,$T,$A,$B,$C,$D,$E);
- &BODY_60_79( 0,$K[3],$X,74,$E,$T,$A,$B,$C,$D);
- &BODY_60_79( 0,$K[3],$X,75,$D,$E,$T,$A,$B,$C);
- &BODY_60_79( 0,$K[3],$X,76,$C,$D,$E,$T,$A,$B);
- &BODY_60_79( 0,$K[3],$X,77,$B,$C,$D,$E,$T,$A);
- &BODY_60_79( 0,$K[3],$X,78,$A,$B,$C,$D,$E,$T);
- &BODY_60_79( 2,$K[3],$X,79,$T,$A,$B,$C,$D,$E);
-
- &comment("End processing");
- &comment("");
- # D is the tmp value
-
- # E -> A
- # T -> B
- # A -> C
- # B -> D
- # C -> E
- # D -> T
-
- # The last 2 have been moved into the last loop
- # &mov($tmp1,&wparam(0));
-
- &mov($D, &DWP(12,$tmp1,"",0));
- &add($D,$B);
- &mov($B, &DWP( 4,$tmp1,"",0));
- &add($B,$T);
- &mov($T, $A);
- &mov($A, &DWP( 0,$tmp1,"",0));
- &mov(&DWP(12,$tmp1,"",0),$D);
-
- &add($A,$E);
- &mov($E, &DWP(16,$tmp1,"",0));
- &add($E,$C);
- &mov($C, &DWP( 8,$tmp1,"",0));
- &add($C,$T);
-
- &mov(&DWP( 0,$tmp1,"",0),$A);
- &mov("esi",&wparam(1));
- &mov(&DWP( 8,$tmp1,"",0),$C);
- &add("esi",64);
- &mov("eax",&swtmp(17));
- &mov(&DWP(16,$tmp1,"",0),$E);
- &cmp("esi","eax");
- &mov(&DWP( 4,$tmp1,"",0),$B);
- &jl(&label("start"));
-
- &stack_pop(18+9);
- &pop("edi");
- &pop("ebx");
- &pop("ebp");
- &pop("esi");
- &ret();
-
- # keep a note of shortcut label so it can be used outside
- # block.
- my $sclabel = &label("shortcut");
-
- &function_end_B($name);
- # Putting this here avoids problems with MASM in debugging mode
- &sha1_block_host("sha1_block_asm_host_order", $sclabel);
- }
-
diff --git a/src/lib/libcrypto/sha/sha.h b/src/lib/libcrypto/sha/sha.h
deleted file mode 100644
index 77f6d9695e..0000000000
--- a/src/lib/libcrypto/sha/sha.h
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/sha/sha.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SHA_H
-#define HEADER_SHA_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if defined(NO_SHA) || (defined(NO_SHA0) && defined(NO_SHA1))
-#error SHA is disabled.
-#endif
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! SHA_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! SHA_LONG_LOG2 has to be defined along. !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#if defined(WIN16) || defined(__LP32__)
-#define SHA_LONG unsigned long
-#elif defined(_CRAY) || defined(__ILP64__)
-#define SHA_LONG unsigned long
-#define SHA_LONG_LOG2 3
-#else
-#define SHA_LONG unsigned int
-#endif
-
-#define SHA_LBLOCK 16
-#define SHA_CBLOCK (SHA_LBLOCK*4) /* SHA treats input data as a
- * contiguous array of 32 bit
- * wide big-endian values. */
-#define SHA_LAST_BLOCK (SHA_CBLOCK-8)
-#define SHA_DIGEST_LENGTH 20
-
-typedef struct SHAstate_st
- {
- SHA_LONG h0,h1,h2,h3,h4;
- SHA_LONG Nl,Nh;
- SHA_LONG data[SHA_LBLOCK];
- int num;
- } SHA_CTX;
-
-#ifndef NO_SHA0
-void SHA_Init(SHA_CTX *c);
-void SHA_Update(SHA_CTX *c, const void *data, unsigned long len);
-void SHA_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA(const unsigned char *d, unsigned long n,unsigned char *md);
-void SHA_Transform(SHA_CTX *c, const unsigned char *data);
-#endif
-#ifndef NO_SHA1
-void SHA1_Init(SHA_CTX *c);
-void SHA1_Update(SHA_CTX *c, const void *data, unsigned long len);
-void SHA1_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA1(const unsigned char *d, unsigned long n,unsigned char *md);
-void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
-#endif
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/sha/sha1_one.c b/src/lib/libcrypto/sha/sha1_one.c
deleted file mode 100644
index 861752eaa7..0000000000
--- a/src/lib/libcrypto/sha/sha1_one.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* crypto/sha/sha1_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/sha.h>
-
-#ifndef NO_SHA1
-unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md)
- {
- SHA_CTX c;
- static unsigned char m[SHA_DIGEST_LENGTH];
-
- if (md == NULL) md=m;
- SHA1_Init(&c);
- SHA1_Update(&c,d,n);
- SHA1_Final(md,&c);
- memset(&c,0,sizeof(c));
- return(md);
- }
-#endif
diff --git a/src/lib/libcrypto/sha/sha1dgst.c b/src/lib/libcrypto/sha/sha1dgst.c
deleted file mode 100644
index c09edb4cd7..0000000000
--- a/src/lib/libcrypto/sha/sha1dgst.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* crypto/sha/sha1dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#if !defined(NO_SHA1) && !defined(NO_SHA)
-
-#undef SHA_0
-#define SHA_1
-
-#include <openssl/opensslv.h>
-
-const char *SHA1_version="SHA1" OPENSSL_VERSION_PTEXT;
-
-/* The implementation is in ../md32_common.h */
-
-#include "sha_locl.h"
-
-#endif
-
diff --git a/src/lib/libcrypto/sha/sha_locl.h b/src/lib/libcrypto/sha/sha_locl.h
deleted file mode 100644
index 2f8aef83f3..0000000000
--- a/src/lib/libcrypto/sha/sha_locl.h
+++ /dev/null
@@ -1,471 +0,0 @@
-/* crypto/sha/sha_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-#include <openssl/sha.h>
-
-#ifndef SHA_LONG_LOG2
-#define SHA_LONG_LOG2 2 /* default to 32 bits */
-#endif
-
-#define DATA_ORDER_IS_BIG_ENDIAN
-
-#define HASH_LONG SHA_LONG
-#define HASH_LONG_LOG2 SHA_LONG_LOG2
-#define HASH_CTX SHA_CTX
-#define HASH_CBLOCK SHA_CBLOCK
-#define HASH_LBLOCK SHA_LBLOCK
-#define HASH_MAKE_STRING(c,s) do { \
- unsigned long ll; \
- ll=(c)->h0; HOST_l2c(ll,(s)); \
- ll=(c)->h1; HOST_l2c(ll,(s)); \
- ll=(c)->h2; HOST_l2c(ll,(s)); \
- ll=(c)->h3; HOST_l2c(ll,(s)); \
- ll=(c)->h4; HOST_l2c(ll,(s)); \
- } while (0)
-
-#if defined(SHA_0)
-
-# define HASH_UPDATE SHA_Update
-# define HASH_TRANSFORM SHA_Transform
-# define HASH_FINAL SHA_Final
-# define HASH_INIT SHA_Init
-# define HASH_BLOCK_HOST_ORDER sha_block_host_order
-# define HASH_BLOCK_DATA_ORDER sha_block_data_order
-# define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id))
-
- void sha_block_host_order (SHA_CTX *c, const void *p,int num);
- void sha_block_data_order (SHA_CTX *c, const void *p,int num);
-
-#elif defined(SHA_1)
-
-# define HASH_UPDATE SHA1_Update
-# define HASH_TRANSFORM SHA1_Transform
-# define HASH_FINAL SHA1_Final
-# define HASH_INIT SHA1_Init
-# define HASH_BLOCK_HOST_ORDER sha1_block_host_order
-# define HASH_BLOCK_DATA_ORDER sha1_block_data_order
-# if defined(__MWERKS__) && defined(__MC68K__)
- /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */
-# define Xupdate(a,ix,ia,ib,ic,id) do { (a)=(ia^ib^ic^id); \
- ix=(a)=ROTATE((a),1); \
- } while (0)
-# else
-# define Xupdate(a,ix,ia,ib,ic,id) ( (a)=(ia^ib^ic^id), \
- ix=(a)=ROTATE((a),1) \
- )
-# endif
-
-# ifdef SHA1_ASM
-# if defined(__i386) || defined(_M_IX86) || defined(__INTEL__)
-# define sha1_block_host_order sha1_block_asm_host_order
-# define DONT_IMPLEMENT_BLOCK_HOST_ORDER
-# define sha1_block_data_order sha1_block_asm_data_order
-# define DONT_IMPLEMENT_BLOCK_DATA_ORDER
-# define HASH_BLOCK_DATA_ORDER_ALIGNED sha1_block_asm_data_order
-# endif
-# endif
- void sha1_block_host_order (SHA_CTX *c, const void *p,int num);
- void sha1_block_data_order (SHA_CTX *c, const void *p,int num);
-
-#else
-# error "Either SHA_0 or SHA_1 must be defined."
-#endif
-
-#include "md32_common.h"
-
-#define INIT_DATA_h0 0x67452301UL
-#define INIT_DATA_h1 0xefcdab89UL
-#define INIT_DATA_h2 0x98badcfeUL
-#define INIT_DATA_h3 0x10325476UL
-#define INIT_DATA_h4 0xc3d2e1f0UL
-
-void HASH_INIT (SHA_CTX *c)
- {
- c->h0=INIT_DATA_h0;
- c->h1=INIT_DATA_h1;
- c->h2=INIT_DATA_h2;
- c->h3=INIT_DATA_h3;
- c->h4=INIT_DATA_h4;
- c->Nl=0;
- c->Nh=0;
- c->num=0;
- }
-
-#define K_00_19 0x5a827999UL
-#define K_20_39 0x6ed9eba1UL
-#define K_40_59 0x8f1bbcdcUL
-#define K_60_79 0xca62c1d6UL
-
-/* As pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
- * simplified to the code in F_00_19. Wei attributes these optimisations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- * #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
- * I've just become aware of another tweak to be made, again from Wei Dai,
- * in F_40_59, (x&a)|(y&a) -> (x|y)&a
- */
-#define F_00_19(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
-#define F_20_39(b,c,d) ((b) ^ (c) ^ (d))
-#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d)))
-#define F_60_79(b,c,d) F_20_39(b,c,d)
-
-#define BODY_00_15(i,a,b,c,d,e,f,xi) \
- (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
- (b)=ROTATE((b),30);
-
-#define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
- Xupdate(f,xi,xa,xb,xc,xd); \
- (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
- (b)=ROTATE((b),30);
-
-#define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
- Xupdate(f,xi,xa,xb,xc,xd); \
- (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
- (b)=ROTATE((b),30);
-
-#define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
- Xupdate(f,xa,xa,xb,xc,xd); \
- (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
- (b)=ROTATE((b),30);
-
-#define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
- Xupdate(f,xa,xa,xb,xc,xd); \
- (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
- (b)=ROTATE((b),30);
-
-#define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
- Xupdate(f,xa,xa,xb,xc,xd); \
- (f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
- (b)=ROTATE((b),30);
-
-#ifdef X
-#undef X
-#endif
-#ifndef MD32_XARRAY
- /*
- * Originally X was an array. As it's automatic it's natural
- * to expect RISC compiler to accomodate at least part of it in
- * the register bank, isn't it? Unfortunately not all compilers
- * "find" this expectation reasonable:-( On order to make such
- * compilers generate better code I replace X[] with a bunch of
- * X0, X1, etc. See the function body below...
- * <appro@fy.chalmers.se>
- */
-# define X(i) XX##i
-#else
- /*
- * However! Some compilers (most notably HP C) get overwhelmed by
- * that many local variables so that we have to have the way to
- * fall down to the original behavior.
- */
-# define X(i) XX[i]
-#endif
-
-#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER
-void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num)
- {
- const SHA_LONG *W=d;
- register unsigned long A,B,C,D,E,T;
-#ifndef MD32_XARRAY
- unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
- XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-#else
- SHA_LONG XX[16];
-#endif
-
- A=c->h0;
- B=c->h1;
- C=c->h2;
- D=c->h3;
- E=c->h4;
-
- for (;;)
- {
- BODY_00_15( 0,A,B,C,D,E,T,W[ 0]);
- BODY_00_15( 1,T,A,B,C,D,E,W[ 1]);
- BODY_00_15( 2,E,T,A,B,C,D,W[ 2]);
- BODY_00_15( 3,D,E,T,A,B,C,W[ 3]);
- BODY_00_15( 4,C,D,E,T,A,B,W[ 4]);
- BODY_00_15( 5,B,C,D,E,T,A,W[ 5]);
- BODY_00_15( 6,A,B,C,D,E,T,W[ 6]);
- BODY_00_15( 7,T,A,B,C,D,E,W[ 7]);
- BODY_00_15( 8,E,T,A,B,C,D,W[ 8]);
- BODY_00_15( 9,D,E,T,A,B,C,W[ 9]);
- BODY_00_15(10,C,D,E,T,A,B,W[10]);
- BODY_00_15(11,B,C,D,E,T,A,W[11]);
- BODY_00_15(12,A,B,C,D,E,T,W[12]);
- BODY_00_15(13,T,A,B,C,D,E,W[13]);
- BODY_00_15(14,E,T,A,B,C,D,W[14]);
- BODY_00_15(15,D,E,T,A,B,C,W[15]);
-
- BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]);
- BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]);
- BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]);
- BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0));
-
- BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1));
- BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2));
- BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3));
- BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4));
- BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5));
- BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6));
- BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7));
- BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8));
- BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9));
- BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10));
- BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11));
- BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12));
-
- BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
- BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
- BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
- BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
- BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
- BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
- BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
- BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
-
- BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
- BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
- BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
- BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
- BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
- BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
- BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
- BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
- BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
- BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
- BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
- BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
- BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
- BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
- BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
- BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
- BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
- BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
- BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
- BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
-
- BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
- BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
- BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
- BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
- BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
- BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
- BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
- BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
- BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
- BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
- BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
- BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
- BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
- BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
- BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
- BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
- BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
- BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
- BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
- BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
-
- c->h0=(c->h0+E)&0xffffffffL;
- c->h1=(c->h1+T)&0xffffffffL;
- c->h2=(c->h2+A)&0xffffffffL;
- c->h3=(c->h3+B)&0xffffffffL;
- c->h4=(c->h4+C)&0xffffffffL;
-
- if (--num <= 0) break;
-
- A=c->h0;
- B=c->h1;
- C=c->h2;
- D=c->h3;
- E=c->h4;
-
- W+=SHA_LBLOCK;
- }
- }
-#endif
-
-#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER
-void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num)
- {
- const unsigned char *data=p;
- register unsigned long A,B,C,D,E,T,l;
-#ifndef MD32_XARRAY
- unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
- XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-#else
- SHA_LONG XX[16];
-#endif
-
- A=c->h0;
- B=c->h1;
- C=c->h2;
- D=c->h3;
- E=c->h4;
-
- for (;;)
- {
-
- HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
- BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l;
- BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l;
- BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l;
- BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l;
- BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l;
- BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l;
- BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l;
- BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l;
- BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l;
- BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l;
- BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l;
- BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l;
- BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l;
- BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l;
- BODY_00_15(14,E,T,A,B,C,D,X(14));
- BODY_00_15(15,D,E,T,A,B,C,X(15));
-
- BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
- BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
- BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15));
- BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0));
-
- BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1));
- BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2));
- BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3));
- BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4));
- BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5));
- BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6));
- BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7));
- BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8));
- BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9));
- BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10));
- BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
- BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));
-
- BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
- BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
- BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
- BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
- BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
- BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
- BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
- BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
-
- BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
- BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
- BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
- BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
- BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
- BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
- BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
- BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
- BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
- BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
- BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
- BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
- BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
- BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
- BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
- BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
- BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
- BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
- BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
- BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
-
- BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
- BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
- BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
- BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
- BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
- BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
- BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
- BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
- BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
- BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
- BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
- BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
- BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
- BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
- BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
- BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
- BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
- BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
- BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
- BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
-
- c->h0=(c->h0+E)&0xffffffffL;
- c->h1=(c->h1+T)&0xffffffffL;
- c->h2=(c->h2+A)&0xffffffffL;
- c->h3=(c->h3+B)&0xffffffffL;
- c->h4=(c->h4+C)&0xffffffffL;
-
- if (--num <= 0) break;
-
- A=c->h0;
- B=c->h1;
- C=c->h2;
- D=c->h3;
- E=c->h4;
-
- }
- }
-#endif
diff --git a/src/lib/libcrypto/stack/safestack.h b/src/lib/libcrypto/stack/safestack.h
deleted file mode 100644
index 9fa63e1be5..0000000000
--- a/src/lib/libcrypto/stack/safestack.h
+++ /dev/null
@@ -1,1134 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SAFESTACK_H
-#define HEADER_SAFESTACK_H
-
-#include <openssl/stack.h>
-
-#ifdef DEBUG_SAFESTACK
-
-#define STACK_OF(type) struct stack_st_##type
-#define PREDECLARE_STACK_OF(type) STACK_OF(type);
-
-#define DECLARE_STACK_OF(type) \
-STACK_OF(type) \
- { \
- STACK stack; \
- };
-
-#define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/
-
-/* SKM_sk_... stack macros are internal to safestack.h:
- * never use them directly, use sk_<type>_... instead */
-#define SKM_sk_new(type, cmp) \
- ((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))sk_new)(cmp)
-#define SKM_sk_new_null(type) \
- ((STACK_OF(type) * (*)(void))sk_new_null)()
-#define SKM_sk_free(type, st) \
- ((void (*)(STACK_OF(type) *))sk_free)(st)
-#define SKM_sk_num(type, st) \
- ((int (*)(const STACK_OF(type) *))sk_num)(st)
-#define SKM_sk_value(type, st,i) \
- ((type * (*)(const STACK_OF(type) *, int))sk_value)(st, i)
-#define SKM_sk_set(type, st,i,val) \
- ((type * (*)(STACK_OF(type) *, int, type *))sk_set)(st, i, val)
-#define SKM_sk_zero(type, st) \
- ((void (*)(STACK_OF(type) *))sk_zero)(st)
-#define SKM_sk_push(type, st,val) \
- ((int (*)(STACK_OF(type) *, type *))sk_push)(st, val)
-#define SKM_sk_unshift(type, st,val) \
- ((int (*)(STACK_OF(type) *, type *))sk_unshift)(st, val)
-#define SKM_sk_find(type, st,val) \
- ((int (*)(STACK_OF(type) *, type *))sk_find)(st, val)
-#define SKM_sk_delete(type, st,i) \
- ((type * (*)(STACK_OF(type) *, int))sk_delete)(st, i)
-#define SKM_sk_delete_ptr(type, st,ptr) \
- ((type * (*)(STACK_OF(type) *, type *))sk_delete_ptr)(st, ptr)
-#define SKM_sk_insert(type, st,val,i) \
- ((int (*)(STACK_OF(type) *, type *, int))sk_insert)(st, val, i)
-#define SKM_sk_set_cmp_func(type, st,cmp) \
- ((int (*(*)(STACK_OF(type) *, int (*)(const type * const *, const type * const *))) \
- (const type * const *, const type * const *))sk_set_cmp_func)\
- (st, cmp)
-#define SKM_sk_dup(type, st) \
- ((STACK_OF(type) *(*)(STACK_OF(type) *))sk_dup)(st)
-#define SKM_sk_pop_free(type, st,free_func) \
- ((void (*)(STACK_OF(type) *, void (*)(type *)))sk_pop_free)\
- (st, free_func)
-#define SKM_sk_shift(type, st) \
- ((type * (*)(STACK_OF(type) *))sk_shift)(st)
-#define SKM_sk_pop(type, st) \
- ((type * (*)(STACK_OF(type) *))sk_pop)(st)
-#define SKM_sk_sort(type, st) \
- ((void (*)(STACK_OF(type) *))sk_sort)(st)
-
-#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- ((STACK_OF(type) * (*) (STACK_OF(type) **,unsigned char **, long , \
- type *(*)(type **, unsigned char **,long), \
- void (*)(type *), int ,int )) d2i_ASN1_SET) \
- (st,pp,length, d2i_func, free_func, ex_tag,ex_class)
-#define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
- ((int (*)(STACK_OF(type) *,unsigned char **, \
- int (*)(type *,unsigned char **), int , int , int)) i2d_ASN1_SET) \
- (st,pp,i2d_func,ex_tag,ex_class,is_set)
-
-#define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
- ((unsigned char *(*)(STACK_OF(type) *, \
- int (*)(type *,unsigned char **), unsigned char **,int *)) ASN1_seq_pack) \
- (st, i2d_func, buf, len)
-#define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
- ((STACK_OF(type) * (*)(unsigned char *,int, \
- type *(*)(type **,unsigned char **, long), \
- void (*)(type *)))ASN1_seq_unpack) \
- (buf,len,d2i_func, free_func)
-
-#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
- ((STACK_OF(type) * (*)(X509_ALGOR *, \
- type *(*)(type **, unsigned char **, long), void (*)(type *), \
- const char *, int, \
- ASN1_STRING *, int))PKCS12_decrypt_d2i) \
- (algor,d2i_func,free_func,pass,passlen,oct,seq)
-
-#else
-
-#define STACK_OF(type) STACK
-#define PREDECLARE_STACK_OF(type) /* nada */
-#define DECLARE_STACK_OF(type) /* nada */
-#define IMPLEMENT_STACK_OF(type) /* nada */
-
-#define SKM_sk_new(type, cmp) \
- sk_new((int (*)(const char * const *, const char * const *))(cmp))
-#define SKM_sk_new_null(type) \
- sk_new_null()
-#define SKM_sk_free(type, st) \
- sk_free(st)
-#define SKM_sk_num(type, st) \
- sk_num(st)
-#define SKM_sk_value(type, st,i) \
- ((type *)sk_value(st, i))
-#define SKM_sk_set(type, st,i,val) \
- ((type *)sk_set(st, i,(char *)val))
-#define SKM_sk_zero(type, st) \
- sk_zero(st)
-#define SKM_sk_push(type, st,val) \
- sk_push(st, (char *)val)
-#define SKM_sk_unshift(type, st,val) \
- sk_unshift(st, val)
-#define SKM_sk_find(type, st,val) \
- sk_find(st, (char *)val)
-#define SKM_sk_delete(type, st,i) \
- ((type *)sk_delete(st, i))
-#define SKM_sk_delete_ptr(type, st,ptr) \
- ((type *)sk_delete_ptr(st,(char *)ptr))
-#define SKM_sk_insert(type, st,val,i) \
- sk_insert(st, (char *)val, i)
-#define SKM_sk_set_cmp_func(type, st,cmp) \
- ((int (*)(const type * const *,const type * const *)) \
- sk_set_cmp_func(st, (int (*)(const char * const *, const char * const *))(cmp)))
-#define SKM_sk_dup(type, st) \
- sk_dup(st)
-#define SKM_sk_pop_free(type, st,free_func) \
- sk_pop_free(st, (void (*)(void *))free_func)
-#define SKM_sk_shift(type, st) \
- ((type *)sk_shift(st))
-#define SKM_sk_pop(type, st) \
- ((type *)sk_pop(st))
-#define SKM_sk_sort(type, st) \
- sk_sort(st)
-
-#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- d2i_ASN1_SET(st,pp,length, (char *(*)())d2i_func, (void (*)(void *))free_func, ex_tag,ex_class)
-#define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
- i2d_ASN1_SET(st,pp,i2d_func,ex_tag,ex_class,is_set)
-
-#define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
- ASN1_seq_pack(st, i2d_func, buf, len)
-#define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
- ASN1_seq_unpack(buf,len,(char *(*)())d2i_func, (void(*)(void *))free_func)
-
-#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
- ((STACK *)PKCS12_decrypt_d2i(algor,(char *(*)())d2i_func, (void(*)(void *))free_func,pass,passlen,oct,seq))
-
-#endif
-
-/* This block of defines is updated by util/mkstack.pl, please do not touch! */
-#define sk_ACCESS_DESCRIPTION_new(st) SKM_sk_new(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION)
-#define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_value(st, i) SKM_sk_value(ACCESS_DESCRIPTION, (st), (i))
-#define sk_ACCESS_DESCRIPTION_set(st, i, val) SKM_sk_set(ACCESS_DESCRIPTION, (st), (i), (val))
-#define sk_ACCESS_DESCRIPTION_zero(st) SKM_sk_zero(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val))
-#define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val))
-#define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val))
-#define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i))
-#define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr))
-#define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i))
-#define sk_ACCESS_DESCRIPTION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ACCESS_DESCRIPTION, (st), (cmp))
-#define sk_ACCESS_DESCRIPTION_dup(st) SKM_sk_dup(ACCESS_DESCRIPTION, st)
-#define sk_ACCESS_DESCRIPTION_pop_free(st, free_func) SKM_sk_pop_free(ACCESS_DESCRIPTION, (st), (free_func))
-#define sk_ACCESS_DESCRIPTION_shift(st) SKM_sk_shift(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st))
-
-#define sk_ASN1_INTEGER_new(st) SKM_sk_new(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER)
-#define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_value(st, i) SKM_sk_value(ASN1_INTEGER, (st), (i))
-#define sk_ASN1_INTEGER_set(st, i, val) SKM_sk_set(ASN1_INTEGER, (st), (i), (val))
-#define sk_ASN1_INTEGER_zero(st) SKM_sk_zero(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val))
-#define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val))
-#define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val))
-#define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i))
-#define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr))
-#define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i))
-#define sk_ASN1_INTEGER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_INTEGER, (st), (cmp))
-#define sk_ASN1_INTEGER_dup(st) SKM_sk_dup(ASN1_INTEGER, st)
-#define sk_ASN1_INTEGER_pop_free(st, free_func) SKM_sk_pop_free(ASN1_INTEGER, (st), (free_func))
-#define sk_ASN1_INTEGER_shift(st) SKM_sk_shift(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st))
-
-#define sk_ASN1_OBJECT_new(st) SKM_sk_new(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT)
-#define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_value(st, i) SKM_sk_value(ASN1_OBJECT, (st), (i))
-#define sk_ASN1_OBJECT_set(st, i, val) SKM_sk_set(ASN1_OBJECT, (st), (i), (val))
-#define sk_ASN1_OBJECT_zero(st) SKM_sk_zero(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val))
-#define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val))
-#define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val))
-#define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i))
-#define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr))
-#define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i))
-#define sk_ASN1_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_OBJECT, (st), (cmp))
-#define sk_ASN1_OBJECT_dup(st) SKM_sk_dup(ASN1_OBJECT, st)
-#define sk_ASN1_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(ASN1_OBJECT, (st), (free_func))
-#define sk_ASN1_OBJECT_shift(st) SKM_sk_shift(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st))
-
-#define sk_ASN1_STRING_TABLE_new(st) SKM_sk_new(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE)
-#define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_value(st, i) SKM_sk_value(ASN1_STRING_TABLE, (st), (i))
-#define sk_ASN1_STRING_TABLE_set(st, i, val) SKM_sk_set(ASN1_STRING_TABLE, (st), (i), (val))
-#define sk_ASN1_STRING_TABLE_zero(st) SKM_sk_zero(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val))
-#define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val))
-#define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val))
-#define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i))
-#define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr))
-#define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i))
-#define sk_ASN1_STRING_TABLE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_STRING_TABLE, (st), (cmp))
-#define sk_ASN1_STRING_TABLE_dup(st) SKM_sk_dup(ASN1_STRING_TABLE, st)
-#define sk_ASN1_STRING_TABLE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_STRING_TABLE, (st), (free_func))
-#define sk_ASN1_STRING_TABLE_shift(st) SKM_sk_shift(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st))
-
-#define sk_ASN1_TYPE_new(st) SKM_sk_new(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE)
-#define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_value(st, i) SKM_sk_value(ASN1_TYPE, (st), (i))
-#define sk_ASN1_TYPE_set(st, i, val) SKM_sk_set(ASN1_TYPE, (st), (i), (val))
-#define sk_ASN1_TYPE_zero(st) SKM_sk_zero(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val))
-#define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val))
-#define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val))
-#define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i))
-#define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr))
-#define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i))
-#define sk_ASN1_TYPE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_TYPE, (st), (cmp))
-#define sk_ASN1_TYPE_dup(st) SKM_sk_dup(ASN1_TYPE, st)
-#define sk_ASN1_TYPE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_TYPE, (st), (free_func))
-#define sk_ASN1_TYPE_shift(st) SKM_sk_shift(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
-
-#define sk_BIO_new(st) SKM_sk_new(BIO, (st))
-#define sk_BIO_new_null() SKM_sk_new_null(BIO)
-#define sk_BIO_free(st) SKM_sk_free(BIO, (st))
-#define sk_BIO_num(st) SKM_sk_num(BIO, (st))
-#define sk_BIO_value(st, i) SKM_sk_value(BIO, (st), (i))
-#define sk_BIO_set(st, i, val) SKM_sk_set(BIO, (st), (i), (val))
-#define sk_BIO_zero(st) SKM_sk_zero(BIO, (st))
-#define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val))
-#define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val))
-#define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val))
-#define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i))
-#define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr))
-#define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i))
-#define sk_BIO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BIO, (st), (cmp))
-#define sk_BIO_dup(st) SKM_sk_dup(BIO, st)
-#define sk_BIO_pop_free(st, free_func) SKM_sk_pop_free(BIO, (st), (free_func))
-#define sk_BIO_shift(st) SKM_sk_shift(BIO, (st))
-#define sk_BIO_pop(st) SKM_sk_pop(BIO, (st))
-#define sk_BIO_sort(st) SKM_sk_sort(BIO, (st))
-
-#define sk_CONF_VALUE_new(st) SKM_sk_new(CONF_VALUE, (st))
-#define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE)
-#define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st))
-#define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st))
-#define sk_CONF_VALUE_value(st, i) SKM_sk_value(CONF_VALUE, (st), (i))
-#define sk_CONF_VALUE_set(st, i, val) SKM_sk_set(CONF_VALUE, (st), (i), (val))
-#define sk_CONF_VALUE_zero(st) SKM_sk_zero(CONF_VALUE, (st))
-#define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val))
-#define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val))
-#define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val))
-#define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i))
-#define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr))
-#define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i))
-#define sk_CONF_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_VALUE, (st), (cmp))
-#define sk_CONF_VALUE_dup(st) SKM_sk_dup(CONF_VALUE, st)
-#define sk_CONF_VALUE_pop_free(st, free_func) SKM_sk_pop_free(CONF_VALUE, (st), (free_func))
-#define sk_CONF_VALUE_shift(st) SKM_sk_shift(CONF_VALUE, (st))
-#define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st))
-#define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st))
-
-#define sk_CRYPTO_EX_DATA_FUNCS_new(st) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
-#define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i))
-#define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i))
-#define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr))
-#define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i))
-#define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp))
-#define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st)
-#define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func))
-#define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st))
-
-#define sk_CRYPTO_dynlock_new(st) SKM_sk_new(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
-#define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_value(st, i) SKM_sk_value(CRYPTO_dynlock, (st), (i))
-#define sk_CRYPTO_dynlock_set(st, i, val) SKM_sk_set(CRYPTO_dynlock, (st), (i), (val))
-#define sk_CRYPTO_dynlock_zero(st) SKM_sk_zero(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val))
-#define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val))
-#define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val))
-#define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i))
-#define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr))
-#define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i))
-#define sk_CRYPTO_dynlock_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_dynlock, (st), (cmp))
-#define sk_CRYPTO_dynlock_dup(st) SKM_sk_dup(CRYPTO_dynlock, st)
-#define sk_CRYPTO_dynlock_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_dynlock, (st), (free_func))
-#define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
-
-#define sk_DIST_POINT_new(st) SKM_sk_new(DIST_POINT, (st))
-#define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
-#define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st))
-#define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st))
-#define sk_DIST_POINT_value(st, i) SKM_sk_value(DIST_POINT, (st), (i))
-#define sk_DIST_POINT_set(st, i, val) SKM_sk_set(DIST_POINT, (st), (i), (val))
-#define sk_DIST_POINT_zero(st) SKM_sk_zero(DIST_POINT, (st))
-#define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val))
-#define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val))
-#define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val))
-#define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i))
-#define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr))
-#define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i))
-#define sk_DIST_POINT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(DIST_POINT, (st), (cmp))
-#define sk_DIST_POINT_dup(st) SKM_sk_dup(DIST_POINT, st)
-#define sk_DIST_POINT_pop_free(st, free_func) SKM_sk_pop_free(DIST_POINT, (st), (free_func))
-#define sk_DIST_POINT_shift(st) SKM_sk_shift(DIST_POINT, (st))
-#define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st))
-#define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st))
-
-#define sk_GENERAL_NAME_new(st) SKM_sk_new(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME)
-#define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_value(st, i) SKM_sk_value(GENERAL_NAME, (st), (i))
-#define sk_GENERAL_NAME_set(st, i, val) SKM_sk_set(GENERAL_NAME, (st), (i), (val))
-#define sk_GENERAL_NAME_zero(st) SKM_sk_zero(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val))
-#define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val))
-#define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val))
-#define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i))
-#define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr))
-#define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i))
-#define sk_GENERAL_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAME, (st), (cmp))
-#define sk_GENERAL_NAME_dup(st) SKM_sk_dup(GENERAL_NAME, st)
-#define sk_GENERAL_NAME_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAME, (st), (free_func))
-#define sk_GENERAL_NAME_shift(st) SKM_sk_shift(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st))
-
-#define sk_MIME_HEADER_new(st) SKM_sk_new(MIME_HEADER, (st))
-#define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER)
-#define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st))
-#define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st))
-#define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i))
-#define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val))
-#define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st))
-#define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val))
-#define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val))
-#define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val))
-#define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i))
-#define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr))
-#define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i))
-#define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp))
-#define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st)
-#define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func))
-#define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st))
-#define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st))
-#define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st))
-
-#define sk_MIME_PARAM_new(st) SKM_sk_new(MIME_PARAM, (st))
-#define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM)
-#define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st))
-#define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st))
-#define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i))
-#define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val))
-#define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st))
-#define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val))
-#define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val))
-#define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val))
-#define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i))
-#define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr))
-#define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i))
-#define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp))
-#define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st)
-#define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func))
-#define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st))
-#define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st))
-#define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st))
-
-#define sk_NAME_FUNCS_new(st) SKM_sk_new(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS)
-#define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_value(st, i) SKM_sk_value(NAME_FUNCS, (st), (i))
-#define sk_NAME_FUNCS_set(st, i, val) SKM_sk_set(NAME_FUNCS, (st), (i), (val))
-#define sk_NAME_FUNCS_zero(st) SKM_sk_zero(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val))
-#define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val))
-#define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val))
-#define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i))
-#define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr))
-#define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i))
-#define sk_NAME_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(NAME_FUNCS, (st), (cmp))
-#define sk_NAME_FUNCS_dup(st) SKM_sk_dup(NAME_FUNCS, st)
-#define sk_NAME_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(NAME_FUNCS, (st), (free_func))
-#define sk_NAME_FUNCS_shift(st) SKM_sk_shift(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st))
-
-#define sk_PKCS12_SAFEBAG_new(st) SKM_sk_new(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG)
-#define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_value(st, i) SKM_sk_value(PKCS12_SAFEBAG, (st), (i))
-#define sk_PKCS12_SAFEBAG_set(st, i, val) SKM_sk_set(PKCS12_SAFEBAG, (st), (i), (val))
-#define sk_PKCS12_SAFEBAG_zero(st) SKM_sk_zero(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val))
-#define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val))
-#define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val))
-#define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i))
-#define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr))
-#define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i))
-#define sk_PKCS12_SAFEBAG_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS12_SAFEBAG, (st), (cmp))
-#define sk_PKCS12_SAFEBAG_dup(st) SKM_sk_dup(PKCS12_SAFEBAG, st)
-#define sk_PKCS12_SAFEBAG_pop_free(st, free_func) SKM_sk_pop_free(PKCS12_SAFEBAG, (st), (free_func))
-#define sk_PKCS12_SAFEBAG_shift(st) SKM_sk_shift(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st))
-
-#define sk_PKCS7_new(st) SKM_sk_new(PKCS7, (st))
-#define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7)
-#define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st))
-#define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st))
-#define sk_PKCS7_value(st, i) SKM_sk_value(PKCS7, (st), (i))
-#define sk_PKCS7_set(st, i, val) SKM_sk_set(PKCS7, (st), (i), (val))
-#define sk_PKCS7_zero(st) SKM_sk_zero(PKCS7, (st))
-#define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val))
-#define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val))
-#define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val))
-#define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i))
-#define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr))
-#define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i))
-#define sk_PKCS7_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7, (st), (cmp))
-#define sk_PKCS7_dup(st) SKM_sk_dup(PKCS7, st)
-#define sk_PKCS7_pop_free(st, free_func) SKM_sk_pop_free(PKCS7, (st), (free_func))
-#define sk_PKCS7_shift(st) SKM_sk_shift(PKCS7, (st))
-#define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st))
-#define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st))
-
-#define sk_PKCS7_RECIP_INFO_new(st) SKM_sk_new(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO)
-#define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_value(st, i) SKM_sk_value(PKCS7_RECIP_INFO, (st), (i))
-#define sk_PKCS7_RECIP_INFO_set(st, i, val) SKM_sk_set(PKCS7_RECIP_INFO, (st), (i), (val))
-#define sk_PKCS7_RECIP_INFO_zero(st) SKM_sk_zero(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val))
-#define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val))
-#define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val))
-#define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i))
-#define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr))
-#define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i))
-#define sk_PKCS7_RECIP_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_RECIP_INFO, (st), (cmp))
-#define sk_PKCS7_RECIP_INFO_dup(st) SKM_sk_dup(PKCS7_RECIP_INFO, st)
-#define sk_PKCS7_RECIP_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_RECIP_INFO, (st), (free_func))
-#define sk_PKCS7_RECIP_INFO_shift(st) SKM_sk_shift(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st))
-
-#define sk_PKCS7_SIGNER_INFO_new(st) SKM_sk_new(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO)
-#define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_value(st, i) SKM_sk_value(PKCS7_SIGNER_INFO, (st), (i))
-#define sk_PKCS7_SIGNER_INFO_set(st, i, val) SKM_sk_set(PKCS7_SIGNER_INFO, (st), (i), (val))
-#define sk_PKCS7_SIGNER_INFO_zero(st) SKM_sk_zero(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val))
-#define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val))
-#define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val))
-#define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i))
-#define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr))
-#define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i))
-#define sk_PKCS7_SIGNER_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_SIGNER_INFO, (st), (cmp))
-#define sk_PKCS7_SIGNER_INFO_dup(st) SKM_sk_dup(PKCS7_SIGNER_INFO, st)
-#define sk_PKCS7_SIGNER_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_SIGNER_INFO, (st), (free_func))
-#define sk_PKCS7_SIGNER_INFO_shift(st) SKM_sk_shift(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st))
-
-#define sk_POLICYINFO_new(st) SKM_sk_new(POLICYINFO, (st))
-#define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO)
-#define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st))
-#define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st))
-#define sk_POLICYINFO_value(st, i) SKM_sk_value(POLICYINFO, (st), (i))
-#define sk_POLICYINFO_set(st, i, val) SKM_sk_set(POLICYINFO, (st), (i), (val))
-#define sk_POLICYINFO_zero(st) SKM_sk_zero(POLICYINFO, (st))
-#define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val))
-#define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val))
-#define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val))
-#define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i))
-#define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr))
-#define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i))
-#define sk_POLICYINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYINFO, (st), (cmp))
-#define sk_POLICYINFO_dup(st) SKM_sk_dup(POLICYINFO, st)
-#define sk_POLICYINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYINFO, (st), (free_func))
-#define sk_POLICYINFO_shift(st) SKM_sk_shift(POLICYINFO, (st))
-#define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st))
-#define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st))
-
-#define sk_POLICYQUALINFO_new(st) SKM_sk_new(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO)
-#define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_value(st, i) SKM_sk_value(POLICYQUALINFO, (st), (i))
-#define sk_POLICYQUALINFO_set(st, i, val) SKM_sk_set(POLICYQUALINFO, (st), (i), (val))
-#define sk_POLICYQUALINFO_zero(st) SKM_sk_zero(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val))
-#define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val))
-#define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val))
-#define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i))
-#define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr))
-#define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i))
-#define sk_POLICYQUALINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYQUALINFO, (st), (cmp))
-#define sk_POLICYQUALINFO_dup(st) SKM_sk_dup(POLICYQUALINFO, st)
-#define sk_POLICYQUALINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYQUALINFO, (st), (free_func))
-#define sk_POLICYQUALINFO_shift(st) SKM_sk_shift(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st))
-
-#define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
-#define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_value(st, i) SKM_sk_value(SSL_CIPHER, (st), (i))
-#define sk_SSL_CIPHER_set(st, i, val) SKM_sk_set(SSL_CIPHER, (st), (i), (val))
-#define sk_SSL_CIPHER_zero(st) SKM_sk_zero(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val))
-#define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val))
-#define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val))
-#define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i))
-#define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr))
-#define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i))
-#define sk_SSL_CIPHER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_CIPHER, (st), (cmp))
-#define sk_SSL_CIPHER_dup(st) SKM_sk_dup(SSL_CIPHER, st)
-#define sk_SSL_CIPHER_pop_free(st, free_func) SKM_sk_pop_free(SSL_CIPHER, (st), (free_func))
-#define sk_SSL_CIPHER_shift(st) SKM_sk_shift(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st))
-
-#define sk_SSL_COMP_new(st) SKM_sk_new(SSL_COMP, (st))
-#define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP)
-#define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st))
-#define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st))
-#define sk_SSL_COMP_value(st, i) SKM_sk_value(SSL_COMP, (st), (i))
-#define sk_SSL_COMP_set(st, i, val) SKM_sk_set(SSL_COMP, (st), (i), (val))
-#define sk_SSL_COMP_zero(st) SKM_sk_zero(SSL_COMP, (st))
-#define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val))
-#define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val))
-#define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val))
-#define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i))
-#define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr))
-#define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i))
-#define sk_SSL_COMP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_COMP, (st), (cmp))
-#define sk_SSL_COMP_dup(st) SKM_sk_dup(SSL_COMP, st)
-#define sk_SSL_COMP_pop_free(st, free_func) SKM_sk_pop_free(SSL_COMP, (st), (free_func))
-#define sk_SSL_COMP_shift(st) SKM_sk_shift(SSL_COMP, (st))
-#define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st))
-#define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st))
-
-#define sk_SXNETID_new(st) SKM_sk_new(SXNETID, (st))
-#define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID)
-#define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st))
-#define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st))
-#define sk_SXNETID_value(st, i) SKM_sk_value(SXNETID, (st), (i))
-#define sk_SXNETID_set(st, i, val) SKM_sk_set(SXNETID, (st), (i), (val))
-#define sk_SXNETID_zero(st) SKM_sk_zero(SXNETID, (st))
-#define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val))
-#define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val))
-#define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val))
-#define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i))
-#define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr))
-#define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i))
-#define sk_SXNETID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SXNETID, (st), (cmp))
-#define sk_SXNETID_dup(st) SKM_sk_dup(SXNETID, st)
-#define sk_SXNETID_pop_free(st, free_func) SKM_sk_pop_free(SXNETID, (st), (free_func))
-#define sk_SXNETID_shift(st) SKM_sk_shift(SXNETID, (st))
-#define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st))
-#define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st))
-
-#define sk_X509_new(st) SKM_sk_new(X509, (st))
-#define sk_X509_new_null() SKM_sk_new_null(X509)
-#define sk_X509_free(st) SKM_sk_free(X509, (st))
-#define sk_X509_num(st) SKM_sk_num(X509, (st))
-#define sk_X509_value(st, i) SKM_sk_value(X509, (st), (i))
-#define sk_X509_set(st, i, val) SKM_sk_set(X509, (st), (i), (val))
-#define sk_X509_zero(st) SKM_sk_zero(X509, (st))
-#define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val))
-#define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val))
-#define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val))
-#define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i))
-#define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr))
-#define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i))
-#define sk_X509_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509, (st), (cmp))
-#define sk_X509_dup(st) SKM_sk_dup(X509, st)
-#define sk_X509_pop_free(st, free_func) SKM_sk_pop_free(X509, (st), (free_func))
-#define sk_X509_shift(st) SKM_sk_shift(X509, (st))
-#define sk_X509_pop(st) SKM_sk_pop(X509, (st))
-#define sk_X509_sort(st) SKM_sk_sort(X509, (st))
-
-#define sk_X509V3_EXT_METHOD_new(st) SKM_sk_new(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD)
-#define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_value(st, i) SKM_sk_value(X509V3_EXT_METHOD, (st), (i))
-#define sk_X509V3_EXT_METHOD_set(st, i, val) SKM_sk_set(X509V3_EXT_METHOD, (st), (i), (val))
-#define sk_X509V3_EXT_METHOD_zero(st) SKM_sk_zero(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val))
-#define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val))
-#define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val))
-#define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i))
-#define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr))
-#define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i))
-#define sk_X509V3_EXT_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509V3_EXT_METHOD, (st), (cmp))
-#define sk_X509V3_EXT_METHOD_dup(st) SKM_sk_dup(X509V3_EXT_METHOD, st)
-#define sk_X509V3_EXT_METHOD_pop_free(st, free_func) SKM_sk_pop_free(X509V3_EXT_METHOD, (st), (free_func))
-#define sk_X509V3_EXT_METHOD_shift(st) SKM_sk_shift(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st))
-
-#define sk_X509_ALGOR_new(st) SKM_sk_new(X509_ALGOR, (st))
-#define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR)
-#define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st))
-#define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st))
-#define sk_X509_ALGOR_value(st, i) SKM_sk_value(X509_ALGOR, (st), (i))
-#define sk_X509_ALGOR_set(st, i, val) SKM_sk_set(X509_ALGOR, (st), (i), (val))
-#define sk_X509_ALGOR_zero(st) SKM_sk_zero(X509_ALGOR, (st))
-#define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val))
-#define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val))
-#define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val))
-#define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i))
-#define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr))
-#define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i))
-#define sk_X509_ALGOR_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ALGOR, (st), (cmp))
-#define sk_X509_ALGOR_dup(st) SKM_sk_dup(X509_ALGOR, st)
-#define sk_X509_ALGOR_pop_free(st, free_func) SKM_sk_pop_free(X509_ALGOR, (st), (free_func))
-#define sk_X509_ALGOR_shift(st) SKM_sk_shift(X509_ALGOR, (st))
-#define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st))
-#define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st))
-
-#define sk_X509_ATTRIBUTE_new(st) SKM_sk_new(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE)
-#define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_value(st, i) SKM_sk_value(X509_ATTRIBUTE, (st), (i))
-#define sk_X509_ATTRIBUTE_set(st, i, val) SKM_sk_set(X509_ATTRIBUTE, (st), (i), (val))
-#define sk_X509_ATTRIBUTE_zero(st) SKM_sk_zero(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val))
-#define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val))
-#define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val))
-#define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i))
-#define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr))
-#define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i))
-#define sk_X509_ATTRIBUTE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ATTRIBUTE, (st), (cmp))
-#define sk_X509_ATTRIBUTE_dup(st) SKM_sk_dup(X509_ATTRIBUTE, st)
-#define sk_X509_ATTRIBUTE_pop_free(st, free_func) SKM_sk_pop_free(X509_ATTRIBUTE, (st), (free_func))
-#define sk_X509_ATTRIBUTE_shift(st) SKM_sk_shift(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st))
-
-#define sk_X509_CRL_new(st) SKM_sk_new(X509_CRL, (st))
-#define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL)
-#define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st))
-#define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st))
-#define sk_X509_CRL_value(st, i) SKM_sk_value(X509_CRL, (st), (i))
-#define sk_X509_CRL_set(st, i, val) SKM_sk_set(X509_CRL, (st), (i), (val))
-#define sk_X509_CRL_zero(st) SKM_sk_zero(X509_CRL, (st))
-#define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val))
-#define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val))
-#define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val))
-#define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i))
-#define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr))
-#define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i))
-#define sk_X509_CRL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_CRL, (st), (cmp))
-#define sk_X509_CRL_dup(st) SKM_sk_dup(X509_CRL, st)
-#define sk_X509_CRL_pop_free(st, free_func) SKM_sk_pop_free(X509_CRL, (st), (free_func))
-#define sk_X509_CRL_shift(st) SKM_sk_shift(X509_CRL, (st))
-#define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st))
-#define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st))
-
-#define sk_X509_EXTENSION_new(st) SKM_sk_new(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION)
-#define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_value(st, i) SKM_sk_value(X509_EXTENSION, (st), (i))
-#define sk_X509_EXTENSION_set(st, i, val) SKM_sk_set(X509_EXTENSION, (st), (i), (val))
-#define sk_X509_EXTENSION_zero(st) SKM_sk_zero(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val))
-#define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val))
-#define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val))
-#define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i))
-#define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr))
-#define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i))
-#define sk_X509_EXTENSION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_EXTENSION, (st), (cmp))
-#define sk_X509_EXTENSION_dup(st) SKM_sk_dup(X509_EXTENSION, st)
-#define sk_X509_EXTENSION_pop_free(st, free_func) SKM_sk_pop_free(X509_EXTENSION, (st), (free_func))
-#define sk_X509_EXTENSION_shift(st) SKM_sk_shift(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st))
-
-#define sk_X509_INFO_new(st) SKM_sk_new(X509_INFO, (st))
-#define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO)
-#define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st))
-#define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st))
-#define sk_X509_INFO_value(st, i) SKM_sk_value(X509_INFO, (st), (i))
-#define sk_X509_INFO_set(st, i, val) SKM_sk_set(X509_INFO, (st), (i), (val))
-#define sk_X509_INFO_zero(st) SKM_sk_zero(X509_INFO, (st))
-#define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val))
-#define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val))
-#define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val))
-#define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i))
-#define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr))
-#define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i))
-#define sk_X509_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_INFO, (st), (cmp))
-#define sk_X509_INFO_dup(st) SKM_sk_dup(X509_INFO, st)
-#define sk_X509_INFO_pop_free(st, free_func) SKM_sk_pop_free(X509_INFO, (st), (free_func))
-#define sk_X509_INFO_shift(st) SKM_sk_shift(X509_INFO, (st))
-#define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st))
-#define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st))
-
-#define sk_X509_LOOKUP_new(st) SKM_sk_new(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP)
-#define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_value(st, i) SKM_sk_value(X509_LOOKUP, (st), (i))
-#define sk_X509_LOOKUP_set(st, i, val) SKM_sk_set(X509_LOOKUP, (st), (i), (val))
-#define sk_X509_LOOKUP_zero(st) SKM_sk_zero(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val))
-#define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val))
-#define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val))
-#define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i))
-#define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr))
-#define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i))
-#define sk_X509_LOOKUP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_LOOKUP, (st), (cmp))
-#define sk_X509_LOOKUP_dup(st) SKM_sk_dup(X509_LOOKUP, st)
-#define sk_X509_LOOKUP_pop_free(st, free_func) SKM_sk_pop_free(X509_LOOKUP, (st), (free_func))
-#define sk_X509_LOOKUP_shift(st) SKM_sk_shift(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st))
-
-#define sk_X509_NAME_new(st) SKM_sk_new(X509_NAME, (st))
-#define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME)
-#define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st))
-#define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st))
-#define sk_X509_NAME_value(st, i) SKM_sk_value(X509_NAME, (st), (i))
-#define sk_X509_NAME_set(st, i, val) SKM_sk_set(X509_NAME, (st), (i), (val))
-#define sk_X509_NAME_zero(st) SKM_sk_zero(X509_NAME, (st))
-#define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val))
-#define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val))
-#define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val))
-#define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i))
-#define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr))
-#define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i))
-#define sk_X509_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME, (st), (cmp))
-#define sk_X509_NAME_dup(st) SKM_sk_dup(X509_NAME, st)
-#define sk_X509_NAME_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME, (st), (free_func))
-#define sk_X509_NAME_shift(st) SKM_sk_shift(X509_NAME, (st))
-#define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st))
-#define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st))
-
-#define sk_X509_NAME_ENTRY_new(st) SKM_sk_new(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY)
-#define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_value(st, i) SKM_sk_value(X509_NAME_ENTRY, (st), (i))
-#define sk_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(X509_NAME_ENTRY, (st), (i), (val))
-#define sk_X509_NAME_ENTRY_zero(st) SKM_sk_zero(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val))
-#define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val))
-#define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val))
-#define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i))
-#define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr))
-#define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i))
-#define sk_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME_ENTRY, (st), (cmp))
-#define sk_X509_NAME_ENTRY_dup(st) SKM_sk_dup(X509_NAME_ENTRY, st)
-#define sk_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME_ENTRY, (st), (free_func))
-#define sk_X509_NAME_ENTRY_shift(st) SKM_sk_shift(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st))
-
-#define sk_X509_OBJECT_new(st) SKM_sk_new(X509_OBJECT, (st))
-#define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT)
-#define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st))
-#define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st))
-#define sk_X509_OBJECT_value(st, i) SKM_sk_value(X509_OBJECT, (st), (i))
-#define sk_X509_OBJECT_set(st, i, val) SKM_sk_set(X509_OBJECT, (st), (i), (val))
-#define sk_X509_OBJECT_zero(st) SKM_sk_zero(X509_OBJECT, (st))
-#define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val))
-#define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val))
-#define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val))
-#define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i))
-#define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr))
-#define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i))
-#define sk_X509_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_OBJECT, (st), (cmp))
-#define sk_X509_OBJECT_dup(st) SKM_sk_dup(X509_OBJECT, st)
-#define sk_X509_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(X509_OBJECT, (st), (free_func))
-#define sk_X509_OBJECT_shift(st) SKM_sk_shift(X509_OBJECT, (st))
-#define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st))
-#define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st))
-
-#define sk_X509_PURPOSE_new(st) SKM_sk_new(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE)
-#define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_value(st, i) SKM_sk_value(X509_PURPOSE, (st), (i))
-#define sk_X509_PURPOSE_set(st, i, val) SKM_sk_set(X509_PURPOSE, (st), (i), (val))
-#define sk_X509_PURPOSE_zero(st) SKM_sk_zero(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val))
-#define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val))
-#define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val))
-#define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i))
-#define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr))
-#define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i))
-#define sk_X509_PURPOSE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_PURPOSE, (st), (cmp))
-#define sk_X509_PURPOSE_dup(st) SKM_sk_dup(X509_PURPOSE, st)
-#define sk_X509_PURPOSE_pop_free(st, free_func) SKM_sk_pop_free(X509_PURPOSE, (st), (free_func))
-#define sk_X509_PURPOSE_shift(st) SKM_sk_shift(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st))
-
-#define sk_X509_REVOKED_new(st) SKM_sk_new(X509_REVOKED, (st))
-#define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED)
-#define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st))
-#define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st))
-#define sk_X509_REVOKED_value(st, i) SKM_sk_value(X509_REVOKED, (st), (i))
-#define sk_X509_REVOKED_set(st, i, val) SKM_sk_set(X509_REVOKED, (st), (i), (val))
-#define sk_X509_REVOKED_zero(st) SKM_sk_zero(X509_REVOKED, (st))
-#define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val))
-#define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val))
-#define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val))
-#define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i))
-#define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr))
-#define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i))
-#define sk_X509_REVOKED_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_REVOKED, (st), (cmp))
-#define sk_X509_REVOKED_dup(st) SKM_sk_dup(X509_REVOKED, st)
-#define sk_X509_REVOKED_pop_free(st, free_func) SKM_sk_pop_free(X509_REVOKED, (st), (free_func))
-#define sk_X509_REVOKED_shift(st) SKM_sk_shift(X509_REVOKED, (st))
-#define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st))
-#define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st))
-
-#define sk_X509_TRUST_new(st) SKM_sk_new(X509_TRUST, (st))
-#define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST)
-#define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st))
-#define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st))
-#define sk_X509_TRUST_value(st, i) SKM_sk_value(X509_TRUST, (st), (i))
-#define sk_X509_TRUST_set(st, i, val) SKM_sk_set(X509_TRUST, (st), (i), (val))
-#define sk_X509_TRUST_zero(st) SKM_sk_zero(X509_TRUST, (st))
-#define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val))
-#define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val))
-#define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val))
-#define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i))
-#define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr))
-#define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i))
-#define sk_X509_TRUST_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_TRUST, (st), (cmp))
-#define sk_X509_TRUST_dup(st) SKM_sk_dup(X509_TRUST, st)
-#define sk_X509_TRUST_pop_free(st, free_func) SKM_sk_pop_free(X509_TRUST, (st), (free_func))
-#define sk_X509_TRUST_shift(st) SKM_sk_shift(X509_TRUST, (st))
-#define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st))
-#define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st))
-
-#define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(ACCESS_DESCRIPTION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ACCESS_DESCRIPTION(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(ACCESS_DESCRIPTION, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ACCESS_DESCRIPTION(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(ACCESS_DESCRIPTION, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_ASN1_INTEGER(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(ASN1_INTEGER, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_ASN1_INTEGER(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(ASN1_INTEGER, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ASN1_INTEGER(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(ASN1_INTEGER, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ASN1_INTEGER(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(ASN1_INTEGER, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_ASN1_OBJECT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(ASN1_OBJECT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_ASN1_OBJECT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(ASN1_OBJECT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ASN1_OBJECT(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(ASN1_OBJECT, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ASN1_OBJECT(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(ASN1_OBJECT, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_ASN1_TYPE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(ASN1_TYPE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_ASN1_TYPE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(ASN1_TYPE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ASN1_TYPE(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(ASN1_TYPE, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ASN1_TYPE(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(ASN1_TYPE, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_DIST_POINT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(DIST_POINT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_DIST_POINT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(DIST_POINT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_DIST_POINT(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(DIST_POINT, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_DIST_POINT(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(DIST_POINT, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_GENERAL_NAME(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(GENERAL_NAME, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_GENERAL_NAME(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(GENERAL_NAME, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_GENERAL_NAME(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(GENERAL_NAME, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_GENERAL_NAME(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(GENERAL_NAME, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(PKCS12_SAFEBAG, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(PKCS12_SAFEBAG, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_PKCS12_SAFEBAG(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(PKCS12_SAFEBAG, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_PKCS12_SAFEBAG(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(PKCS12_SAFEBAG, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_PKCS7(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(PKCS7, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_PKCS7(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(PKCS7, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_PKCS7(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(PKCS7, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_PKCS7(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(PKCS7, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(PKCS7_RECIP_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(PKCS7_RECIP_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_PKCS7_RECIP_INFO(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(PKCS7_RECIP_INFO, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_PKCS7_RECIP_INFO(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(PKCS7_RECIP_INFO, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(PKCS7_SIGNER_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(PKCS7_SIGNER_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_PKCS7_SIGNER_INFO(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(PKCS7_SIGNER_INFO, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_PKCS7_SIGNER_INFO(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(PKCS7_SIGNER_INFO, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_POLICYINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(POLICYINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_POLICYINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(POLICYINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_POLICYINFO(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(POLICYINFO, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_POLICYINFO(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(POLICYINFO, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_POLICYQUALINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(POLICYQUALINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_POLICYQUALINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(POLICYQUALINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_POLICYQUALINFO(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(POLICYQUALINFO, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_POLICYQUALINFO(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(POLICYQUALINFO, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_SXNETID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(SXNETID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_SXNETID(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(SXNETID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_SXNETID(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(SXNETID, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_SXNETID(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(SXNETID, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(X509, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_X509(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(X509, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(X509, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(X509, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_ALGOR(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(X509_ALGOR, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_X509_ALGOR(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(X509_ALGOR, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_ALGOR(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(X509_ALGOR, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_ALGOR(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(X509_ALGOR, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(X509_ATTRIBUTE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(X509_ATTRIBUTE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_ATTRIBUTE(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(X509_ATTRIBUTE, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_ATTRIBUTE(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(X509_ATTRIBUTE, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_CRL(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(X509_CRL, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_X509_CRL(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(X509_CRL, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_CRL(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(X509_CRL, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_CRL(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(X509_CRL, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_EXTENSION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(X509_EXTENSION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_X509_EXTENSION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(X509_EXTENSION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_EXTENSION(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(X509_EXTENSION, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_EXTENSION(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(X509_EXTENSION, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(X509_NAME_ENTRY, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(X509_NAME_ENTRY, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_NAME_ENTRY(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(X509_NAME_ENTRY, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_NAME_ENTRY(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(X509_NAME_ENTRY, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_REVOKED(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- SKM_ASN1_SET_OF_d2i(X509_REVOKED, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_X509_REVOKED(st, pp, i2d_func, ex_tag, ex_class, is_set) \
- SKM_ASN1_SET_OF_i2d(X509_REVOKED, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_REVOKED(st, i2d_func, buf, len) \
- SKM_ASN1_seq_pack(X509_REVOKED, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_REVOKED(buf, len, d2i_func, free_func) \
- SKM_ASN1_seq_unpack(X509_REVOKED, (buf), (len), (d2i_func), (free_func))
-
-#define PKCS12_decrypt_d2i_PKCS12_SAFEBAG(algor, d2i_func, free_func, pass, passlen, oct, seq) \
- SKM_PKCS12_decrypt_d2i(PKCS12_SAFEBAG, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-
-#define PKCS12_decrypt_d2i_PKCS7(algor, d2i_func, free_func, pass, passlen, oct, seq) \
- SKM_PKCS12_decrypt_d2i(PKCS7, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-/* End of util/mkstack.pl block, you may now edit :-) */
-
-#endif /* !defined HEADER_SAFESTACK_H */
diff --git a/src/lib/libcrypto/stack/stack.c b/src/lib/libcrypto/stack/stack.c
deleted file mode 100644
index 02857f0446..0000000000
--- a/src/lib/libcrypto/stack/stack.c
+++ /dev/null
@@ -1,332 +0,0 @@
-/* crypto/stack/stack.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Code for stacks
- * Author - Eric Young v 1.0
- * 1.2 eay 12-Mar-97 - Modified sk_find so that it _DOES_ return the
- * lowest index for the searched item.
- *
- * 1.1 eay - Take from netdb and added to SSLeay
- *
- * 1.0 eay - First version 29/07/92
- */
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/stack.h>
-
-#undef MIN_NODES
-#define MIN_NODES 4
-
-const char *STACK_version="Stack" OPENSSL_VERSION_PTEXT;
-
-#include <errno.h>
-
-int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,const char * const *)))
- (const char * const *, const char * const *)
- {
- int (*old)(const char * const *,const char * const *)=sk->comp;
-
- if (sk->comp != c)
- sk->sorted=0;
- sk->comp=c;
-
- return old;
- }
-
-STACK *sk_dup(STACK *sk)
- {
- STACK *ret;
- char **s;
-
- if ((ret=sk_new(sk->comp)) == NULL) goto err;
- s=(char **)OPENSSL_realloc((char *)ret->data,
- (unsigned int)sizeof(char *)*sk->num_alloc);
- if (s == NULL) goto err;
- ret->data=s;
-
- ret->num=sk->num;
- memcpy(ret->data,sk->data,sizeof(char *)*sk->num);
- ret->sorted=sk->sorted;
- ret->num_alloc=sk->num_alloc;
- ret->comp=sk->comp;
- return(ret);
-err:
- return(NULL);
- }
-
-STACK *sk_new_null(void)
- {
- return sk_new((int (*)(const char * const *, const char * const *))0);
- }
-
-STACK *sk_new(int (*c)(const char * const *, const char * const *))
- {
- STACK *ret;
- int i;
-
- if ((ret=(STACK *)OPENSSL_malloc(sizeof(STACK))) == NULL)
- goto err0;
- if ((ret->data=(char **)OPENSSL_malloc(sizeof(char *)*MIN_NODES)) == NULL)
- goto err1;
- for (i=0; i<MIN_NODES; i++)
- ret->data[i]=NULL;
- ret->comp=c;
- ret->num_alloc=MIN_NODES;
- ret->num=0;
- ret->sorted=0;
- return(ret);
-err1:
- OPENSSL_free(ret);
-err0:
- return(NULL);
- }
-
-int sk_insert(STACK *st, char *data, int loc)
- {
- char **s;
-
- if(st == NULL) return 0;
- if (st->num_alloc <= st->num+1)
- {
- s=(char **)OPENSSL_realloc((char *)st->data,
- (unsigned int)sizeof(char *)*st->num_alloc*2);
- if (s == NULL)
- return(0);
- st->data=s;
- st->num_alloc*=2;
- }
- if ((loc >= (int)st->num) || (loc < 0))
- st->data[st->num]=data;
- else
- {
- int i;
- char **f,**t;
-
- f=(char **)st->data;
- t=(char **)&(st->data[1]);
- for (i=st->num; i>=loc; i--)
- t[i]=f[i];
-
-#ifdef undef /* no memmove on sunos :-( */
- memmove( (char *)&(st->data[loc+1]),
- (char *)&(st->data[loc]),
- sizeof(char *)*(st->num-loc));
-#endif
- st->data[loc]=data;
- }
- st->num++;
- st->sorted=0;
- return(st->num);
- }
-
-char *sk_delete_ptr(STACK *st, char *p)
- {
- int i;
-
- for (i=0; i<st->num; i++)
- if (st->data[i] == p)
- return(sk_delete(st,i));
- return(NULL);
- }
-
-char *sk_delete(STACK *st, int loc)
- {
- char *ret;
- int i,j;
-
- if ((st == NULL) || (st->num == 0) || (loc < 0)
- || (loc >= st->num)) return(NULL);
-
- ret=st->data[loc];
- if (loc != st->num-1)
- {
- j=st->num-1;
- for (i=loc; i<j; i++)
- st->data[i]=st->data[i+1];
- /* In theory memcpy is not safe for this
- * memcpy( &(st->data[loc]),
- * &(st->data[loc+1]),
- * sizeof(char *)*(st->num-loc-1));
- */
- }
- st->num--;
- return(ret);
- }
-
-int sk_find(STACK *st, char *data)
- {
- char **r;
- int i;
- int (*comp_func)(const void *,const void *);
- if(st == NULL) return -1;
-
- if (st->comp == NULL)
- {
- for (i=0; i<st->num; i++)
- if (st->data[i] == data)
- return(i);
- return(-1);
- }
- sk_sort(st);
- if (data == NULL) return(-1);
- /* This (and the "qsort" below) are the two places in OpenSSL
- * where we need to convert from our standard (type **,type **)
- * compare callback type to the (void *,void *) type required by
- * bsearch. However, the "data" it is being called(back) with are
- * not (type *) pointers, but the *pointers* to (type *) pointers,
- * so we get our extra level of pointer dereferencing that way. */
- comp_func=(int (*)(const void *,const void *))(st->comp);
- r=(char **)bsearch(&data,(char *)st->data,
- st->num,sizeof(char *), comp_func);
- if (r == NULL) return(-1);
- i=(int)(r-st->data);
- for ( ; i>0; i--)
- /* This needs a cast because the type being pointed to from
- * the "&" expressions are (char *) rather than (const char *).
- * For an explanation, read:
- * http://www.eskimo.com/~scs/C-faq/q11.10.html :-) */
- if ((*st->comp)((const char * const *)&(st->data[i-1]),
- (const char * const *)&data) < 0)
- break;
- return(i);
- }
-
-int sk_push(STACK *st, char *data)
- {
- return(sk_insert(st,data,st->num));
- }
-
-int sk_unshift(STACK *st, char *data)
- {
- return(sk_insert(st,data,0));
- }
-
-char *sk_shift(STACK *st)
- {
- if (st == NULL) return(NULL);
- if (st->num <= 0) return(NULL);
- return(sk_delete(st,0));
- }
-
-char *sk_pop(STACK *st)
- {
- if (st == NULL) return(NULL);
- if (st->num <= 0) return(NULL);
- return(sk_delete(st,st->num-1));
- }
-
-void sk_zero(STACK *st)
- {
- if (st == NULL) return;
- if (st->num <= 0) return;
- memset((char *)st->data,0,sizeof(st->data)*st->num);
- st->num=0;
- }
-
-void sk_pop_free(STACK *st, void (*func)(void *))
- {
- int i;
-
- if (st == NULL) return;
- for (i=0; i<st->num; i++)
- if (st->data[i] != NULL)
- func(st->data[i]);
- sk_free(st);
- }
-
-void sk_free(STACK *st)
- {
- if (st == NULL) return;
- if (st->data != NULL) OPENSSL_free(st->data);
- OPENSSL_free(st);
- }
-
-int sk_num(const STACK *st)
-{
- if(st == NULL) return -1;
- return st->num;
-}
-
-char *sk_value(const STACK *st, int i)
-{
- if(st == NULL) return NULL;
- return st->data[i];
-}
-
-char *sk_set(STACK *st, int i, char *value)
-{
- if(st == NULL) return NULL;
- return (st->data[i] = value);
-}
-
-void sk_sort(STACK *st)
- {
- if (!st->sorted)
- {
- int (*comp_func)(const void *,const void *);
-
- /* same comment as in sk_find ... previously st->comp was declared
- * as a (void*,void*) callback type, but this made the population
- * of the callback pointer illogical - our callbacks compare
- * type** with type**, so we leave the casting until absolutely
- * necessary (ie. "now"). */
- comp_func=(int (*)(const void *,const void *))(st->comp);
- qsort(st->data,st->num,sizeof(char *), comp_func);
- st->sorted=1;
- }
- }
diff --git a/src/lib/libcrypto/stack/stack.h b/src/lib/libcrypto/stack/stack.h
deleted file mode 100644
index 8b436ca4b9..0000000000
--- a/src/lib/libcrypto/stack/stack.h
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/stack/stack.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_STACK_H
-#define HEADER_STACK_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct stack_st
- {
- int num;
- char **data;
- int sorted;
-
- int num_alloc;
- int (*comp)(const char * const *, const char * const *);
- } STACK;
-
-#define M_sk_num(sk) ((sk) ? (sk)->num:-1)
-#define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL)
-
-int sk_num(const STACK *);
-char *sk_value(const STACK *, int);
-
-char *sk_set(STACK *, int, char *);
-
-STACK *sk_new(int (*cmp)(const char * const *, const char * const *));
-STACK *sk_new_null(void);
-void sk_free(STACK *);
-void sk_pop_free(STACK *st, void (*func)(void *));
-int sk_insert(STACK *sk,char *data,int where);
-char *sk_delete(STACK *st,int loc);
-char *sk_delete_ptr(STACK *st, char *p);
-int sk_find(STACK *st,char *data);
-int sk_push(STACK *st,char *data);
-int sk_unshift(STACK *st,char *data);
-char *sk_shift(STACK *st);
-char *sk_pop(STACK *st);
-void sk_zero(STACK *st);
-int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,
- const char * const *)))
- (const char * const *, const char * const *);
-STACK *sk_dup(STACK *st);
-void sk_sort(STACK *st);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/txt_db/txt_db.c b/src/lib/libcrypto/txt_db/txt_db.c
deleted file mode 100644
index 3b04fe280c..0000000000
--- a/src/lib/libcrypto/txt_db/txt_db.c
+++ /dev/null
@@ -1,383 +0,0 @@
-/* crypto/txt_db/txt_db.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/txt_db.h>
-
-#undef BUFSIZE
-#define BUFSIZE 512
-
-const char *TXT_DB_version="TXT_DB" OPENSSL_VERSION_PTEXT;
-
-TXT_DB *TXT_DB_read(BIO *in, int num)
- {
- TXT_DB *ret=NULL;
- int er=1;
- int esc=0;
- long ln=0;
- int i,add,n;
- int size=BUFSIZE;
- int offset=0;
- char *p,**pp,*f;
- BUF_MEM *buf=NULL;
-
- if ((buf=BUF_MEM_new()) == NULL) goto err;
- if (!BUF_MEM_grow(buf,size)) goto err;
-
- if ((ret=(TXT_DB *)OPENSSL_malloc(sizeof(TXT_DB))) == NULL)
- goto err;
- ret->num_fields=num;
- ret->index=NULL;
- ret->qual=NULL;
- if ((ret->data=sk_new_null()) == NULL)
- goto err;
- if ((ret->index=(LHASH **)OPENSSL_malloc(sizeof(LHASH *)*num)) == NULL)
- goto err;
- if ((ret->qual=(int (**)())OPENSSL_malloc(sizeof(int (**)())*num)) == NULL)
- goto err;
- for (i=0; i<num; i++)
- {
- ret->index[i]=NULL;
- ret->qual[i]=NULL;
- }
-
- add=(num+1)*sizeof(char *);
- buf->data[size-1]='\0';
- offset=0;
- for (;;)
- {
- if (offset != 0)
- {
- size+=BUFSIZE;
- if (!BUF_MEM_grow(buf,size)) goto err;
- }
- buf->data[offset]='\0';
- BIO_gets(in,&(buf->data[offset]),size-offset);
- ln++;
- if (buf->data[offset] == '\0') break;
- if ((offset == 0) && (buf->data[0] == '#')) continue;
- i=strlen(&(buf->data[offset]));
- offset+=i;
- if (buf->data[offset-1] != '\n')
- continue;
- else
- {
- buf->data[offset-1]='\0'; /* blat the '\n' */
- p=(char *)OPENSSL_malloc(add+offset);
- offset=0;
- }
- pp=(char **)p;
- p+=add;
- n=0;
- pp[n++]=p;
- i=0;
- f=buf->data;
-
- esc=0;
- for (;;)
- {
- if (*f == '\0') break;
- if (*f == '\t')
- {
- if (esc)
- p--;
- else
- {
- *(p++)='\0';
- f++;
- if (n >= num) break;
- pp[n++]=p;
- continue;
- }
- }
- esc=(*f == '\\');
- *(p++)= *(f++);
- }
- *(p++)='\0';
- if ((n != num) || (*f != '\0'))
- {
-#if !defined(NO_STDIO) && !defined(WIN16) /* temporaty fix :-( */
- fprintf(stderr,"wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",ln,num,n,f);
-#endif
- er=2;
- goto err;
- }
- pp[n]=p;
- if (!sk_push(ret->data,(char *)pp))
- {
-#if !defined(NO_STDIO) && !defined(WIN16) /* temporaty fix :-( */
- fprintf(stderr,"failure in sk_push\n");
-#endif
- er=2;
- goto err;
- }
- }
- er=0;
-err:
- BUF_MEM_free(buf);
- if (er)
- {
-#if !defined(NO_STDIO) && !defined(WIN16)
- if (er == 1) fprintf(stderr,"OPENSSL_malloc failure\n");
-#endif
- if (ret->data != NULL) sk_free(ret->data);
- if (ret->index != NULL) OPENSSL_free(ret->index);
- if (ret->qual != NULL) OPENSSL_free(ret->qual);
- if (ret != NULL) OPENSSL_free(ret);
- return(NULL);
- }
- else
- return(ret);
- }
-
-char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value)
- {
- char **ret;
- LHASH *lh;
-
- if (idx >= db->num_fields)
- {
- db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
- return(NULL);
- }
- lh=db->index[idx];
- if (lh == NULL)
- {
- db->error=DB_ERROR_NO_INDEX;
- return(NULL);
- }
- ret=(char **)lh_retrieve(lh,value);
- db->error=DB_ERROR_OK;
- return(ret);
- }
-
-int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(),
- unsigned long (*hash)(), int (*cmp)())
- {
- LHASH *idx;
- char *r;
- int i,n;
-
- if (field >= db->num_fields)
- {
- db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
- return(0);
- }
- if ((idx=lh_new(hash,cmp)) == NULL)
- {
- db->error=DB_ERROR_MALLOC;
- return(0);
- }
- n=sk_num(db->data);
- for (i=0; i<n; i++)
- {
- r=(char *)sk_value(db->data,i);
- if ((qual != NULL) && (qual(r) == 0)) continue;
- if ((r=lh_insert(idx,r)) != NULL)
- {
- db->error=DB_ERROR_INDEX_CLASH;
- db->arg1=sk_find(db->data,r);
- db->arg2=i;
- lh_free(idx);
- return(0);
- }
- }
- if (db->index[field] != NULL) lh_free(db->index[field]);
- db->index[field]=idx;
- db->qual[field]=qual;
- return(1);
- }
-
-long TXT_DB_write(BIO *out, TXT_DB *db)
- {
- long i,j,n,nn,l,tot=0;
- char *p,**pp,*f;
- BUF_MEM *buf=NULL;
- long ret= -1;
-
- if ((buf=BUF_MEM_new()) == NULL)
- goto err;
- n=sk_num(db->data);
- nn=db->num_fields;
- for (i=0; i<n; i++)
- {
- pp=(char **)sk_value(db->data,i);
-
- l=0;
- for (j=0; j<nn; j++)
- {
- if (pp[j] != NULL)
- l+=strlen(pp[j]);
- }
- if (!BUF_MEM_grow(buf,(int)(l*2+nn))) goto err;
-
- p=buf->data;
- for (j=0; j<nn; j++)
- {
- f=pp[j];
- if (f != NULL)
- for (;;)
- {
- if (*f == '\0') break;
- if (*f == '\t') *(p++)='\\';
- *(p++)= *(f++);
- }
- *(p++)='\t';
- }
- p[-1]='\n';
- j=p-buf->data;
- if (BIO_write(out,buf->data,(int)j) != j)
- goto err;
- tot+=j;
- }
- ret=tot;
-err:
- if (buf != NULL) BUF_MEM_free(buf);
- return(ret);
- }
-
-int TXT_DB_insert(TXT_DB *db, char **row)
- {
- int i;
- char **r;
-
- for (i=0; i<db->num_fields; i++)
- {
- if (db->index[i] != NULL)
- {
- if ((db->qual[i] != NULL) &&
- (db->qual[i](row) == 0)) continue;
- r=(char **)lh_retrieve(db->index[i],row);
- if (r != NULL)
- {
- db->error=DB_ERROR_INDEX_CLASH;
- db->arg1=i;
- db->arg_row=r;
- goto err;
- }
- }
- }
- /* We have passed the index checks, now just append and insert */
- if (!sk_push(db->data,(char *)row))
- {
- db->error=DB_ERROR_MALLOC;
- goto err;
- }
-
- for (i=0; i<db->num_fields; i++)
- {
- if (db->index[i] != NULL)
- {
- if ((db->qual[i] != NULL) &&
- (db->qual[i](row) == 0)) continue;
- lh_insert(db->index[i],row);
- }
- }
- return(1);
-err:
- return(0);
- }
-
-void TXT_DB_free(TXT_DB *db)
- {
- int i,n;
- char **p,*max;
-
- if(db == NULL)
- return;
-
- if (db->index != NULL)
- {
- for (i=db->num_fields-1; i>=0; i--)
- if (db->index[i] != NULL) lh_free(db->index[i]);
- OPENSSL_free(db->index);
- }
- if (db->qual != NULL)
- OPENSSL_free(db->qual);
- if (db->data != NULL)
- {
- for (i=sk_num(db->data)-1; i>=0; i--)
- {
- /* check if any 'fields' have been allocated
- * from outside of the initial block */
- p=(char **)sk_value(db->data,i);
- max=p[db->num_fields]; /* last address */
- if (max == NULL) /* new row */
- {
- for (n=0; n<db->num_fields; n++)
- if (p[n] != NULL) OPENSSL_free(p[n]);
- }
- else
- {
- for (n=0; n<db->num_fields; n++)
- {
- if (((p[n] < (char *)p) || (p[n] > max))
- && (p[n] != NULL))
- OPENSSL_free(p[n]);
- }
- }
- OPENSSL_free(sk_value(db->data,i));
- }
- sk_free(db->data);
- }
- OPENSSL_free(db);
- }
diff --git a/src/lib/libcrypto/txt_db/txt_db.h b/src/lib/libcrypto/txt_db/txt_db.h
deleted file mode 100644
index 342533d40d..0000000000
--- a/src/lib/libcrypto/txt_db/txt_db.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/* crypto/txt_db/txt_db.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_TXT_DB_H
-#define HEADER_TXT_DB_H
-
-#ifndef NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/stack.h>
-#include <openssl/lhash.h>
-
-#define DB_ERROR_OK 0
-#define DB_ERROR_MALLOC 1
-#define DB_ERROR_INDEX_CLASH 2
-#define DB_ERROR_INDEX_OUT_OF_RANGE 3
-#define DB_ERROR_NO_INDEX 4
-#define DB_ERROR_INSERT_INDEX_CLASH 5
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct txt_db_st
- {
- int num_fields;
- STACK /* char ** */ *data;
- LHASH **index;
- int (**qual)();
- long error;
- long arg1;
- long arg2;
- char **arg_row;
- } TXT_DB;
-
-#ifndef NO_BIO
-TXT_DB *TXT_DB_read(BIO *in, int num);
-long TXT_DB_write(BIO *out, TXT_DB *db);
-#else
-TXT_DB *TXT_DB_read(char *in, int num);
-long TXT_DB_write(char *out, TXT_DB *db);
-#endif
-int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(),
- unsigned long (*hash)(),int (*cmp)());
-void TXT_DB_free(TXT_DB *db);
-char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value);
-int TXT_DB_insert(TXT_DB *db,char **value);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/lib/libcrypto/util/mkerr.pl b/src/lib/libcrypto/util/mkerr.pl
deleted file mode 100644
index 7d98b5234d..0000000000
--- a/src/lib/libcrypto/util/mkerr.pl
+++ /dev/null
@@ -1,529 +0,0 @@
-#!/usr/local/bin/perl -w
-
-my $config = "crypto/err/openssl.ec";
-my $debug = 0;
-my $rebuild = 0;
-my $static = 1;
-my $recurse = 0;
-my $reindex = 0;
-my $dowrite = 0;
-
-
-while (@ARGV) {
- my $arg = $ARGV[0];
- if($arg eq "-conf") {
- shift @ARGV;
- $config = shift @ARGV;
- } elsif($arg eq "-debug") {
- $debug = 1;
- shift @ARGV;
- } elsif($arg eq "-rebuild") {
- $rebuild = 1;
- shift @ARGV;
- } elsif($arg eq "-recurse") {
- $recurse = 1;
- shift @ARGV;
- } elsif($arg eq "-reindex") {
- $reindex = 1;
- shift @ARGV;
- } elsif($arg eq "-nostatic") {
- $static = 0;
- shift @ARGV;
- } elsif($arg eq "-write") {
- $dowrite = 1;
- shift @ARGV;
- } else {
- last;
- }
-}
-
-if($recurse) {
- @source = (<crypto/*.c>, <crypto/*/*.c>, <rsaref/*.c>, <ssl/*.c>);
-} else {
- @source = @ARGV;
-}
-
-# Read in the config file
-
-open(IN, "<$config") || die "Can't open config file $config";
-
-# Parse config file
-
-while(<IN>)
-{
- if(/^L\s+(\S+)\s+(\S+)\s+(\S+)/) {
- $hinc{$1} = $2;
- $cskip{$3} = $1;
- if($3 ne "NONE") {
- $csrc{$1} = $3;
- $fmax{$1} = 99;
- $rmax{$1} = 99;
- $fnew{$1} = 0;
- $rnew{$1} = 0;
- }
- } elsif (/^F\s+(\S+)/) {
- # Add extra function with $1
- } elsif (/^R\s+(\S+)\s+(\S+)/) {
- $rextra{$1} = $2;
- $rcodes{$1} = $2;
- }
-}
-
-close IN;
-
-# Scan each header file in turn and make a list of error codes
-# and function names
-
-while (($lib, $hdr) = each %hinc)
-{
- next if($hdr eq "NONE");
- print STDERR "Scanning header file $hdr\n" if $debug;
- open(IN, "<$hdr") || die "Can't open Header file $hdr\n";
- my $line = "", $def= "", $linenr = 0;
- while(<IN>) {
- $linenr++;
- print STDERR "line: $linenr\r" if $debug;
-
- last if(/BEGIN\s+ERROR\s+CODES/);
- if ($line ne '') {
- $_ = $line . $_;
- $line = '';
- }
-
- if (/\\$/) {
- $line = $_;
- next;
- }
-
- $cpp = 1 if /^#.*ifdef.*cplusplus/; # skip "C" declaration
- if ($cpp) {
- $cpp = 0 if /^#.*endif/;
- next;
- }
-
- next if (/^#/); # skip preprocessor directives
-
- s/\/\*.*?\*\///gs; # ignore comments
- s/{[^{}]*}//gs; # ignore {} blocks
-
- if (/{|\/\*/) { # Add a } so editor works...
- $line = $_;
- } else {
- $def .= $_;
- }
- }
-
- print STDERR " \r" if $debug;
- $defnr = 0;
- foreach (split /;/, $def) {
- $defnr++;
- print STDERR "def: $defnr\r" if $debug;
-
- s/^[\n\s]*//g;
- s/[\n\s]*$//g;
- next if(/typedef\W/);
- if (/\(\*(\w*)\([^\)]+/) {
- my $name = $1;
- $name =~ tr/[a-z]/[A-Z]/;
- $ftrans{$name} = $1;
- } elsif (/\w+\W+(\w+)\W*\(\s*\)$/s){
- # K&R C
- next ;
- } elsif (/\w+\W+\w+\W*\(.*\)$/s) {
- while (not /\(\)$/s) {
- s/[^\(\)]*\)$/\)/s;
- s/\([^\(\)]*\)\)$/\)/s;
- }
- s/\(void\)//;
- /(\w+)\W*\(\)/s;
- my $name = $1;
- $name =~ tr/[a-z]/[A-Z]/;
- $ftrans{$name} = $1;
- } elsif (/\(/ and not (/=/ or /DECLARE_STACK/)) {
- print STDERR "Header $hdr: cannot parse: $_;\n";
- }
- }
-
- print STDERR " \r" if $debug;
-
- next if $reindex;
-
- # Scan function and reason codes and store them: keep a note of the
- # maximum code used.
-
- while(<IN>) {
- if(/^#define\s+(\S+)\s+(\S+)/) {
- $name = $1;
- $code = $2;
- unless($name =~ /^${lib}_([RF])_(\w+)$/) {
- print STDERR "Invalid error code $name\n";
- next;
- }
- if($1 eq "R") {
- $rcodes{$name} = $code;
- if(!(exists $rextra{$name}) &&
- ($code > $rmax{$lib}) ) {
- $rmax{$lib} = $code;
- }
- } else {
- if($code > $fmax{$lib}) {
- $fmax{$lib} = $code;
- }
- $fcodes{$name} = $code;
- }
- }
- }
- close IN;
-}
-
-# Scan each C source file and look for function and reason codes
-# This is done by looking for strings that "look like" function or
-# reason codes: basically anything consisting of all upper case and
-# numerics which has _F_ or _R_ in it and which has the name of an
-# error library at the start. This seems to work fine except for the
-# oddly named structure BIO_F_CTX which needs to be ignored.
-# If a code doesn't exist in list compiled from headers then mark it
-# with the value "X" as a place holder to give it a value later.
-# Store all function and reason codes found in %ufcodes and %urcodes
-# so all those unreferenced can be printed out.
-
-
-foreach $file (@source) {
- # Don't parse the error source file.
- next if exists $cskip{$file};
- open(IN, "<$file") || die "Can't open source file $file\n";
- while(<IN>) {
- if(/(([A-Z0-9]+)_F_([A-Z0-9_]+))/) {
- next unless exists $csrc{$2};
- next if($1 eq "BIO_F_BUFFER_CTX");
- $ufcodes{$1} = 1;
- if(!exists $fcodes{$1}) {
- $fcodes{$1} = "X";
- $fnew{$2}++;
- }
- $notrans{$1} = 1 unless exists $ftrans{$3};
- }
- if(/(([A-Z0-9]+)_R_[A-Z0-9_]+)/) {
- next unless exists $csrc{$2};
- $urcodes{$1} = 1;
- if(!exists $rcodes{$1}) {
- $rcodes{$1} = "X";
- $rnew{$2}++;
- }
- }
- }
- close IN;
-}
-
-# Now process each library in turn.
-
-foreach $lib (keys %csrc)
-{
- my $hfile = $hinc{$lib};
- my $cfile = $csrc{$lib};
- if(!$fnew{$lib} && !$rnew{$lib}) {
- print STDERR "$lib:\t\tNo new error codes\n";
- next unless $rebuild;
- } else {
- print STDERR "$lib:\t\t$fnew{$lib} New Functions,";
- print STDERR " $rnew{$lib} New Reasons.\n";
- next unless $dowrite;
- }
-
- # If we get here then we have some new error codes so we
- # need to rebuild the header file and C file.
-
- # Make a sorted list of error and reason codes for later use.
-
- my @function = sort grep(/^${lib}_/,keys %fcodes);
- my @reasons = sort grep(/^${lib}_/,keys %rcodes);
-
- # Rewrite the header file
-
- open(IN, "<$hfile") || die "Can't Open Header File $hfile\n";
-
- # Copy across the old file
- while(<IN>) {
- push @out, $_;
- last if (/BEGIN ERROR CODES/);
- }
- close IN;
-
- open (OUT, ">$hfile") || die "Can't Open File $hfile for writing\n";
-
- print OUT @out;
- undef @out;
- print OUT <<"EOF";
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the $lib functions. */
-
-/* Function codes. */
-EOF
-
- foreach $i (@function) {
- $z=6-int(length($i)/8);
- if($fcodes{$i} eq "X") {
- $fcodes{$i} = ++$fmax{$lib};
- print STDERR "New Function code $i\n" if $debug;
- }
- printf OUT "#define $i%s $fcodes{$i}\n","\t" x $z;
- }
-
- print OUT "\n/* Reason codes. */\n";
-
- foreach $i (@reasons) {
- $z=6-int(length($i)/8);
- if($rcodes{$i} eq "X") {
- $rcodes{$i} = ++$rmax{$lib};
- print STDERR "New Reason code $i\n" if $debug;
- }
- printf OUT "#define $i%s $rcodes{$i}\n","\t" x $z;
- }
- print OUT <<"EOF";
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
-EOF
- close OUT;
-
- # Rewrite the C source file containing the error details.
-
- # First, read any existing reason string definitions:
- my %err_reason_strings;
- if (open(IN,"<$cfile")) {
- while (<IN>) {
- if (/\b(${lib}_R_\w*)\b.*\"(.*)\"/) {
- $err_reason_strings{$1} = $2;
- }
- }
- close(IN);
- }
-
- my $hincf;
- if($static) {
- $hfile =~ /([^\/]+)$/;
- $hincf = "<openssl/$1>";
- } else {
- $hincf = "\"$hfile\"";
- }
-
-
- open (OUT,">$cfile") || die "Can't open $cfile for writing";
-
- print OUT <<"EOF";
-/* $cfile */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core\@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay\@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh\@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include $hincf
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA ${lib}_str_functs[]=
- {
-EOF
- # Add each function code: if a function name is found then use it.
- foreach $i (@function) {
- my $fn;
- $i =~ /^${lib}_F_(\S+)$/;
- $fn = $1;
- if(exists $ftrans{$fn}) {
- $fn = $ftrans{$fn};
- }
- print OUT "{ERR_PACK(0,$i,0),\t\"$fn\"},\n";
- }
- print OUT <<"EOF";
-{0,NULL}
- };
-
-static ERR_STRING_DATA ${lib}_str_reasons[]=
- {
-EOF
- # Add each reason code.
- foreach $i (@reasons) {
- my $rn;
- my $nspc = 0;
- if (exists $err_reason_strings{$i}) {
- $rn = $err_reason_strings{$i};
- } else {
- $i =~ /^${lib}_R_(\S+)$/;
- $rn = $1;
- $rn =~ tr/_[A-Z]/ [a-z]/;
- }
- $nspc = 40 - length($i) unless length($i) > 40;
- $nspc = " " x $nspc;
- print OUT "{${i}${nspc},\"$rn\"},\n";
- }
-if($static) {
- print OUT <<"EOF";
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_${lib}_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_${lib},${lib}_str_functs);
- ERR_load_strings(ERR_LIB_${lib},${lib}_str_reasons);
-#endif
-
- }
- }
-EOF
-} else {
- print OUT <<"EOF";
-{0,NULL}
- };
-
-#endif
-
-#ifdef ${lib}_LIB_NAME
-static ERR_STRING_DATA ${lib}_lib_name[]=
- {
-{0 ,${lib}_LIB_NAME},
-{0,NULL}
- };
-#endif
-
-
-int ${lib}_lib_error_code=0;
-
-void ERR_load_${lib}_strings(void)
- {
- static int init=1;
-
- if (${lib}_lib_error_code == 0)
- ${lib}_lib_error_code=ERR_get_next_error_library();
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(${lib}_lib_error_code,${lib}_str_functs);
- ERR_load_strings(${lib}_lib_error_code,${lib}_str_reasons);
-#endif
-
-#ifdef ${lib}_LIB_NAME
- ${lib}_lib_name->error = ERR_PACK(${lib}_lib_error_code,0,0);
- ERR_load_strings(0,${lib}_lib_name);
-#endif
- }
- }
-
-void ERR_${lib}_error(int function, int reason, char *file, int line)
- {
- if (${lib}_lib_error_code == 0)
- ${lib}_lib_error_code=ERR_get_next_error_library();
- ERR_PUT_error(${lib}_lib_error_code,function,reason,file,line);
- }
-EOF
-
-}
-
- close OUT;
- undef %err_reason_strings;
-}
-
-if($debug && defined(%notrans)) {
- print STDERR "The following function codes were not translated:\n";
- foreach(sort keys %notrans)
- {
- print STDERR "$_\n";
- }
-}
-
-# Make a list of unreferenced function and reason codes
-
-foreach (keys %fcodes) {
- push (@funref, $_) unless exists $ufcodes{$_};
-}
-
-foreach (keys %rcodes) {
- push (@runref, $_) unless exists $urcodes{$_};
-}
-
-if($debug && defined(@funref) ) {
- print STDERR "The following function codes were not referenced:\n";
- foreach(sort @funref)
- {
- print STDERR "$_\n";
- }
-}
-
-if($debug && defined(@runref) ) {
- print STDERR "The following reason codes were not referenced:\n";
- foreach(sort @runref)
- {
- print STDERR "$_\n";
- }
-}
diff --git a/src/lib/libcrypto/util/mkstack.pl b/src/lib/libcrypto/util/mkstack.pl
deleted file mode 100644
index 3ee13fe7c9..0000000000
--- a/src/lib/libcrypto/util/mkstack.pl
+++ /dev/null
@@ -1,124 +0,0 @@
-#!/usr/local/bin/perl -w
-
-# This is a utility that searches out "DECLARE_STACK_OF()"
-# declarations in .h and .c files, and updates/creates/replaces
-# the corresponding macro declarations in crypto/stack/safestack.h.
-# As it's not generally possible to have macros that generate macros,
-# we need to control this from the "outside", here in this script.
-#
-# Geoff Thorpe, June, 2000 (with massive Perl-hacking
-# help from Steve Robb)
-
-my $safestack = "crypto/stack/safestack";
-
-my $do_write;
-while (@ARGV) {
- my $arg = $ARGV[0];
- if($arg eq "-write") {
- $do_write = 1;
- }
- shift @ARGV;
-}
-
-
-@source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <rsaref/*.[ch]>, <ssl/*.[ch]>);
-foreach $file (@source) {
- next if -l $file;
-
- # Open the .c/.h file for reading
- open(IN, "< $file") || die "Can't open $file for reading: $!";
-
- while(<IN>) {
- if (/^DECLARE_STACK_OF\(([^)]+)\)/) {
- push @stacklst, $1;
- } if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) {
- push @asn1setlst, $1;
- } if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) {
- push @p12stklst, $1;
- }
- }
- close(IN);
-}
-
-
-
-my $old_stackfile = "";
-my $new_stackfile = "";
-my $inside_block = 0;
-my $type_thing;
-
-open(IN, "< $safestack.h") || die "Can't open input file: $!";
-while(<IN>) {
- $old_stackfile .= $_;
-
- if (m|^/\* This block of defines is updated by util/mkstack.pl, please do not touch! \*/|) {
- $inside_block = 1;
- }
- if (m|^/\* End of util/mkstack.pl block, you may now edit :-\) \*/|) {
- $inside_block = 0;
- } elsif ($inside_block == 0) {
- $new_stackfile .= $_;
- }
- next if($inside_block != 1);
- $new_stackfile .= "/* This block of defines is updated by util/mkstack.pl, please do not touch! */";
-
- foreach $type_thing (sort @stacklst) {
- $new_stackfile .= <<EOF;
-
-#define sk_${type_thing}_new(st) SKM_sk_new($type_thing, (st))
-#define sk_${type_thing}_new_null() SKM_sk_new_null($type_thing)
-#define sk_${type_thing}_free(st) SKM_sk_free($type_thing, (st))
-#define sk_${type_thing}_num(st) SKM_sk_num($type_thing, (st))
-#define sk_${type_thing}_value(st, i) SKM_sk_value($type_thing, (st), (i))
-#define sk_${type_thing}_set(st, i, val) SKM_sk_set($type_thing, (st), (i), (val))
-#define sk_${type_thing}_zero(st) SKM_sk_zero($type_thing, (st))
-#define sk_${type_thing}_push(st, val) SKM_sk_push($type_thing, (st), (val))
-#define sk_${type_thing}_unshift(st, val) SKM_sk_unshift($type_thing, (st), (val))
-#define sk_${type_thing}_find(st, val) SKM_sk_find($type_thing, (st), (val))
-#define sk_${type_thing}_delete(st, i) SKM_sk_delete($type_thing, (st), (i))
-#define sk_${type_thing}_delete_ptr(st, ptr) SKM_sk_delete_ptr($type_thing, (st), (ptr))
-#define sk_${type_thing}_insert(st, val, i) SKM_sk_insert($type_thing, (st), (val), (i))
-#define sk_${type_thing}_set_cmp_func(st, cmp) SKM_sk_set_cmp_func($type_thing, (st), (cmp))
-#define sk_${type_thing}_dup(st) SKM_sk_dup($type_thing, st)
-#define sk_${type_thing}_pop_free(st, free_func) SKM_sk_pop_free($type_thing, (st), (free_func))
-#define sk_${type_thing}_shift(st) SKM_sk_shift($type_thing, (st))
-#define sk_${type_thing}_pop(st) SKM_sk_pop($type_thing, (st))
-#define sk_${type_thing}_sort(st) SKM_sk_sort($type_thing, (st))
-EOF
- }
- foreach $type_thing (sort @asn1setlst) {
- $new_stackfile .= <<EOF;
-
-#define d2i_ASN1_SET_OF_${type_thing}(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \\
- SKM_ASN1_SET_OF_d2i($type_thing, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-#define i2d_ASN1_SET_OF_${type_thing}(st, pp, i2d_func, ex_tag, ex_class, is_set) \\
- SKM_ASN1_SET_OF_i2d($type_thing, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_${type_thing}(st, i2d_func, buf, len) \\
- SKM_ASN1_seq_pack($type_thing, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_${type_thing}(buf, len, d2i_func, free_func) \\
- SKM_ASN1_seq_unpack($type_thing, (buf), (len), (d2i_func), (free_func))
-EOF
- }
- foreach $type_thing (sort @p12stklst) {
- $new_stackfile .= <<EOF;
-
-#define PKCS12_decrypt_d2i_${type_thing}(algor, d2i_func, free_func, pass, passlen, oct, seq) \\
- SKM_PKCS12_decrypt_d2i($type_thing, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-EOF
- }
- $new_stackfile .= "/* End of util/mkstack.pl block, you may now edit :-) */\n";
- $inside_block = 2;
-}
-
-
-if ($new_stackfile eq $old_stackfile) {
- print "No changes to $safestack.h.\n";
- exit 0; # avoid unnecessary rebuild
-}
-
-if ($do_write) {
- print "Writing new $safestack.h.\n";
- open OUT, ">$safestack.h" || die "Can't open output file";
- print OUT $new_stackfile;
- close OUT;
-}
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c
deleted file mode 100644
index 448bd7e69c..0000000000
--- a/src/lib/libcrypto/x509/by_dir.c
+++ /dev/null
@@ -1,351 +0,0 @@
-/* crypto/x509/by_dir.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifdef MAC_OS_pre_X
-# include <stat.h>
-#else
-# include <sys/stat.h>
-#endif
-
-#include <openssl/lhash.h>
-#include <openssl/x509.h>
-
-typedef struct lookup_dir_st
- {
- BUF_MEM *buffer;
- int num_dirs;
- char **dirs;
- int *dirs_type;
- int num_dirs_alloced;
- } BY_DIR;
-
-static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
- char **ret);
-static int new_dir(X509_LOOKUP *lu);
-static void free_dir(X509_LOOKUP *lu);
-static int add_cert_dir(BY_DIR *ctx,const char *dir,int type);
-static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name,
- X509_OBJECT *ret);
-X509_LOOKUP_METHOD x509_dir_lookup=
- {
- "Load certs from files in a directory",
- new_dir, /* new */
- free_dir, /* free */
- NULL, /* init */
- NULL, /* shutdown */
- dir_ctrl, /* ctrl */
- get_cert_by_subject, /* get_by_subject */
- NULL, /* get_by_issuer_serial */
- NULL, /* get_by_fingerprint */
- NULL, /* get_by_alias */
- };
-
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void)
- {
- return(&x509_dir_lookup);
- }
-
-static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
- char **retp)
- {
- int ret=0;
- BY_DIR *ld;
- char *dir;
-
- ld=(BY_DIR *)ctx->method_data;
-
- switch (cmd)
- {
- case X509_L_ADD_DIR:
- if (argl == X509_FILETYPE_DEFAULT)
- {
- ret=add_cert_dir(ld,X509_get_default_cert_dir(),
- X509_FILETYPE_PEM);
- if (!ret)
- {
- X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
- }
- else
- {
- dir=(char *)Getenv(X509_get_default_cert_dir_env());
- ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
- }
- }
- else
- ret=add_cert_dir(ld,argp,(int)argl);
- break;
- }
- return(ret);
- }
-
-static int new_dir(X509_LOOKUP *lu)
- {
- BY_DIR *a;
-
- if ((a=(BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL)
- return(0);
- if ((a->buffer=BUF_MEM_new()) == NULL)
- {
- OPENSSL_free(a);
- return(0);
- }
- a->num_dirs=0;
- a->dirs=NULL;
- a->dirs_type=NULL;
- a->num_dirs_alloced=0;
- lu->method_data=(char *)a;
- return(1);
- }
-
-static void free_dir(X509_LOOKUP *lu)
- {
- BY_DIR *a;
- int i;
-
- a=(BY_DIR *)lu->method_data;
- for (i=0; i<a->num_dirs; i++)
- if (a->dirs[i] != NULL) OPENSSL_free(a->dirs[i]);
- if (a->dirs != NULL) OPENSSL_free(a->dirs);
- if (a->dirs_type != NULL) OPENSSL_free(a->dirs_type);
- if (a->buffer != NULL) BUF_MEM_free(a->buffer);
- OPENSSL_free(a);
- }
-
-static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
- {
- int j,len;
- int *ip;
- const char *s,*ss,*p;
- char **pp;
-
- if (dir == NULL || !*dir)
- {
- X509err(X509_F_ADD_CERT_DIR,X509_R_INVALID_DIRECTORY);
- return 0;
- }
-
- s=dir;
- p=s;
- for (;;)
- {
- if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0'))
- {
- ss=s;
- s=p+1;
- len=(int)(p-ss);
- if (len == 0) continue;
- for (j=0; j<ctx->num_dirs; j++)
- if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0)
- continue;
- if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
- {
- ctx->num_dirs_alloced+=10;
- pp=(char **)OPENSSL_malloc(ctx->num_dirs_alloced*
- sizeof(char *));
- ip=(int *)OPENSSL_malloc(ctx->num_dirs_alloced*
- sizeof(int));
- if ((pp == NULL) || (ip == NULL))
- {
- X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)*
- sizeof(char *));
- memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)*
- sizeof(int));
- if (ctx->dirs != NULL)
- OPENSSL_free(ctx->dirs);
- if (ctx->dirs_type != NULL)
- OPENSSL_free(ctx->dirs_type);
- ctx->dirs=pp;
- ctx->dirs_type=ip;
- }
- ctx->dirs_type[ctx->num_dirs]=type;
- ctx->dirs[ctx->num_dirs]=(char *)OPENSSL_malloc((unsigned int)len+1);
- if (ctx->dirs[ctx->num_dirs] == NULL) return(0);
- strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len);
- ctx->dirs[ctx->num_dirs][len]='\0';
- ctx->num_dirs++;
- }
- if (*p == '\0') break;
- p++;
- }
- return(1);
- }
-
-static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
- X509_OBJECT *ret)
- {
- BY_DIR *ctx;
- union {
- struct {
- X509 st_x509;
- X509_CINF st_x509_cinf;
- } x509;
- struct {
- X509_CRL st_crl;
- X509_CRL_INFO st_crl_info;
- } crl;
- } data;
- int ok=0;
- int i,j,k;
- unsigned long h;
- BUF_MEM *b=NULL;
- struct stat st;
- X509_OBJECT stmp,*tmp;
- const char *postfix="";
-
- if (name == NULL) return(0);
-
- stmp.type=type;
- if (type == X509_LU_X509)
- {
- data.x509.st_x509.cert_info= &data.x509.st_x509_cinf;
- data.x509.st_x509_cinf.subject=name;
- stmp.data.x509= &data.x509.st_x509;
- postfix="";
- }
- else if (type == X509_LU_CRL)
- {
- data.crl.st_crl.crl= &data.crl.st_crl_info;
- data.crl.st_crl_info.issuer=name;
- stmp.data.crl= &data.crl.st_crl;
- postfix="r";
- }
- else
- {
- X509err(X509_F_GET_CERT_BY_SUBJECT,X509_R_WRONG_LOOKUP_TYPE);
- goto finish;
- }
-
- if ((b=BUF_MEM_new()) == NULL)
- {
- X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB);
- goto finish;
- }
-
- ctx=(BY_DIR *)xl->method_data;
-
- h=X509_NAME_hash(name);
- for (i=0; i<ctx->num_dirs; i++)
- {
- j=strlen(ctx->dirs[i])+1+8+6+1+1;
- if (!BUF_MEM_grow(b,j))
- {
- X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
- goto finish;
- }
- k=0;
- for (;;)
- {
- sprintf(b->data,"%s/%08lx.%s%d",ctx->dirs[i],h,
- postfix,k);
- k++;
- if (stat(b->data,&st) < 0)
- break;
- /* found one. */
- if (type == X509_LU_X509)
- {
- if ((X509_load_cert_file(xl,b->data,
- ctx->dirs_type[i])) == 0)
- break;
- }
- else if (type == X509_LU_CRL)
- {
- if ((X509_load_crl_file(xl,b->data,
- ctx->dirs_type[i])) == 0)
- break;
- }
- /* else case will caught higher up */
- }
-
- /* we have added it to the cache so now pull
- * it out again */
- CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
- j = sk_X509_OBJECT_find(xl->store_ctx->objs,&stmp);
- if(j != -1) tmp=sk_X509_OBJECT_value(xl->store_ctx->objs,j);
- else tmp = NULL;
- CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
-
- if (tmp != NULL)
- {
- ok=1;
- ret->type=tmp->type;
- memcpy(&ret->data,&tmp->data,sizeof(ret->data));
- /* If we were going to up the reference count,
- * we would need to do it on a perl 'type'
- * basis */
- /* CRYPTO_add(&tmp->data.x509->references,1,
- CRYPTO_LOCK_X509);*/
- goto finish;
- }
- }
-finish:
- if (b != NULL) BUF_MEM_free(b);
- return(ok);
- }
-
diff --git a/src/lib/libcrypto/x509/by_file.c b/src/lib/libcrypto/x509/by_file.c
deleted file mode 100644
index 78e9240a8d..0000000000
--- a/src/lib/libcrypto/x509/by_file.c
+++ /dev/null
@@ -1,298 +0,0 @@
-/* crypto/x509/by_file.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#ifndef NO_STDIO
-
-static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
- long argl, char **ret);
-X509_LOOKUP_METHOD x509_file_lookup=
- {
- "Load file into cache",
- NULL, /* new */
- NULL, /* free */
- NULL, /* init */
- NULL, /* shutdown */
- by_file_ctrl, /* ctrl */
- NULL, /* get_by_subject */
- NULL, /* get_by_issuer_serial */
- NULL, /* get_by_fingerprint */
- NULL, /* get_by_alias */
- };
-
-X509_LOOKUP_METHOD *X509_LOOKUP_file(void)
- {
- return(&x509_file_lookup);
- }
-
-static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
- char **ret)
- {
- int ok=0;
- char *file;
-
- switch (cmd)
- {
- case X509_L_FILE_LOAD:
- if (argl == X509_FILETYPE_DEFAULT)
- {
- ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(),
- X509_FILETYPE_PEM) != 0);
- if (!ok)
- {
- X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS);
- }
- else
- {
- file=(char *)Getenv(X509_get_default_cert_file_env());
- ok = (X509_load_cert_crl_file(ctx,file,
- X509_FILETYPE_PEM) != 0);
- }
- }
- else
- {
- if(argl == X509_FILETYPE_PEM)
- ok = (X509_load_cert_crl_file(ctx,argp,
- X509_FILETYPE_PEM) != 0);
- else
- ok = (X509_load_cert_file(ctx,argp,(int)argl) != 0);
- }
- break;
- }
- return(ok);
- }
-
-int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
- {
- int ret=0;
- BIO *in=NULL;
- int i,count=0;
- X509 *x=NULL;
-
- if (file == NULL) return(1);
- in=BIO_new(BIO_s_file_internal());
-
- if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
- {
- X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_SYS_LIB);
- goto err;
- }
-
- if (type == X509_FILETYPE_PEM)
- {
- for (;;)
- {
- x=PEM_read_bio_X509_AUX(in,NULL,NULL,NULL);
- if (x == NULL)
- {
- if ((ERR_GET_REASON(ERR_peek_error()) ==
- PEM_R_NO_START_LINE) && (count > 0))
- {
- ERR_clear_error();
- break;
- }
- else
- {
- X509err(X509_F_X509_LOAD_CERT_FILE,
- ERR_R_PEM_LIB);
- goto err;
- }
- }
- i=X509_STORE_add_cert(ctx->store_ctx,x);
- if (!i) goto err;
- count++;
- X509_free(x);
- x=NULL;
- }
- ret=count;
- }
- else if (type == X509_FILETYPE_ASN1)
- {
- x=d2i_X509_bio(in,NULL);
- if (x == NULL)
- {
- X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_ASN1_LIB);
- goto err;
- }
- i=X509_STORE_add_cert(ctx->store_ctx,x);
- if (!i) goto err;
- ret=i;
- }
- else
- {
- X509err(X509_F_X509_LOAD_CERT_FILE,X509_R_BAD_X509_FILETYPE);
- goto err;
- }
-err:
- if (x != NULL) X509_free(x);
- if (in != NULL) BIO_free(in);
- return(ret);
- }
-
-int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
- {
- int ret=0;
- BIO *in=NULL;
- int i,count=0;
- X509_CRL *x=NULL;
-
- if (file == NULL) return(1);
- in=BIO_new(BIO_s_file_internal());
-
- if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
- {
- X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_SYS_LIB);
- goto err;
- }
-
- if (type == X509_FILETYPE_PEM)
- {
- for (;;)
- {
- x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
- if (x == NULL)
- {
- if ((ERR_GET_REASON(ERR_peek_error()) ==
- PEM_R_NO_START_LINE) && (count > 0))
- {
- ERR_clear_error();
- break;
- }
- else
- {
- X509err(X509_F_X509_LOAD_CRL_FILE,
- ERR_R_PEM_LIB);
- goto err;
- }
- }
- i=X509_STORE_add_crl(ctx->store_ctx,x);
- if (!i) goto err;
- count++;
- X509_CRL_free(x);
- x=NULL;
- }
- ret=count;
- }
- else if (type == X509_FILETYPE_ASN1)
- {
- x=d2i_X509_CRL_bio(in,NULL);
- if (x == NULL)
- {
- X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_ASN1_LIB);
- goto err;
- }
- i=X509_STORE_add_crl(ctx->store_ctx,x);
- if (!i) goto err;
- ret=i;
- }
- else
- {
- X509err(X509_F_X509_LOAD_CRL_FILE,X509_R_BAD_X509_FILETYPE);
- goto err;
- }
-err:
- if (x != NULL) X509_CRL_free(x);
- if (in != NULL) BIO_free(in);
- return(ret);
- }
-
-int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type)
-{
- STACK_OF(X509_INFO) *inf;
- X509_INFO *itmp;
- BIO *in;
- int i, count = 0;
- if(type != X509_FILETYPE_PEM)
- return X509_load_cert_file(ctx, file, type);
- in = BIO_new_file(file, "r");
- if(!in) {
- X509err(X509_F_X509_LOAD_CERT_CRL_FILE,ERR_R_SYS_LIB);
- return 0;
- }
- inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
- BIO_free(in);
- if(!inf) {
- X509err(X509_F_X509_LOAD_CERT_CRL_FILE,ERR_R_PEM_LIB);
- return 0;
- }
- for(i = 0; i < sk_X509_INFO_num(inf); i++) {
- itmp = sk_X509_INFO_value(inf, i);
- if(itmp->x509) {
- X509_STORE_add_cert(ctx->store_ctx, itmp->x509);
- count++;
- } else if(itmp->crl) {
- X509_STORE_add_crl(ctx->store_ctx, itmp->crl);
- count++;
- }
- }
- sk_X509_INFO_pop_free(inf, X509_INFO_free);
- return count;
-}
-
-
-#endif /* NO_STDIO */
-
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h
deleted file mode 100644
index 813c8adffd..0000000000
--- a/src/lib/libcrypto/x509/x509.h
+++ /dev/null
@@ -1,1294 +0,0 @@
-/* crypto/x509/x509.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_X509_H
-#define HEADER_X509_H
-
-#include <openssl/symhacks.h>
-#ifndef NO_BUFFER
-#include <openssl/buffer.h>
-#endif
-#ifndef NO_EVP
-#include <openssl/evp.h>
-#endif
-#ifndef NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/stack.h>
-#include <openssl/asn1.h>
-#include <openssl/safestack.h>
-
-#ifndef NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#ifndef NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-#ifndef NO_DH
-#include <openssl/dh.h>
-#endif
-
-#include <openssl/evp.h>
-
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef WIN32
-/* Under Win32 this is defined in wincrypt.h */
-#undef X509_NAME
-#endif
-
- /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
-#define DECLARE_PKCS12_STACK_OF(type) /* Nothing */
-#define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */
-
-#define X509_FILETYPE_PEM 1
-#define X509_FILETYPE_ASN1 2
-#define X509_FILETYPE_DEFAULT 3
-
-#define X509v3_KU_DIGITAL_SIGNATURE 0x0080
-#define X509v3_KU_NON_REPUDIATION 0x0040
-#define X509v3_KU_KEY_ENCIPHERMENT 0x0020
-#define X509v3_KU_DATA_ENCIPHERMENT 0x0010
-#define X509v3_KU_KEY_AGREEMENT 0x0008
-#define X509v3_KU_KEY_CERT_SIGN 0x0004
-#define X509v3_KU_CRL_SIGN 0x0002
-#define X509v3_KU_ENCIPHER_ONLY 0x0001
-#define X509v3_KU_DECIPHER_ONLY 0x8000
-#define X509v3_KU_UNDEF 0xffff
-
-typedef struct X509_objects_st
- {
- int nid;
- int (*a2i)();
- int (*i2a)();
- } X509_OBJECTS;
-
-typedef struct X509_algor_st
- {
- ASN1_OBJECT *algorithm;
- ASN1_TYPE *parameter;
- } X509_ALGOR;
-
-DECLARE_STACK_OF(X509_ALGOR)
-DECLARE_ASN1_SET_OF(X509_ALGOR)
-
-typedef struct X509_val_st
- {
- ASN1_TIME *notBefore;
- ASN1_TIME *notAfter;
- } X509_VAL;
-
-typedef struct X509_pubkey_st
- {
- X509_ALGOR *algor;
- ASN1_BIT_STRING *public_key;
- EVP_PKEY *pkey;
- } X509_PUBKEY;
-
-typedef struct X509_sig_st
- {
- X509_ALGOR *algor;
- ASN1_OCTET_STRING *digest;
- } X509_SIG;
-
-typedef struct X509_name_entry_st
- {
- ASN1_OBJECT *object;
- ASN1_STRING *value;
- int set;
- int size; /* temp variable */
- } X509_NAME_ENTRY;
-
-DECLARE_STACK_OF(X509_NAME_ENTRY)
-DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
-
-/* we always keep X509_NAMEs in 2 forms. */
-typedef struct X509_name_st
- {
- STACK_OF(X509_NAME_ENTRY) *entries;
- int modified; /* true if 'bytes' needs to be built */
-#ifndef NO_BUFFER
- BUF_MEM *bytes;
-#else
- char *bytes;
-#endif
- unsigned long hash; /* Keep the hash around for lookups */
- } X509_NAME;
-
-DECLARE_STACK_OF(X509_NAME)
-
-#define X509_EX_V_NETSCAPE_HACK 0x8000
-#define X509_EX_V_INIT 0x0001
-typedef struct X509_extension_st
- {
- ASN1_OBJECT *object;
- short critical;
- short netscape_hack;
- ASN1_OCTET_STRING *value;
- struct v3_ext_method *method; /* V3 method to use */
- void *ext_val; /* extension value */
- } X509_EXTENSION;
-
-DECLARE_STACK_OF(X509_EXTENSION)
-DECLARE_ASN1_SET_OF(X509_EXTENSION)
-
-/* a sequence of these are used */
-typedef struct x509_attributes_st
- {
- ASN1_OBJECT *object;
- int set; /* 1 for a set, 0 for a single item (which is wrong) */
- union {
- char *ptr;
-/* 1 */ STACK_OF(ASN1_TYPE) *set;
-/* 0 */ ASN1_TYPE *single;
- } value;
- } X509_ATTRIBUTE;
-
-DECLARE_STACK_OF(X509_ATTRIBUTE)
-DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
-
-typedef struct X509_req_info_st
- {
- unsigned char *asn1;
- int length;
- ASN1_INTEGER *version;
- X509_NAME *subject;
- X509_PUBKEY *pubkey;
- /* d=2 hl=2 l= 0 cons: cont: 00 */
- STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
- int req_kludge;
- } X509_REQ_INFO;
-
-typedef struct X509_req_st
- {
- X509_REQ_INFO *req_info;
- X509_ALGOR *sig_alg;
- ASN1_BIT_STRING *signature;
- int references;
- } X509_REQ;
-
-typedef struct x509_cinf_st
- {
- ASN1_INTEGER *version; /* [ 0 ] default of v1 */
- ASN1_INTEGER *serialNumber;
- X509_ALGOR *signature;
- X509_NAME *issuer;
- X509_VAL *validity;
- X509_NAME *subject;
- X509_PUBKEY *key;
- ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
- ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
- STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
- } X509_CINF;
-
-/* This stuff is certificate "auxiliary info"
- * it contains details which are useful in certificate
- * stores and databases. When used this is tagged onto
- * the end of the certificate itself
- */
-
-typedef struct x509_cert_aux_st
- {
- STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
- STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
- ASN1_UTF8STRING *alias; /* "friendly name" */
- ASN1_OCTET_STRING *keyid; /* key id of private key */
- STACK_OF(X509_ALGOR) *other; /* other unspecified info */
- } X509_CERT_AUX;
-
-typedef struct x509_st
- {
- X509_CINF *cert_info;
- X509_ALGOR *sig_alg;
- ASN1_BIT_STRING *signature;
- int valid;
- int references;
- char *name;
- CRYPTO_EX_DATA ex_data;
- /* These contain copies of various extension values */
- long ex_pathlen;
- unsigned long ex_flags;
- unsigned long ex_kusage;
- unsigned long ex_xkusage;
- unsigned long ex_nscert;
- ASN1_OCTET_STRING *skid;
- struct AUTHORITY_KEYID_st *akid;
-#ifndef NO_SHA
- unsigned char sha1_hash[SHA_DIGEST_LENGTH];
-#endif
- X509_CERT_AUX *aux;
- } X509;
-
-DECLARE_STACK_OF(X509)
-DECLARE_ASN1_SET_OF(X509)
-
-/* This is used for a table of trust checking functions */
-
-typedef struct x509_trust_st {
- int trust;
- int flags;
- int (*check_trust)(struct x509_trust_st *, X509 *, int);
- char *name;
- int arg1;
- void *arg2;
-} X509_TRUST;
-
-DECLARE_STACK_OF(X509_TRUST)
-
-/* standard trust ids */
-
-#define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */
-
-#define X509_TRUST_COMPAT 1
-#define X509_TRUST_SSL_CLIENT 2
-#define X509_TRUST_SSL_SERVER 3
-#define X509_TRUST_EMAIL 4
-#define X509_TRUST_OBJECT_SIGN 5
-
-/* Keep these up to date! */
-#define X509_TRUST_MIN 1
-#define X509_TRUST_MAX 5
-
-
-/* trust_flags values */
-#define X509_TRUST_DYNAMIC 1
-#define X509_TRUST_DYNAMIC_NAME 2
-
-/* check_trust return codes */
-
-#define X509_TRUST_TRUSTED 1
-#define X509_TRUST_REJECTED 2
-#define X509_TRUST_UNTRUSTED 3
-
-/* Flags specific to X509_NAME_print_ex() */
-
-/* The field separator information */
-
-#define XN_FLAG_SEP_MASK (0xf << 16)
-
-#define XN_FLAG_COMPAT 0 /* Traditional SSLeay: use old X509_NAME_print */
-#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) /* RFC2253 ,+ */
-#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) /* ,+ spaced: more readable */
-#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) /* ;+ spaced */
-#define XN_FLAG_SEP_MULTILINE (4 << 16) /* One line per field */
-
-#define XN_FLAG_DN_REV (1 << 20) /* Reverse DN order */
-
-/* How the field name is shown */
-
-#define XN_FLAG_FN_MASK (0x3 << 21)
-
-#define XN_FLAG_FN_SN 0 /* Object short name */
-#define XN_FLAG_FN_LN (1 << 21) /* Object long name */
-#define XN_FLAG_FN_OID (2 << 21) /* Always use OIDs */
-#define XN_FLAG_FN_NONE (3 << 21) /* No field names */
-
-#define XN_FLAG_SPC_EQ (1 << 23) /* Put spaces round '=' */
-
-/* This determines if we dump fields we don't recognise:
- * RFC2253 requires this.
- */
-
-#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
-
-/* Complete set of RFC2253 flags */
-
-#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
- XN_FLAG_SEP_COMMA_PLUS | \
- XN_FLAG_DN_REV | \
- XN_FLAG_FN_SN | \
- XN_FLAG_DUMP_UNKNOWN_FIELDS)
-
-/* readable oneline form */
-
-#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
- ASN1_STRFLGS_ESC_QUOTE | \
- XN_FLAG_SEP_CPLUS_SPC | \
- XN_FLAG_SPC_EQ | \
- XN_FLAG_FN_SN)
-
-/* readable multiline form */
-
-#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
- ASN1_STRFLGS_ESC_MSB | \
- XN_FLAG_SEP_MULTILINE | \
- XN_FLAG_SPC_EQ | \
- XN_FLAG_FN_LN)
-
-typedef struct X509_revoked_st
- {
- ASN1_INTEGER *serialNumber;
- ASN1_TIME *revocationDate;
- STACK_OF(X509_EXTENSION) /* optional */ *extensions;
- int sequence; /* load sequence */
- } X509_REVOKED;
-
-DECLARE_STACK_OF(X509_REVOKED)
-DECLARE_ASN1_SET_OF(X509_REVOKED)
-
-typedef struct X509_crl_info_st
- {
- ASN1_INTEGER *version;
- X509_ALGOR *sig_alg;
- X509_NAME *issuer;
- ASN1_TIME *lastUpdate;
- ASN1_TIME *nextUpdate;
- STACK_OF(X509_REVOKED) *revoked;
- STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
- } X509_CRL_INFO;
-
-typedef struct X509_crl_st
- {
- /* actual signature */
- X509_CRL_INFO *crl;
- X509_ALGOR *sig_alg;
- ASN1_BIT_STRING *signature;
- int references;
- } X509_CRL;
-
-DECLARE_STACK_OF(X509_CRL)
-DECLARE_ASN1_SET_OF(X509_CRL)
-
-typedef struct private_key_st
- {
- int version;
- /* The PKCS#8 data types */
- X509_ALGOR *enc_algor;
- ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
-
- /* When decrypted, the following will not be NULL */
- EVP_PKEY *dec_pkey;
-
- /* used to encrypt and decrypt */
- int key_length;
- char *key_data;
- int key_free; /* true if we should auto free key_data */
-
- /* expanded version of 'enc_algor' */
- EVP_CIPHER_INFO cipher;
-
- int references;
- } X509_PKEY;
-
-#ifndef NO_EVP
-typedef struct X509_info_st
- {
- X509 *x509;
- X509_CRL *crl;
- X509_PKEY *x_pkey;
-
- EVP_CIPHER_INFO enc_cipher;
- int enc_len;
- char *enc_data;
-
- int references;
- } X509_INFO;
-
-DECLARE_STACK_OF(X509_INFO)
-#endif
-
-/* The next 2 structures and their 8 routines were sent to me by
- * Pat Richard <patr@x509.com> and are used to manipulate
- * Netscapes spki structures - useful if you are writing a CA web page
- */
-typedef struct Netscape_spkac_st
- {
- X509_PUBKEY *pubkey;
- ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
- } NETSCAPE_SPKAC;
-
-typedef struct Netscape_spki_st
- {
- NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
- X509_ALGOR *sig_algor;
- ASN1_BIT_STRING *signature;
- } NETSCAPE_SPKI;
-
-/* Netscape certificate sequence structure */
-typedef struct Netscape_certificate_sequence
- {
- ASN1_OBJECT *type;
- STACK_OF(X509) *certs;
- } NETSCAPE_CERT_SEQUENCE;
-
-typedef struct CBCParameter_st
- {
- unsigned char iv[8];
- } CBC_PARAM;
-
-/* Password based encryption structure */
-
-typedef struct PBEPARAM_st {
-ASN1_OCTET_STRING *salt;
-ASN1_INTEGER *iter;
-} PBEPARAM;
-
-/* Password based encryption V2 structures */
-
-typedef struct PBE2PARAM_st {
-X509_ALGOR *keyfunc;
-X509_ALGOR *encryption;
-} PBE2PARAM;
-
-typedef struct PBKDF2PARAM_st {
-ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */
-ASN1_INTEGER *iter;
-ASN1_INTEGER *keylength;
-X509_ALGOR *prf;
-} PBKDF2PARAM;
-
-
-/* PKCS#8 private key info structure */
-
-typedef struct pkcs8_priv_key_info_st
- {
- int broken; /* Flag for various broken formats */
-#define PKCS8_OK 0
-#define PKCS8_NO_OCTET 1
-#define PKCS8_EMBEDDED_PARAM 2
-#define PKCS8_NS_DB 3
- ASN1_INTEGER *version;
- X509_ALGOR *pkeyalg;
- ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */
- STACK_OF(X509_ATTRIBUTE) *attributes;
- } PKCS8_PRIV_KEY_INFO;
-
-#ifdef __cplusplus
-}
-#endif
-
-#include <openssl/x509_vfy.h>
-#include <openssl/pkcs7.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef SSLEAY_MACROS
-#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\
- a->signature,(char *)a->cert_info,r)
-#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \
- a->sig_alg,a->signature,(char *)a->req_info,r)
-#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \
- a->sig_alg, a->signature,(char *)a->crl,r)
-
-#define X509_sign(x,pkey,md) \
- ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \
- x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)
-#define X509_REQ_sign(x,pkey,md) \
- ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \
- x->signature, (char *)x->req_info,pkey,md)
-#define X509_CRL_sign(x,pkey,md) \
- ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \
- x->signature, (char *)x->crl,pkey,md)
-#define NETSCAPE_SPKI_sign(x,pkey,md) \
- ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \
- x->signature, (char *)x->spkac,pkey,md)
-
-#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \
- (char *(*)())d2i_X509,(char *)x509)
-#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\
- (int (*)())i2d_X509_ATTRIBUTE, \
- (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)
-#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \
- (int (*)())i2d_X509_EXTENSION, \
- (char *(*)())d2i_X509_EXTENSION,(char *)ex)
-#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \
- (char *(*)())d2i_X509, (fp),(unsigned char **)(x509))
-#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)
-#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
- (char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
-#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)
-
-#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \
- (char *(*)())d2i_X509_CRL,(char *)crl)
-#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \
- X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\
- (unsigned char **)(crl))
-#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\
- (unsigned char *)crl)
-#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \
- X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\
- (unsigned char **)(crl))
-#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\
- (unsigned char *)crl)
-
-#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \
- (char *(*)())d2i_PKCS7,(char *)p7)
-#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \
- PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\
- (unsigned char **)(p7))
-#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\
- (unsigned char *)p7)
-#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \
- PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\
- (unsigned char **)(p7))
-#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\
- (unsigned char *)p7)
-
-#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \
- (char *(*)())d2i_X509_REQ,(char *)req)
-#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\
- X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\
- (unsigned char **)(req))
-#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\
- (unsigned char *)req)
-#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\
- X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\
- (unsigned char **)(req))
-#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\
- (unsigned char *)req)
-
-#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \
- (char *(*)())d2i_RSAPublicKey,(char *)rsa)
-#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \
- (char *(*)())d2i_RSAPrivateKey,(char *)rsa)
-
-#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
- RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \
- (unsigned char **)(rsa))
-#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \
- (unsigned char *)rsa)
-#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
- RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \
- (unsigned char **)(rsa))
-#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \
- (unsigned char *)rsa)
-
-#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
- RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \
- (unsigned char **)(rsa))
-#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \
- (unsigned char *)rsa)
-#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
- RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \
- (unsigned char **)(rsa))
-#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \
- (unsigned char *)rsa)
-
-#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\
- DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \
- (unsigned char **)(dsa))
-#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \
- (unsigned char *)dsa)
-#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\
- DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \
- (unsigned char **)(dsa))
-#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
- (unsigned char *)dsa)
-
-#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\
- (char *(*)())d2i_X509_ALGOR,(char *)xn)
-
-#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \
- (char *(*)())d2i_X509_NAME,(char *)xn)
-#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \
- (int (*)())i2d_X509_NAME_ENTRY, \
- (char *(*)())d2i_X509_NAME_ENTRY,\
- (char *)ne)
-
-#define X509_digest(data,type,md,len) \
- ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)
-#define X509_NAME_digest(data,type,md,len) \
- ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)
-#ifndef PKCS7_ISSUER_AND_SERIAL_digest
-#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
- ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
- (char *)data,md,len)
-#endif
-#endif
-
-#define X509_EXT_PACK_UNKNOWN 1
-#define X509_EXT_PACK_STRING 2
-
-#define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
-/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
-#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
-#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
-#define X509_extract_key(x) X509_get_pubkey(x) /*****/
-#define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
-#define X509_REQ_get_subject_name(x) ((x)->req_info->subject)
-#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
-#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b))
-#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
-
-#define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version)
-#define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate)
-#define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate)
-#define X509_CRL_get_issuer(x) ((x)->crl->issuer)
-#define X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
-
-/* This one is only used so that a binary form can output, as in
- * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */
-#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
-
-
-const char *X509_verify_cert_error_string(long n);
-
-#ifndef SSLEAY_MACROS
-#ifndef NO_EVP
-int X509_verify(X509 *a, EVP_PKEY *r);
-
-int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
-int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
-int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
-
-NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len);
-char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x);
-EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x);
-int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
-
-int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
-
-int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
-int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
-
-int X509_digest(const X509 *data,const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-int X509_CRL_digest(const X509_CRL *data,const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-int X509_REQ_digest(const X509_REQ *data,const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type,
- unsigned char *md, unsigned int *len);
-#endif
-
-#ifndef NO_FP_API
-X509 *d2i_X509_fp(FILE *fp, X509 **x509);
-int i2d_X509_fp(FILE *fp,X509 *x509);
-X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl);
-int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req);
-int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req);
-#ifndef NO_RSA
-RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa);
-int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
-RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa);
-int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa);
-RSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa);
-int i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa);
-#endif
-#ifndef NO_DSA
-DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
-int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
-DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
-int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
-#endif
-X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8);
-int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
- PKCS8_PRIV_KEY_INFO **p8inf);
-int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf);
-int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
-int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
-int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
-#endif
-
-#ifndef NO_BIO
-X509 *d2i_X509_bio(BIO *bp,X509 **x509);
-int i2d_X509_bio(BIO *bp,X509 *x509);
-X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl);
-int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req);
-int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req);
-#ifndef NO_RSA
-RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa);
-int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
-RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa);
-int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa);
-RSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa);
-int i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa);
-#endif
-#ifndef NO_DSA
-DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
-int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
-DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
-int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
-#endif
-X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8);
-int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
- PKCS8_PRIV_KEY_INFO **p8inf);
-int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf);
-int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
-int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
-int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
-#endif
-
-X509 *X509_dup(X509 *x509);
-X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
-X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
-X509_CRL *X509_CRL_dup(X509_CRL *crl);
-X509_REQ *X509_REQ_dup(X509_REQ *req);
-X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
-X509_NAME *X509_NAME_dup(X509_NAME *xn);
-X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
-#ifndef NO_RSA
-RSA *RSAPublicKey_dup(RSA *rsa);
-RSA *RSAPrivateKey_dup(RSA *rsa);
-#endif
-
-#endif /* !SSLEAY_MACROS */
-
-int X509_cmp_time(ASN1_TIME *s, time_t *t);
-int X509_cmp_current_time(ASN1_TIME *s);
-ASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
-ASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj);
-
-const char * X509_get_default_cert_area(void );
-const char * X509_get_default_cert_dir(void );
-const char * X509_get_default_cert_file(void );
-const char * X509_get_default_cert_dir_env(void );
-const char * X509_get_default_cert_file_env(void );
-const char * X509_get_default_private_dir(void );
-
-X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
-X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
-void ERR_load_X509_strings(void );
-
-X509_ALGOR * X509_ALGOR_new(void );
-void X509_ALGOR_free(X509_ALGOR *a);
-int i2d_X509_ALGOR(X509_ALGOR *a,unsigned char **pp);
-X509_ALGOR * d2i_X509_ALGOR(X509_ALGOR **a,unsigned char **pp,
- long length);
-
-X509_VAL * X509_VAL_new(void );
-void X509_VAL_free(X509_VAL *a);
-int i2d_X509_VAL(X509_VAL *a,unsigned char **pp);
-X509_VAL * d2i_X509_VAL(X509_VAL **a,unsigned char **pp,
- long length);
-
-X509_PUBKEY * X509_PUBKEY_new(void );
-void X509_PUBKEY_free(X509_PUBKEY *a);
-int i2d_X509_PUBKEY(X509_PUBKEY *a,unsigned char **pp);
-X509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp,
- long length);
-int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
-EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key);
-int X509_get_pubkey_parameters(EVP_PKEY *pkey,
- STACK_OF(X509) *chain);
-int i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp);
-EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,unsigned char **pp,
- long length);
-#ifndef NO_RSA
-int i2d_RSA_PUBKEY(RSA *a,unsigned char **pp);
-RSA * d2i_RSA_PUBKEY(RSA **a,unsigned char **pp,
- long length);
-#endif
-#ifndef NO_DSA
-int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp);
-DSA * d2i_DSA_PUBKEY(DSA **a,unsigned char **pp,
- long length);
-#endif
-
-X509_SIG * X509_SIG_new(void );
-void X509_SIG_free(X509_SIG *a);
-int i2d_X509_SIG(X509_SIG *a,unsigned char **pp);
-X509_SIG * d2i_X509_SIG(X509_SIG **a,unsigned char **pp,long length);
-
-X509_REQ_INFO *X509_REQ_INFO_new(void);
-void X509_REQ_INFO_free(X509_REQ_INFO *a);
-int i2d_X509_REQ_INFO(X509_REQ_INFO *a,unsigned char **pp);
-X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a,unsigned char **pp,
- long length);
-
-X509_REQ * X509_REQ_new(void);
-void X509_REQ_free(X509_REQ *a);
-int i2d_X509_REQ(X509_REQ *a,unsigned char **pp);
-X509_REQ * d2i_X509_REQ(X509_REQ **a,unsigned char **pp,long length);
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
-void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
-int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp);
-X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp,
- long length);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
-
-
-X509_EXTENSION *X509_EXTENSION_new(void );
-void X509_EXTENSION_free(X509_EXTENSION *a);
-int i2d_X509_EXTENSION(X509_EXTENSION *a,unsigned char **pp);
-X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a,unsigned char **pp,
- long length);
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_new(void);
-void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a);
-int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a,unsigned char **pp);
-X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a,unsigned char **pp,
- long length);
-
-X509_NAME * X509_NAME_new(void);
-void X509_NAME_free(X509_NAME *a);
-int i2d_X509_NAME(X509_NAME *a,unsigned char **pp);
-X509_NAME * d2i_X509_NAME(X509_NAME **a,unsigned char **pp,long length);
-int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
-
-
-X509_CINF * X509_CINF_new(void);
-void X509_CINF_free(X509_CINF *a);
-int i2d_X509_CINF(X509_CINF *a,unsigned char **pp);
-X509_CINF * d2i_X509_CINF(X509_CINF **a,unsigned char **pp,long length);
-
-X509 * X509_new(void);
-void X509_free(X509 *a);
-int i2d_X509(X509 *a,unsigned char **pp);
-X509 * d2i_X509(X509 **a,unsigned char **pp,long length);
-int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int X509_set_ex_data(X509 *r, int idx, void *arg);
-void *X509_get_ex_data(X509 *r, int idx);
-int i2d_X509_AUX(X509 *a,unsigned char **pp);
-X509 * d2i_X509_AUX(X509 **a,unsigned char **pp,long length);
-
-X509_CERT_AUX * X509_CERT_AUX_new(void);
-void X509_CERT_AUX_free(X509_CERT_AUX *a);
-int i2d_X509_CERT_AUX(X509_CERT_AUX *a,unsigned char **pp);
-X509_CERT_AUX * d2i_X509_CERT_AUX(X509_CERT_AUX **a,unsigned char **pp,
- long length);
-int X509_alias_set1(X509 *x, unsigned char *name, int len);
-int X509_keyid_set1(X509 *x, unsigned char *id, int len);
-unsigned char * X509_alias_get0(X509 *x, int *len);
-int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int);
-int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
-int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
-void X509_trust_clear(X509 *x);
-void X509_reject_clear(X509 *x);
-
-X509_REVOKED * X509_REVOKED_new(void);
-void X509_REVOKED_free(X509_REVOKED *a);
-int i2d_X509_REVOKED(X509_REVOKED *a,unsigned char **pp);
-X509_REVOKED * d2i_X509_REVOKED(X509_REVOKED **a,unsigned char **pp,long length);
-
-X509_CRL_INFO *X509_CRL_INFO_new(void);
-void X509_CRL_INFO_free(X509_CRL_INFO *a);
-int i2d_X509_CRL_INFO(X509_CRL_INFO *a,unsigned char **pp);
-X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a,unsigned char **pp,
- long length);
-
-X509_CRL * X509_CRL_new(void);
-void X509_CRL_free(X509_CRL *a);
-int i2d_X509_CRL(X509_CRL *a,unsigned char **pp);
-X509_CRL * d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length);
-
-X509_PKEY * X509_PKEY_new(void );
-void X509_PKEY_free(X509_PKEY *a);
-int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp);
-X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length);
-
-NETSCAPE_SPKI * NETSCAPE_SPKI_new(void );
-void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a);
-int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a,unsigned char **pp);
-NETSCAPE_SPKI * d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a,unsigned char **pp,
- long length);
-
-NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void );
-void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a);
-int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp);
-NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp,
- long length);
-
-
-int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp);
-NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void);
-NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length);
-void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a);
-
-#ifndef NO_EVP
-X509_INFO * X509_INFO_new(void);
-void X509_INFO_free(X509_INFO *a);
-char * X509_NAME_oneline(X509_NAME *a,char *buf,int size);
-
-int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1,
- ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey);
-
-int ASN1_digest(int (*i2d)(),const EVP_MD *type,char *data,
- unsigned char *md,unsigned int *len);
-
-int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
- ASN1_BIT_STRING *signature,
- char *data,EVP_PKEY *pkey, const EVP_MD *type);
-#endif
-
-int X509_set_version(X509 *x,long version);
-int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
-ASN1_INTEGER * X509_get_serialNumber(X509 *x);
-int X509_set_issuer_name(X509 *x, X509_NAME *name);
-X509_NAME * X509_get_issuer_name(X509 *a);
-int X509_set_subject_name(X509 *x, X509_NAME *name);
-X509_NAME * X509_get_subject_name(X509 *a);
-int X509_set_notBefore(X509 *x, ASN1_TIME *tm);
-int X509_set_notAfter(X509 *x, ASN1_TIME *tm);
-int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
-EVP_PKEY * X509_get_pubkey(X509 *x);
-int X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */);
-
-int X509_REQ_set_version(X509_REQ *x,long version);
-int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name);
-int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
-EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req);
-int X509_REQ_extension_nid(int nid);
-int * X509_REQ_get_extension_nids(void);
-void X509_REQ_set_extension_nids(int *nids);
-STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
-int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
- int nid);
-int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
-int X509_REQ_get_attr_count(const X509_REQ *req);
-int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
- int lastpos);
-int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
- int lastpos);
-X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
-X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
-int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
-int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
- ASN1_OBJECT *obj, int type,
- unsigned char *bytes, int len);
-int X509_REQ_add1_attr_by_NID(X509_REQ *req,
- int nid, int type,
- unsigned char *bytes, int len);
-int X509_REQ_add1_attr_by_txt(X509_REQ *req,
- char *attrname, int type,
- unsigned char *bytes, int len);
-
-int X509_check_private_key(X509 *x509,EVP_PKEY *pkey);
-
-int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
-unsigned long X509_issuer_and_serial_hash(X509 *a);
-
-int X509_issuer_name_cmp(const X509 *a, const X509 *b);
-unsigned long X509_issuer_name_hash(X509 *a);
-
-int X509_subject_name_cmp(const X509 *a, const X509 *b);
-unsigned long X509_subject_name_hash(X509 *x);
-
-int X509_cmp(const X509 *a, const X509 *b);
-int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
-unsigned long X509_NAME_hash(X509_NAME *x);
-
-int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
-#ifndef NO_FP_API
-int X509_print_fp(FILE *bp,X509 *x);
-int X509_CRL_print_fp(FILE *bp,X509_CRL *x);
-int X509_REQ_print_fp(FILE *bp,X509_REQ *req);
-int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags);
-#endif
-
-#ifndef NO_BIO
-int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
-int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags);
-int X509_print(BIO *bp,X509 *x);
-int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent);
-int X509_CRL_print(BIO *bp,X509_CRL *x);
-int X509_REQ_print(BIO *bp,X509_REQ *req);
-#endif
-
-int X509_NAME_entry_count(X509_NAME *name);
-int X509_NAME_get_text_by_NID(X509_NAME *name, int nid,
- char *buf,int len);
-int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
- char *buf,int len);
-
-/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
- * lastpos, search after that position on. */
-int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
-int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj,
- int lastpos);
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
-int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,
- int loc, int set);
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
- unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
- unsigned char *bytes, int len, int loc, int set);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
- char *field, int type, unsigned char *bytes, int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
- int type,unsigned char *bytes, int len);
-int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type,
- unsigned char *bytes, int len, int loc, int set);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
- ASN1_OBJECT *obj, int type,unsigned char *bytes,
- int len);
-int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
- ASN1_OBJECT *obj);
-int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
- unsigned char *bytes, int len);
-ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
-ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
-
-int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
-int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
- int nid, int lastpos);
-int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
- ASN1_OBJECT *obj,int lastpos);
-int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
- int crit, int lastpos);
-X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
-X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
-STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
- X509_EXTENSION *ex, int loc);
-
-int X509_get_ext_count(X509 *x);
-int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
-int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos);
-int X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
-X509_EXTENSION *X509_get_ext(X509 *x, int loc);
-X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
-int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
-void * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
-
-int X509_CRL_get_ext_count(X509_CRL *x);
-int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
-int X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos);
-int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
-X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
-X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
-int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
-void * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
-
-int X509_REVOKED_get_ext_count(X509_REVOKED *x);
-int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
-int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos);
-int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
-X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
-X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
-int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
-void * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
-
-X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
- int nid, int crit, ASN1_OCTET_STRING *data);
-X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
- ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data);
-int X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj);
-int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
-int X509_EXTENSION_set_data(X509_EXTENSION *ex,
- ASN1_OCTET_STRING *data);
-ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex);
-ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
-int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
-
-int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
-int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
- int lastpos);
-int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
- int lastpos);
-X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
-X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
- X509_ATTRIBUTE *attr);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
- ASN1_OBJECT *obj, int type,
- unsigned char *bytes, int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
- int nid, int type,
- unsigned char *bytes, int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
- char *attrname, int type,
- unsigned char *bytes, int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
- int atrtype, void *data, int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
- ASN1_OBJECT *obj, int atrtype, void *data, int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
- char *atrname, int type, unsigned char *bytes, int len);
-int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj);
-int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len);
-void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
- int atrtype, void *data);
-int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
-ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
-ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
-
-int X509_verify_cert(X509_STORE_CTX *ctx);
-
-/* lookup a cert from a X509 STACK */
-X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name,
- ASN1_INTEGER *serial);
-X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name);
-
-int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp);
-PBEPARAM *PBEPARAM_new(void);
-PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length);
-void PBEPARAM_free(PBEPARAM *a);
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen);
-X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
- unsigned char *salt, int saltlen);
-
-int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp);
-PBKDF2PARAM *PBKDF2PARAM_new(void);
-PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp, long length);
-void PBKDF2PARAM_free(PBKDF2PARAM *a);
-
-int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp);
-PBE2PARAM *PBE2PARAM_new(void);
-PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length);
-void PBE2PARAM_free(PBE2PARAM *a);
-
-/* PKCS#8 utilities */
-
-int i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **pp);
-PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a,
- unsigned char **pp, long length);
-void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a);
-
-EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
-PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
-
-int X509_check_trust(X509 *x, int id, int flags);
-int X509_TRUST_get_count(void);
-X509_TRUST * X509_TRUST_get0(int idx);
-int X509_TRUST_get_by_id(int id);
-int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
- char *name, int arg1, void *arg2);
-void X509_TRUST_cleanup(void);
-int X509_TRUST_get_flags(X509_TRUST *xp);
-char *X509_TRUST_get0_name(X509_TRUST *xp);
-int X509_TRUST_get_trust(X509_TRUST *xp);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the X509 functions. */
-
-/* Function codes. */
-#define X509_F_ADD_CERT_DIR 100
-#define X509_F_BY_FILE_CTRL 101
-#define X509_F_DIR_CTRL 102
-#define X509_F_GET_CERT_BY_SUBJECT 103
-#define X509_F_NETSCAPE_SPKI_B64_DECODE 129
-#define X509_F_NETSCAPE_SPKI_B64_ENCODE 130
-#define X509_F_X509V3_ADD_EXT 104
-#define X509_F_X509_ADD_ATTR 135
-#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136
-#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137
-#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140
-#define X509_F_X509_ATTRIBUTE_GET0_DATA 139
-#define X509_F_X509_ATTRIBUTE_SET1_DATA 138
-#define X509_F_X509_CHECK_PRIVATE_KEY 128
-#define X509_F_X509_EXTENSION_CREATE_BY_NID 108
-#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
-#define X509_F_X509_GET_PUBKEY_PARAMETERS 110
-#define X509_F_X509_LOAD_CERT_CRL_FILE 132
-#define X509_F_X509_LOAD_CERT_FILE 111
-#define X509_F_X509_LOAD_CRL_FILE 112
-#define X509_F_X509_NAME_ADD_ENTRY 113
-#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114
-#define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131
-#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115
-#define X509_F_X509_NAME_ONELINE 116
-#define X509_F_X509_NAME_PRINT 117
-#define X509_F_X509_PRINT_FP 118
-#define X509_F_X509_PUBKEY_GET 119
-#define X509_F_X509_PUBKEY_SET 120
-#define X509_F_X509_REQ_PRINT 121
-#define X509_F_X509_REQ_PRINT_FP 122
-#define X509_F_X509_REQ_TO_X509 123
-#define X509_F_X509_STORE_ADD_CERT 124
-#define X509_F_X509_STORE_ADD_CRL 125
-#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134
-#define X509_F_X509_TO_X509_REQ 126
-#define X509_F_X509_TRUST_ADD 133
-#define X509_F_X509_VERIFY_CERT 127
-
-/* Reason codes. */
-#define X509_R_BAD_X509_FILETYPE 100
-#define X509_R_BASE64_DECODE_ERROR 118
-#define X509_R_CANT_CHECK_DH_KEY 114
-#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
-#define X509_R_ERR_ASN1_LIB 102
-#define X509_R_INVALID_DIRECTORY 113
-#define X509_R_INVALID_FIELD_NAME 119
-#define X509_R_KEY_TYPE_MISMATCH 115
-#define X509_R_KEY_VALUES_MISMATCH 116
-#define X509_R_LOADING_CERT_DIR 103
-#define X509_R_LOADING_DEFAULTS 104
-#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
-#define X509_R_SHOULD_RETRY 106
-#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
-#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
-#define X509_R_UNKNOWN_KEY_TYPE 117
-#define X509_R_UNKNOWN_NID 109
-#define X509_R_UNKNOWN_PURPOSE_ID 121
-#define X509_R_UNKNOWN_TRUST_ID 120
-#define X509_R_UNSUPPORTED_ALGORITHM 111
-#define X509_R_WRONG_LOOKUP_TYPE 112
-#define X509_R_WRONG_TYPE 122
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/x509/x509_att.c b/src/lib/libcrypto/x509/x509_att.c
deleted file mode 100644
index caafde658f..0000000000
--- a/src/lib/libcrypto/x509/x509_att.c
+++ /dev/null
@@ -1,326 +0,0 @@
-/* crypto/x509/x509_att.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
-{
- if (!x) return 0;
- return(sk_X509_ATTRIBUTE_num(x));
-}
-
-int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
- int lastpos)
-{
- ASN1_OBJECT *obj;
-
- obj=OBJ_nid2obj(nid);
- if (obj == NULL) return(-2);
- return(X509at_get_attr_by_OBJ(x,obj,lastpos));
-}
-
-int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
- int lastpos)
-{
- int n;
- X509_ATTRIBUTE *ex;
-
- if (sk == NULL) return(-1);
- lastpos++;
- if (lastpos < 0)
- lastpos=0;
- n=sk_X509_ATTRIBUTE_num(sk);
- for ( ; lastpos < n; lastpos++)
- {
- ex=sk_X509_ATTRIBUTE_value(sk,lastpos);
- if (OBJ_cmp(ex->object,obj) == 0)
- return(lastpos);
- }
- return(-1);
-}
-
-X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
-{
- if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
- return NULL;
- else
- return sk_X509_ATTRIBUTE_value(x,loc);
-}
-
-X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
-{
- X509_ATTRIBUTE *ret;
-
- if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
- return(NULL);
- ret=sk_X509_ATTRIBUTE_delete(x,loc);
- return(ret);
-}
-
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
- X509_ATTRIBUTE *attr)
-{
- X509_ATTRIBUTE *new_attr=NULL;
- STACK_OF(X509_ATTRIBUTE) *sk=NULL;
-
- if ((x != NULL) && (*x == NULL))
- {
- if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL)
- goto err;
- }
- else
- sk= *x;
-
- if ((new_attr=X509_ATTRIBUTE_dup(attr)) == NULL)
- goto err2;
- if (!sk_X509_ATTRIBUTE_push(sk,new_attr))
- goto err;
- if ((x != NULL) && (*x == NULL))
- *x=sk;
- return(sk);
-err:
- X509err(X509_F_X509_ADD_ATTR,ERR_R_MALLOC_FAILURE);
-err2:
- if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr);
- if (sk != NULL) sk_X509_ATTRIBUTE_free(sk);
- return(NULL);
-}
-
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
- ASN1_OBJECT *obj, int type,
- unsigned char *bytes, int len)
-{
- X509_ATTRIBUTE *attr;
- STACK_OF(X509_ATTRIBUTE) *ret;
- attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len);
- if(!attr) return 0;
- ret = X509at_add1_attr(x, attr);
- X509_ATTRIBUTE_free(attr);
- return ret;
-}
-
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
- int nid, int type,
- unsigned char *bytes, int len)
-{
- X509_ATTRIBUTE *attr;
- STACK_OF(X509_ATTRIBUTE) *ret;
- attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len);
- if(!attr) return 0;
- ret = X509at_add1_attr(x, attr);
- X509_ATTRIBUTE_free(attr);
- return ret;
-}
-
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
- char *attrname, int type,
- unsigned char *bytes, int len)
-{
- X509_ATTRIBUTE *attr;
- STACK_OF(X509_ATTRIBUTE) *ret;
- attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len);
- if(!attr) return 0;
- ret = X509at_add1_attr(x, attr);
- X509_ATTRIBUTE_free(attr);
- return ret;
-}
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
- int atrtype, void *data, int len)
-{
- ASN1_OBJECT *obj;
- X509_ATTRIBUTE *ret;
-
- obj=OBJ_nid2obj(nid);
- if (obj == NULL)
- {
- X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID,X509_R_UNKNOWN_NID);
- return(NULL);
- }
- ret=X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data,len);
- if (ret == NULL) ASN1_OBJECT_free(obj);
- return(ret);
-}
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
- ASN1_OBJECT *obj, int atrtype, void *data, int len)
-{
- X509_ATTRIBUTE *ret;
-
- if ((attr == NULL) || (*attr == NULL))
- {
- if ((ret=X509_ATTRIBUTE_new()) == NULL)
- {
- X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- }
- else
- ret= *attr;
-
- if (!X509_ATTRIBUTE_set1_object(ret,obj))
- goto err;
- if (!X509_ATTRIBUTE_set1_data(ret,atrtype,data,len))
- goto err;
-
- if ((attr != NULL) && (*attr == NULL)) *attr=ret;
- return(ret);
-err:
- if ((attr == NULL) || (ret != *attr))
- X509_ATTRIBUTE_free(ret);
- return(NULL);
-}
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
- char *atrname, int type, unsigned char *bytes, int len)
- {
- ASN1_OBJECT *obj;
- X509_ATTRIBUTE *nattr;
-
- obj=OBJ_txt2obj(atrname, 0);
- if (obj == NULL)
- {
- X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,
- X509_R_INVALID_FIELD_NAME);
- ERR_add_error_data(2, "name=", atrname);
- return(NULL);
- }
- nattr = X509_ATTRIBUTE_create_by_OBJ(attr,obj,type,bytes,len);
- ASN1_OBJECT_free(obj);
- return nattr;
- }
-
-int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj)
-{
- if ((attr == NULL) || (obj == NULL))
- return(0);
- ASN1_OBJECT_free(attr->object);
- attr->object=OBJ_dup(obj);
- return(1);
-}
-
-int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len)
-{
- ASN1_TYPE *ttmp;
- ASN1_STRING *stmp;
- int atype;
- if (!attr) return 0;
- if(attrtype & MBSTRING_FLAG) {
- stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
- OBJ_obj2nid(attr->object));
- if(!stmp) {
- X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_ASN1_LIB);
- return 0;
- }
- atype = stmp->type;
- } else {
- if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err;
- if(!ASN1_STRING_set(stmp, data, len)) goto err;
- atype = attrtype;
- }
- if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
- if(!(ttmp = ASN1_TYPE_new())) goto err;
- if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err;
- attr->set = 1;
- ASN1_TYPE_set(ttmp, atype, stmp);
- return 1;
- err:
- X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE);
- return 0;
-}
-
-int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr)
-{
- if(attr->set) return sk_ASN1_TYPE_num(attr->value.set);
- if(attr->value.single) return 1;
- return 0;
-}
-
-ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr)
-{
- if (attr == NULL) return(NULL);
- return(attr->object);
-}
-
-void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
- int atrtype, void *data)
-{
- ASN1_TYPE *ttmp;
- ttmp = X509_ATTRIBUTE_get0_type(attr, idx);
- if(!ttmp) return NULL;
- if(atrtype != ASN1_TYPE_get(ttmp)){
- X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE);
- return NULL;
- }
- return ttmp->value.ptr;
-}
-
-ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
-{
- if (attr == NULL) return(NULL);
- if(idx >= X509_ATTRIBUTE_count(attr)) return NULL;
- if(attr->set) return sk_ASN1_TYPE_value(attr->value.set, idx);
- else return attr->value.single;
-}
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c
deleted file mode 100644
index 3f9f9b3d47..0000000000
--- a/src/lib/libcrypto/x509/x509_cmp.c
+++ /dev/null
@@ -1,308 +0,0 @@
-/* crypto/x509/x509_cmp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
- {
- int i;
- X509_CINF *ai,*bi;
-
- ai=a->cert_info;
- bi=b->cert_info;
- i=M_ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber);
- if (i) return(i);
- return(X509_NAME_cmp(ai->issuer,bi->issuer));
- }
-
-#ifndef NO_MD5
-unsigned long X509_issuer_and_serial_hash(X509 *a)
- {
- unsigned long ret=0;
- MD5_CTX ctx;
- unsigned char md[16];
- char str[256];
-
- X509_NAME_oneline(a->cert_info->issuer,str,256);
- ret=strlen(str);
- MD5_Init(&ctx);
- MD5_Update(&ctx,(unsigned char *)str,ret);
- MD5_Update(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
- (unsigned long)a->cert_info->serialNumber->length);
- MD5_Final(&(md[0]),&ctx);
- ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
- ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
- )&0xffffffffL;
- return(ret);
- }
-#endif
-
-int X509_issuer_name_cmp(const X509 *a, const X509 *b)
- {
- return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer));
- }
-
-int X509_subject_name_cmp(const X509 *a, const X509 *b)
- {
- return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject));
- }
-
-int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b)
- {
- return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer));
- }
-
-X509_NAME *X509_get_issuer_name(X509 *a)
- {
- return(a->cert_info->issuer);
- }
-
-unsigned long X509_issuer_name_hash(X509 *x)
- {
- return(X509_NAME_hash(x->cert_info->issuer));
- }
-
-X509_NAME *X509_get_subject_name(X509 *a)
- {
- return(a->cert_info->subject);
- }
-
-ASN1_INTEGER *X509_get_serialNumber(X509 *a)
- {
- return(a->cert_info->serialNumber);
- }
-
-unsigned long X509_subject_name_hash(X509 *x)
- {
- return(X509_NAME_hash(x->cert_info->subject));
- }
-
-#ifndef NO_SHA
-/* Compare two certificates: they must be identical for
- * this to work. NB: Although "cmp" operations are generally
- * prototyped to take "const" arguments (eg. for use in
- * STACKs), the way X509 handling is - these operations may
- * involve ensuring the hashes are up-to-date and ensuring
- * certain cert information is cached. So this is the point
- * where the "depth-first" constification tree has to halt
- * with an evil cast.
- */
-int X509_cmp(const X509 *a, const X509 *b)
-{
- /* ensure hash is valid */
- X509_check_purpose((X509 *)a, -1, 0);
- X509_check_purpose((X509 *)b, -1, 0);
-
- return memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
-}
-#endif
-
-int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
- {
- int i,j;
- X509_NAME_ENTRY *na,*nb;
-
- if (sk_X509_NAME_ENTRY_num(a->entries)
- != sk_X509_NAME_ENTRY_num(b->entries))
- return sk_X509_NAME_ENTRY_num(a->entries)
- -sk_X509_NAME_ENTRY_num(b->entries);
- for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
- {
- na=sk_X509_NAME_ENTRY_value(a->entries,i);
- nb=sk_X509_NAME_ENTRY_value(b->entries,i);
- j=na->value->length-nb->value->length;
- if (j) return(j);
- j=memcmp(na->value->data,nb->value->data,
- na->value->length);
- if (j) return(j);
- j=na->set-nb->set;
- if (j) return(j);
- }
-
- /* We will check the object types after checking the values
- * since the values will more often be different than the object
- * types. */
- for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
- {
- na=sk_X509_NAME_ENTRY_value(a->entries,i);
- nb=sk_X509_NAME_ENTRY_value(b->entries,i);
- j=OBJ_cmp(na->object,nb->object);
- if (j) return(j);
- }
- return(0);
- }
-
-#ifndef NO_MD5
-/* I now DER encode the name and hash it. Since I cache the DER encoding,
- * this is reasonably efficient. */
-unsigned long X509_NAME_hash(X509_NAME *x)
- {
- unsigned long ret=0;
- unsigned char md[16];
-
- /* Ensure cached version is up to date */
- i2d_X509_NAME(x,NULL);
- /* Use cached encoding directly rather than copying: this should
- * keep libsafe happy.
- */
- MD5((unsigned char *)x->bytes->data,x->bytes->length,&(md[0]));
-
- ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
- ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
- )&0xffffffffL;
- return(ret);
- }
-#endif
-
-/* Search a stack of X509 for a match */
-X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
- ASN1_INTEGER *serial)
- {
- int i;
- X509_CINF cinf;
- X509 x,*x509=NULL;
-
- if(!sk) return NULL;
-
- x.cert_info= &cinf;
- cinf.serialNumber=serial;
- cinf.issuer=name;
-
- for (i=0; i<sk_X509_num(sk); i++)
- {
- x509=sk_X509_value(sk,i);
- if (X509_issuer_and_serial_cmp(x509,&x) == 0)
- return(x509);
- }
- return(NULL);
- }
-
-X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name)
- {
- X509 *x509;
- int i;
-
- for (i=0; i<sk_X509_num(sk); i++)
- {
- x509=sk_X509_value(sk,i);
- if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0)
- return(x509);
- }
- return(NULL);
- }
-
-EVP_PKEY *X509_get_pubkey(X509 *x)
- {
- if ((x == NULL) || (x->cert_info == NULL))
- return(NULL);
- return(X509_PUBKEY_get(x->cert_info->key));
- }
-
-int X509_check_private_key(X509 *x, EVP_PKEY *k)
- {
- EVP_PKEY *xk=NULL;
- int ok=0;
-
- xk=X509_get_pubkey(x);
- if (xk->type != k->type)
- {
- X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH);
- goto err;
- }
- switch (k->type)
- {
-#ifndef NO_RSA
- case EVP_PKEY_RSA:
- if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0
- || BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0)
- {
- X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
- goto err;
- }
- break;
-#endif
-#ifndef NO_DSA
- case EVP_PKEY_DSA:
- if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0)
- {
- X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
- goto err;
- }
- break;
-#endif
-#ifndef NO_DH
- case EVP_PKEY_DH:
- /* No idea */
- X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY);
- goto err;
-#endif
- default:
- X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE);
- goto err;
- }
-
- ok=1;
-err:
- EVP_PKEY_free(xk);
- return(ok);
- }
diff --git a/src/lib/libcrypto/x509/x509_d2.c b/src/lib/libcrypto/x509/x509_d2.c
deleted file mode 100644
index 753d53eb43..0000000000
--- a/src/lib/libcrypto/x509/x509_d2.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/x509/x509_d2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-
-#ifndef NO_STDIO
-int X509_STORE_set_default_paths(X509_STORE *ctx)
- {
- X509_LOOKUP *lookup;
-
- lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
- if (lookup == NULL) return(0);
- X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
-
- lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
- if (lookup == NULL) return(0);
- X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
-
- /* clear any errors */
- ERR_clear_error();
-
- return(1);
- }
-
-int X509_STORE_load_locations(X509_STORE *ctx, const char *file,
- const char *path)
- {
- X509_LOOKUP *lookup;
-
- if (file != NULL)
- {
- lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
- if (lookup == NULL) return(0);
- if (X509_LOOKUP_load_file(lookup,file,X509_FILETYPE_PEM) != 1)
- return(0);
- }
- if (path != NULL)
- {
- lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
- if (lookup == NULL) return(0);
- if (X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM) != 1)
- return(0);
- }
- if ((path == NULL) && (file == NULL))
- return(0);
- return(1);
- }
-
-#endif
diff --git a/src/lib/libcrypto/x509/x509_def.c b/src/lib/libcrypto/x509/x509_def.c
deleted file mode 100644
index e0ac151a76..0000000000
--- a/src/lib/libcrypto/x509/x509_def.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* crypto/x509/x509_def.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-
-const char *X509_get_default_private_dir(void)
- { return(X509_PRIVATE_DIR); }
-
-const char *X509_get_default_cert_area(void)
- { return(X509_CERT_AREA); }
-
-const char *X509_get_default_cert_dir(void)
- { return(X509_CERT_DIR); }
-
-const char *X509_get_default_cert_file(void)
- { return(X509_CERT_FILE); }
-
-const char *X509_get_default_cert_dir_env(void)
- { return(X509_CERT_DIR_EVP); }
-
-const char *X509_get_default_cert_file_env(void)
- { return(X509_CERT_FILE_EVP); }
-
diff --git a/src/lib/libcrypto/x509/x509_err.c b/src/lib/libcrypto/x509/x509_err.c
deleted file mode 100644
index 848add56e9..0000000000
--- a/src/lib/libcrypto/x509/x509_err.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/* crypto/x509/x509_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA X509_str_functs[]=
- {
-{ERR_PACK(0,X509_F_ADD_CERT_DIR,0), "ADD_CERT_DIR"},
-{ERR_PACK(0,X509_F_BY_FILE_CTRL,0), "BY_FILE_CTRL"},
-{ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"},
-{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0), "GET_CERT_BY_SUBJECT"},
-{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_DECODE,0), "NETSCAPE_SPKI_b64_decode"},
-{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_ENCODE,0), "NETSCAPE_SPKI_b64_encode"},
-{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0), "X509v3_add_ext"},
-{ERR_PACK(0,X509_F_X509_ADD_ATTR,0), "X509_ADD_ATTR"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_NID,0), "X509_ATTRIBUTE_create_by_NID"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,0), "X509_ATTRIBUTE_create_by_OBJ"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,0), "X509_ATTRIBUTE_create_by_txt"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_GET0_DATA,0), "X509_ATTRIBUTE_get0_data"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_SET1_DATA,0), "X509_ATTRIBUTE_set1_data"},
-{ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0), "X509_check_private_key"},
-{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"},
-{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"},
-{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0), "X509_get_pubkey_parameters"},
-{ERR_PACK(0,X509_F_X509_LOAD_CERT_CRL_FILE,0), "X509_load_cert_crl_file"},
-{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0), "X509_load_cert_file"},
-{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0), "X509_load_crl_file"},
-{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0), "X509_NAME_add_entry"},
-{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0), "X509_NAME_ENTRY_create_by_NID"},
-{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,0), "X509_NAME_ENTRY_create_by_txt"},
-{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0), "X509_NAME_ENTRY_set_object"},
-{ERR_PACK(0,X509_F_X509_NAME_ONELINE,0), "X509_NAME_oneline"},
-{ERR_PACK(0,X509_F_X509_NAME_PRINT,0), "X509_NAME_print"},
-{ERR_PACK(0,X509_F_X509_PRINT_FP,0), "X509_print_fp"},
-{ERR_PACK(0,X509_F_X509_PUBKEY_GET,0), "X509_PUBKEY_get"},
-{ERR_PACK(0,X509_F_X509_PUBKEY_SET,0), "X509_PUBKEY_set"},
-{ERR_PACK(0,X509_F_X509_REQ_PRINT,0), "X509_REQ_print"},
-{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0), "X509_REQ_print_fp"},
-{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0), "X509_REQ_to_X509"},
-{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0), "X509_STORE_add_cert"},
-{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0), "X509_STORE_add_crl"},
-{ERR_PACK(0,X509_F_X509_STORE_CTX_PURPOSE_INHERIT,0), "X509_STORE_CTX_purpose_inherit"},
-{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"},
-{ERR_PACK(0,X509_F_X509_TRUST_ADD,0), "X509_TRUST_add"},
-{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA X509_str_reasons[]=
- {
-{X509_R_BAD_X509_FILETYPE ,"bad x509 filetype"},
-{X509_R_BASE64_DECODE_ERROR ,"base64 decode error"},
-{X509_R_CANT_CHECK_DH_KEY ,"cant check dh key"},
-{X509_R_CERT_ALREADY_IN_HASH_TABLE ,"cert already in hash table"},
-{X509_R_ERR_ASN1_LIB ,"err asn1 lib"},
-{X509_R_INVALID_DIRECTORY ,"invalid directory"},
-{X509_R_INVALID_FIELD_NAME ,"invalid field name"},
-{X509_R_KEY_TYPE_MISMATCH ,"key type mismatch"},
-{X509_R_KEY_VALUES_MISMATCH ,"key values mismatch"},
-{X509_R_LOADING_CERT_DIR ,"loading cert dir"},
-{X509_R_LOADING_DEFAULTS ,"loading defaults"},
-{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ,"no cert set for us to verify"},
-{X509_R_SHOULD_RETRY ,"should retry"},
-{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"},
-{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ,"unable to get certs public key"},
-{X509_R_UNKNOWN_KEY_TYPE ,"unknown key type"},
-{X509_R_UNKNOWN_NID ,"unknown nid"},
-{X509_R_UNKNOWN_PURPOSE_ID ,"unknown purpose id"},
-{X509_R_UNKNOWN_TRUST_ID ,"unknown trust id"},
-{X509_R_UNSUPPORTED_ALGORITHM ,"unsupported algorithm"},
-{X509_R_WRONG_LOOKUP_TYPE ,"wrong lookup type"},
-{X509_R_WRONG_TYPE ,"wrong type"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_X509_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_X509,X509_str_functs);
- ERR_load_strings(ERR_LIB_X509,X509_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/x509/x509_ext.c b/src/lib/libcrypto/x509/x509_ext.c
deleted file mode 100644
index 2955989807..0000000000
--- a/src/lib/libcrypto/x509/x509_ext.c
+++ /dev/null
@@ -1,191 +0,0 @@
-/* crypto/x509/x509_ext.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-
-int X509_CRL_get_ext_count(X509_CRL *x)
- {
- return(X509v3_get_ext_count(x->crl->extensions));
- }
-
-int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos)
- {
- return(X509v3_get_ext_by_NID(x->crl->extensions,nid,lastpos));
- }
-
-int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos)
- {
- return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,lastpos));
- }
-
-int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos)
- {
- return(X509v3_get_ext_by_critical(x->crl->extensions,crit,lastpos));
- }
-
-X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc)
- {
- return(X509v3_get_ext(x->crl->extensions,loc));
- }
-
-X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc)
- {
- return(X509v3_delete_ext(x->crl->extensions,loc));
- }
-
-void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx)
-{
- return X509V3_get_d2i(x->crl->extensions, nid, crit, idx);
-}
-
-int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc)
- {
- return(X509v3_add_ext(&(x->crl->extensions),ex,loc) != NULL);
- }
-
-int X509_get_ext_count(X509 *x)
- {
- return(X509v3_get_ext_count(x->cert_info->extensions));
- }
-
-int X509_get_ext_by_NID(X509 *x, int nid, int lastpos)
- {
- return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,lastpos));
- }
-
-int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos)
- {
- return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,lastpos));
- }
-
-int X509_get_ext_by_critical(X509 *x, int crit, int lastpos)
- {
- return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,lastpos));
- }
-
-X509_EXTENSION *X509_get_ext(X509 *x, int loc)
- {
- return(X509v3_get_ext(x->cert_info->extensions,loc));
- }
-
-X509_EXTENSION *X509_delete_ext(X509 *x, int loc)
- {
- return(X509v3_delete_ext(x->cert_info->extensions,loc));
- }
-
-int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc)
- {
- return(X509v3_add_ext(&(x->cert_info->extensions),ex,loc) != NULL);
- }
-
-void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx)
-{
- return X509V3_get_d2i(x->cert_info->extensions, nid, crit, idx);
-}
-
-int X509_REVOKED_get_ext_count(X509_REVOKED *x)
- {
- return(X509v3_get_ext_count(x->extensions));
- }
-
-int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos)
- {
- return(X509v3_get_ext_by_NID(x->extensions,nid,lastpos));
- }
-
-int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
- int lastpos)
- {
- return(X509v3_get_ext_by_OBJ(x->extensions,obj,lastpos));
- }
-
-int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos)
- {
- return(X509v3_get_ext_by_critical(x->extensions,crit,lastpos));
- }
-
-X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc)
- {
- return(X509v3_get_ext(x->extensions,loc));
- }
-
-X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc)
- {
- return(X509v3_delete_ext(x->extensions,loc));
- }
-
-int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc)
- {
- return(X509v3_add_ext(&(x->extensions),ex,loc) != NULL);
- }
-
-void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx)
-{
- return X509V3_get_d2i(x->extensions, nid, crit, idx);
-}
-
-IMPLEMENT_STACK_OF(X509_EXTENSION)
-IMPLEMENT_ASN1_SET_OF(X509_EXTENSION)
diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c
deleted file mode 100644
index 863c738cad..0000000000
--- a/src/lib/libcrypto/x509/x509_lu.c
+++ /dev/null
@@ -1,529 +0,0 @@
-/* crypto/x509/x509_lu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/x509.h>
-
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_store_meth=NULL;
-
-X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
- {
- X509_LOOKUP *ret;
-
- ret=(X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP));
- if (ret == NULL) return NULL;
-
- ret->init=0;
- ret->skip=0;
- ret->method=method;
- ret->method_data=NULL;
- ret->store_ctx=NULL;
- if ((method->new_item != NULL) && !method->new_item(ret))
- {
- OPENSSL_free(ret);
- return NULL;
- }
- return ret;
- }
-
-void X509_LOOKUP_free(X509_LOOKUP *ctx)
- {
- if (ctx == NULL) return;
- if ( (ctx->method != NULL) &&
- (ctx->method->free != NULL))
- ctx->method->free(ctx);
- OPENSSL_free(ctx);
- }
-
-int X509_LOOKUP_init(X509_LOOKUP *ctx)
- {
- if (ctx->method == NULL) return 0;
- if (ctx->method->init != NULL)
- return ctx->method->init(ctx);
- else
- return 1;
- }
-
-int X509_LOOKUP_shutdown(X509_LOOKUP *ctx)
- {
- if (ctx->method == NULL) return 0;
- if (ctx->method->shutdown != NULL)
- return ctx->method->shutdown(ctx);
- else
- return 1;
- }
-
-int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
- char **ret)
- {
- if (ctx->method == NULL) return -1;
- if (ctx->method->ctrl != NULL)
- return ctx->method->ctrl(ctx,cmd,argc,argl,ret);
- else
- return 1;
- }
-
-int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
- X509_OBJECT *ret)
- {
- if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
- return X509_LU_FAIL;
- if (ctx->skip) return 0;
- return ctx->method->get_by_subject(ctx,type,name,ret);
- }
-
-int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
- ASN1_INTEGER *serial, X509_OBJECT *ret)
- {
- if ((ctx->method == NULL) ||
- (ctx->method->get_by_issuer_serial == NULL))
- return X509_LU_FAIL;
- return ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret);
- }
-
-int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
- unsigned char *bytes, int len, X509_OBJECT *ret)
- {
- if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
- return X509_LU_FAIL;
- return ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret);
- }
-
-int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
- X509_OBJECT *ret)
- {
- if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
- return X509_LU_FAIL;
- return ctx->method->get_by_alias(ctx,type,str,len,ret);
- }
-
-
-static int x509_object_cmp(const X509_OBJECT * const *a, const X509_OBJECT * const *b)
- {
- int ret;
-
- ret=((*a)->type - (*b)->type);
- if (ret) return ret;
- switch ((*a)->type)
- {
- case X509_LU_X509:
- ret=X509_subject_name_cmp((*a)->data.x509,(*b)->data.x509);
- break;
- case X509_LU_CRL:
- ret=X509_CRL_cmp((*a)->data.crl,(*b)->data.crl);
- break;
- default:
- /* abort(); */
- return 0;
- }
- return ret;
- }
-
-X509_STORE *X509_STORE_new(void)
- {
- X509_STORE *ret;
-
- if ((ret=(X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL)
- return NULL;
- ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
- ret->cache=1;
- ret->get_cert_methods=sk_X509_LOOKUP_new_null();
- ret->verify=NULL;
- ret->verify_cb=NULL;
- memset(&ret->ex_data,0,sizeof(CRYPTO_EX_DATA));
- ret->references=1;
- ret->depth=0;
- return ret;
- }
-
-static void cleanup(X509_OBJECT *a)
- {
- if (a->type == X509_LU_X509)
- {
- X509_free(a->data.x509);
- }
- else if (a->type == X509_LU_CRL)
- {
- X509_CRL_free(a->data.crl);
- }
- else
- {
- /* abort(); */
- }
-
- OPENSSL_free(a);
- }
-
-void X509_STORE_free(X509_STORE *vfy)
- {
- int i;
- STACK_OF(X509_LOOKUP) *sk;
- X509_LOOKUP *lu;
-
- if (vfy == NULL)
- return;
-
- sk=vfy->get_cert_methods;
- for (i=0; i<sk_X509_LOOKUP_num(sk); i++)
- {
- lu=sk_X509_LOOKUP_value(sk,i);
- X509_LOOKUP_shutdown(lu);
- X509_LOOKUP_free(lu);
- }
- sk_X509_LOOKUP_free(sk);
- sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
-
- CRYPTO_free_ex_data(x509_store_meth,vfy,&vfy->ex_data);
- OPENSSL_free(vfy);
- }
-
-X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
- {
- int i;
- STACK_OF(X509_LOOKUP) *sk;
- X509_LOOKUP *lu;
-
- sk=v->get_cert_methods;
- for (i=0; i<sk_X509_LOOKUP_num(sk); i++)
- {
- lu=sk_X509_LOOKUP_value(sk,i);
- if (m == lu->method)
- {
- return lu;
- }
- }
- /* a new one */
- lu=X509_LOOKUP_new(m);
- if (lu == NULL)
- return NULL;
- else
- {
- lu->store_ctx=v;
- if (sk_X509_LOOKUP_push(v->get_cert_methods,lu))
- return lu;
- else
- {
- X509_LOOKUP_free(lu);
- return NULL;
- }
- }
- }
-
-int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
- X509_OBJECT *ret)
- {
- X509_STORE *ctx=vs->ctx;
- X509_LOOKUP *lu;
- X509_OBJECT stmp,*tmp;
- int i,j;
-
- tmp=X509_OBJECT_retrieve_by_subject(ctx->objs,type,name);
-
- if (tmp == NULL)
- {
- for (i=vs->current_method; i<sk_X509_LOOKUP_num(ctx->get_cert_methods); i++)
- {
- lu=sk_X509_LOOKUP_value(ctx->get_cert_methods,i);
- j=X509_LOOKUP_by_subject(lu,type,name,&stmp);
- if (j < 0)
- {
- vs->current_method=j;
- return j;
- }
- else if (j)
- {
- tmp= &stmp;
- break;
- }
- }
- vs->current_method=0;
- if (tmp == NULL)
- return 0;
- }
-
-/* if (ret->data.ptr != NULL)
- X509_OBJECT_free_contents(ret); */
-
- ret->type=tmp->type;
- ret->data.ptr=tmp->data.ptr;
-
- X509_OBJECT_up_ref_count(ret);
-
- return 1;
- }
-
-int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
- {
- X509_OBJECT *obj;
- int ret=1;
-
- if (x == NULL) return 0;
- obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
- if (obj == NULL)
- {
- X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- obj->type=X509_LU_X509;
- obj->data.x509=x;
-
- CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-
- X509_OBJECT_up_ref_count(obj);
-
-
- if (X509_OBJECT_retrieve_match(ctx->objs, obj))
- {
- X509_OBJECT_free_contents(obj);
- OPENSSL_free(obj);
- X509err(X509_F_X509_STORE_ADD_CERT,X509_R_CERT_ALREADY_IN_HASH_TABLE);
- ret=0;
- }
- else sk_X509_OBJECT_push(ctx->objs, obj);
-
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
- return ret;
- }
-
-int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
- {
- X509_OBJECT *obj;
- int ret=1;
-
- if (x == NULL) return 0;
- obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
- if (obj == NULL)
- {
- X509err(X509_F_X509_STORE_ADD_CRL,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- obj->type=X509_LU_CRL;
- obj->data.crl=x;
-
- CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-
- X509_OBJECT_up_ref_count(obj);
-
- if (X509_OBJECT_retrieve_match(ctx->objs, obj))
- {
- X509_OBJECT_free_contents(obj);
- OPENSSL_free(obj);
- X509err(X509_F_X509_STORE_ADD_CRL,X509_R_CERT_ALREADY_IN_HASH_TABLE);
- ret=0;
- }
- else sk_X509_OBJECT_push(ctx->objs, obj);
-
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
- return ret;
- }
-
-void X509_OBJECT_up_ref_count(X509_OBJECT *a)
- {
- switch (a->type)
- {
- case X509_LU_X509:
- CRYPTO_add(&a->data.x509->references,1,CRYPTO_LOCK_X509);
- break;
- case X509_LU_CRL:
- CRYPTO_add(&a->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
- break;
- }
- }
-
-void X509_OBJECT_free_contents(X509_OBJECT *a)
- {
- switch (a->type)
- {
- case X509_LU_X509:
- X509_free(a->data.x509);
- break;
- case X509_LU_CRL:
- X509_CRL_free(a->data.crl);
- break;
- }
- }
-
-int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
- X509_NAME *name)
- {
- X509_OBJECT stmp;
- X509 x509_s;
- X509_CINF cinf_s;
- X509_CRL crl_s;
- X509_CRL_INFO crl_info_s;
-
- stmp.type=type;
- switch (type)
- {
- case X509_LU_X509:
- stmp.data.x509= &x509_s;
- x509_s.cert_info= &cinf_s;
- cinf_s.subject=name;
- break;
- case X509_LU_CRL:
- stmp.data.crl= &crl_s;
- crl_s.crl= &crl_info_s;
- crl_info_s.issuer=name;
- break;
- default:
- /* abort(); */
- return -1;
- }
-
- return sk_X509_OBJECT_find(h,&stmp);
- }
-
-X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, int type,
- X509_NAME *name)
-{
- int idx;
- idx = X509_OBJECT_idx_by_subject(h, type, name);
- if (idx==-1) return NULL;
- return sk_X509_OBJECT_value(h, idx);
-}
-
-X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x)
-{
- int idx, i;
- X509_OBJECT *obj;
- idx = sk_X509_OBJECT_find(h, x);
- if (idx == -1) return NULL;
- if (x->type != X509_LU_X509) return sk_X509_OBJECT_value(h, idx);
- for (i = idx; i < sk_X509_OBJECT_num(h); i++)
- {
- obj = sk_X509_OBJECT_value(h, i);
- if (x509_object_cmp((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x))
- return NULL;
- if ((x->type != X509_LU_X509) || !X509_cmp(obj->data.x509, x->data.x509))
- return obj;
- }
- return NULL;
-}
-
-
-/* Try to get issuer certificate from store. Due to limitations
- * of the API this can only retrieve a single certificate matching
- * a given subject name. However it will fill the cache with all
- * matching certificates, so we can examine the cache for all
- * matches.
- *
- * Return values are:
- * 1 lookup successful.
- * 0 certificate not found.
- * -1 some other error.
- */
-
-
-int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
-{
- X509_NAME *xn;
- X509_OBJECT obj, *pobj;
- int i, ok, idx;
- xn=X509_get_issuer_name(x);
- ok=X509_STORE_get_by_subject(ctx,X509_LU_X509,xn,&obj);
- if (ok != X509_LU_X509)
- {
- if (ok == X509_LU_RETRY)
- {
- X509_OBJECT_free_contents(&obj);
- X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY);
- return -1;
- }
- else if (ok != X509_LU_FAIL)
- {
- X509_OBJECT_free_contents(&obj);
- /* not good :-(, break anyway */
- return -1;
- }
- return 0;
- }
- /* If certificate matches all OK */
- if (ctx->check_issued(ctx, x, obj.data.x509))
- {
- *issuer = obj.data.x509;
- return 1;
- }
- X509_OBJECT_free_contents(&obj);
- /* Else find index of first matching cert */
- idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
- /* This shouldn't normally happen since we already have one match */
- if (idx == -1) return 0;
-
- /* Look through all matching certificates for a suitable issuer */
- for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++)
- {
- pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
- /* See if we've ran out of matches */
- if (pobj->type != X509_LU_X509) return 0;
- if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509))) return 0;
- if (ctx->check_issued(ctx, x, pobj->data.x509))
- {
- *issuer = pobj->data.x509;
- X509_OBJECT_up_ref_count(pobj);
- return 1;
- }
- }
- return 0;
-}
-
-IMPLEMENT_STACK_OF(X509_LOOKUP)
-IMPLEMENT_STACK_OF(X509_OBJECT)
diff --git a/src/lib/libcrypto/x509/x509_obj.c b/src/lib/libcrypto/x509/x509_obj.c
deleted file mode 100644
index f0271fdfa1..0000000000
--- a/src/lib/libcrypto/x509/x509_obj.c
+++ /dev/null
@@ -1,225 +0,0 @@
-/* crypto/x509/x509_obj.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/buffer.h>
-
-char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
- {
- X509_NAME_ENTRY *ne;
-int i;
- int n,lold,l,l1,l2,num,j,type;
- const char *s;
- char *p;
- unsigned char *q;
- BUF_MEM *b=NULL;
- static char hex[17]="0123456789ABCDEF";
- int gs_doit[4];
- char tmp_buf[80];
-#ifdef CHARSET_EBCDIC
- char ebcdic_buf[1024];
-#endif
-
- if (buf == NULL)
- {
- if ((b=BUF_MEM_new()) == NULL) goto err;
- if (!BUF_MEM_grow(b,200)) goto err;
- b->data[0]='\0';
- len=200;
- }
- if (a == NULL)
- {
- if(b)
- {
- buf=b->data;
- OPENSSL_free(b);
- }
- strncpy(buf,"NO X509_NAME",len);
- return buf;
- }
-
- len--; /* space for '\0' */
- l=0;
- for (i=0; i<sk_X509_NAME_ENTRY_num(a->entries); i++)
- {
- ne=sk_X509_NAME_ENTRY_value(a->entries,i);
- n=OBJ_obj2nid(ne->object);
- if ((n == NID_undef) || ((s=OBJ_nid2sn(n)) == NULL))
- {
- i2t_ASN1_OBJECT(tmp_buf,sizeof(tmp_buf),ne->object);
- s=tmp_buf;
- }
- l1=strlen(s);
-
- type=ne->value->type;
- num=ne->value->length;
- q=ne->value->data;
-#ifdef CHARSET_EBCDIC
- if (type == V_ASN1_GENERALSTRING ||
- type == V_ASN1_VISIBLESTRING ||
- type == V_ASN1_PRINTABLESTRING ||
- type == V_ASN1_TELETEXSTRING ||
- type == V_ASN1_VISIBLESTRING ||
- type == V_ASN1_IA5STRING) {
- ascii2ebcdic(ebcdic_buf, q,
- (num > sizeof ebcdic_buf)
- ? sizeof ebcdic_buf : num);
- q=ebcdic_buf;
- }
-#endif
-
- if ((type == V_ASN1_GENERALSTRING) && ((num%4) == 0))
- {
- gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=0;
- for (j=0; j<num; j++)
- if (q[j] != 0) gs_doit[j&3]=1;
-
- if (gs_doit[0]|gs_doit[1]|gs_doit[2])
- gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1;
- else
- {
- gs_doit[0]=gs_doit[1]=gs_doit[2]=0;
- gs_doit[3]=1;
- }
- }
- else
- gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1;
-
- for (l2=j=0; j<num; j++)
- {
- if (!gs_doit[j&3]) continue;
- l2++;
-#ifndef CHARSET_EBCDIC
- if ((q[j] < ' ') || (q[j] > '~')) l2+=3;
-#else
- if ((os_toascii[q[j]] < os_toascii[' ']) ||
- (os_toascii[q[j]] > os_toascii['~'])) l2+=3;
-#endif
- }
-
- lold=l;
- l+=1+l1+1+l2;
- if (b != NULL)
- {
- if (!BUF_MEM_grow(b,l+1)) goto err;
- p= &(b->data[lold]);
- }
- else if (l > len)
- {
- break;
- }
- else
- p= &(buf[lold]);
- *(p++)='/';
- memcpy(p,s,(unsigned int)l1); p+=l1;
- *(p++)='=';
-
-#ifndef CHARSET_EBCDIC /* q was assigned above already. */
- q=ne->value->data;
-#endif
-
- for (j=0; j<num; j++)
- {
- if (!gs_doit[j&3]) continue;
-#ifndef CHARSET_EBCDIC
- n=q[j];
- if ((n < ' ') || (n > '~'))
- {
- *(p++)='\\';
- *(p++)='x';
- *(p++)=hex[(n>>4)&0x0f];
- *(p++)=hex[n&0x0f];
- }
- else
- *(p++)=n;
-#else
- n=os_toascii[q[j]];
- if ((n < os_toascii[' ']) ||
- (n > os_toascii['~']))
- {
- *(p++)='\\';
- *(p++)='x';
- *(p++)=hex[(n>>4)&0x0f];
- *(p++)=hex[n&0x0f];
- }
- else
- *(p++)=q[j];
-#endif
- }
- *p='\0';
- }
- if (b != NULL)
- {
- p=b->data;
- OPENSSL_free(b);
- }
- else
- p=buf;
- if (i == 0)
- *p = '\0';
- return(p);
-err:
- X509err(X509_F_X509_NAME_ONELINE,ERR_R_MALLOC_FAILURE);
- if (b != NULL) BUF_MEM_free(b);
- return(NULL);
- }
-
diff --git a/src/lib/libcrypto/x509/x509_r2x.c b/src/lib/libcrypto/x509/x509_r2x.c
deleted file mode 100644
index db051033d9..0000000000
--- a/src/lib/libcrypto/x509/x509_r2x.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/x509/x509_r2x.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-
-X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
- {
- X509 *ret=NULL;
- X509_CINF *xi=NULL;
- X509_NAME *xn;
-
- if ((ret=X509_new()) == NULL)
- {
- X509err(X509_F_X509_REQ_TO_X509,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* duplicate the request */
- xi=ret->cert_info;
-
- if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0)
- {
- if ((xi->version=M_ASN1_INTEGER_new()) == NULL) goto err;
- if (!ASN1_INTEGER_set(xi->version,2)) goto err;
-/* xi->extensions=ri->attributes; <- bad, should not ever be done
- ri->attributes=NULL; */
- }
-
- xn=X509_REQ_get_subject_name(r);
- X509_set_subject_name(ret,X509_NAME_dup(xn));
- X509_set_issuer_name(ret,X509_NAME_dup(xn));
-
- X509_gmtime_adj(xi->validity->notBefore,0);
- X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days);
-
- X509_set_pubkey(ret,X509_REQ_get_pubkey(r));
-
- if (!X509_sign(ret,pkey,EVP_md5()))
- goto err;
- if (0)
- {
-err:
- X509_free(ret);
- ret=NULL;
- }
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c
deleted file mode 100644
index 7eca1bd57a..0000000000
--- a/src/lib/libcrypto/x509/x509_req.c
+++ /dev/null
@@ -1,278 +0,0 @@
-/* crypto/x509/x509_req.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/pem.h>
-
-X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
- {
- X509_REQ *ret;
- X509_REQ_INFO *ri;
- int i;
- EVP_PKEY *pktmp;
-
- ret=X509_REQ_new();
- if (ret == NULL)
- {
- X509err(X509_F_X509_TO_X509_REQ,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- ri=ret->req_info;
-
- ri->version->length=1;
- ri->version->data=(unsigned char *)OPENSSL_malloc(1);
- if (ri->version->data == NULL) goto err;
- ri->version->data[0]=0; /* version == 0 */
-
- if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x)))
- goto err;
-
- pktmp = X509_get_pubkey(x);
- i=X509_REQ_set_pubkey(ret,pktmp);
- EVP_PKEY_free(pktmp);
- if (!i) goto err;
-
- if (pkey != NULL)
- {
- if (!X509_REQ_sign(ret,pkey,md))
- goto err;
- }
- return(ret);
-err:
- X509_REQ_free(ret);
- return(NULL);
- }
-
-EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req)
- {
- if ((req == NULL) || (req->req_info == NULL))
- return(NULL);
- return(X509_PUBKEY_get(req->req_info->pubkey));
- }
-
-/* It seems several organisations had the same idea of including a list of
- * extensions in a certificate request. There are at least two OIDs that are
- * used and there may be more: so the list is configurable.
- */
-
-static int ext_nid_list[] = { NID_ms_ext_req, NID_ext_req, NID_undef};
-
-static int *ext_nids = ext_nid_list;
-
-int X509_REQ_extension_nid(int req_nid)
-{
- int i, nid;
- for(i = 0; ; i++) {
- nid = ext_nids[i];
- if(nid == NID_undef) return 0;
- else if (req_nid == nid) return 1;
- }
-}
-
-int *X509_REQ_get_extension_nids(void)
-{
- return ext_nids;
-}
-
-void X509_REQ_set_extension_nids(int *nids)
-{
- ext_nids = nids;
-}
-
-STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
-{
- X509_ATTRIBUTE *attr;
- STACK_OF(X509_ATTRIBUTE) *sk;
- ASN1_TYPE *ext = NULL;
- int i;
- unsigned char *p;
- if ((req == NULL) || (req->req_info == NULL))
- return(NULL);
- sk=req->req_info->attributes;
- if (!sk) return NULL;
- for(i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
- attr = sk_X509_ATTRIBUTE_value(sk, i);
- if(X509_REQ_extension_nid(OBJ_obj2nid(attr->object))) {
- if(attr->set && sk_ASN1_TYPE_num(attr->value.set))
- ext = sk_ASN1_TYPE_value(attr->value.set, 0);
- else ext = attr->value.single;
- break;
- }
- }
- if(!ext || (ext->type != V_ASN1_SEQUENCE)) return NULL;
- p = ext->value.sequence->data;
- return d2i_ASN1_SET_OF_X509_EXTENSION(NULL, &p,
- ext->value.sequence->length,
- d2i_X509_EXTENSION, X509_EXTENSION_free,
- V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
-/* Add a STACK_OF extensions to a certificate request: allow alternative OIDs
- * in case we want to create a non standard one.
- */
-
-int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
- int nid)
-{
- unsigned char *p = NULL, *q;
- long len;
- ASN1_TYPE *at = NULL;
- X509_ATTRIBUTE *attr = NULL;
- if(!(at = ASN1_TYPE_new()) ||
- !(at->value.sequence = ASN1_STRING_new())) goto err;
-
- at->type = V_ASN1_SEQUENCE;
- /* Generate encoding of extensions */
- len = i2d_ASN1_SET_OF_X509_EXTENSION(exts, NULL, i2d_X509_EXTENSION,
- V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
- if(!(p = OPENSSL_malloc(len))) goto err;
- q = p;
- i2d_ASN1_SET_OF_X509_EXTENSION(exts, &q, i2d_X509_EXTENSION,
- V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
- at->value.sequence->data = p;
- p = NULL;
- at->value.sequence->length = len;
- if(!(attr = X509_ATTRIBUTE_new())) goto err;
- if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
- if(!sk_ASN1_TYPE_push(attr->value.set, at)) goto err;
- at = NULL;
- attr->set = 1;
- attr->object = OBJ_nid2obj(nid);
- if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err;
- return 1;
- err:
- if(p) OPENSSL_free(p);
- X509_ATTRIBUTE_free(attr);
- ASN1_TYPE_free(at);
- return 0;
-}
-/* This is the normal usage: use the "official" OID */
-int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts)
-{
- return X509_REQ_add_extensions_nid(req, exts, NID_ext_req);
-}
-
-/* Request attribute functions */
-
-int X509_REQ_get_attr_count(const X509_REQ *req)
-{
- return X509at_get_attr_count(req->req_info->attributes);
-}
-
-int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
- int lastpos)
-{
- return X509at_get_attr_by_NID(req->req_info->attributes, nid, lastpos);
-}
-
-int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
- int lastpos)
-{
- return X509at_get_attr_by_OBJ(req->req_info->attributes, obj, lastpos);
-}
-
-X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc)
-{
- return X509at_get_attr(req->req_info->attributes, loc);
-}
-
-X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc)
-{
- return X509at_delete_attr(req->req_info->attributes, loc);
-}
-
-int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
-{
- if(X509at_add1_attr(&req->req_info->attributes, attr)) return 1;
- return 0;
-}
-
-int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
- ASN1_OBJECT *obj, int type,
- unsigned char *bytes, int len)
-{
- if(X509at_add1_attr_by_OBJ(&req->req_info->attributes, obj,
- type, bytes, len)) return 1;
- return 0;
-}
-
-int X509_REQ_add1_attr_by_NID(X509_REQ *req,
- int nid, int type,
- unsigned char *bytes, int len)
-{
- if(X509at_add1_attr_by_NID(&req->req_info->attributes, nid,
- type, bytes, len)) return 1;
- return 0;
-}
-
-int X509_REQ_add1_attr_by_txt(X509_REQ *req,
- char *attrname, int type,
- unsigned char *bytes, int len)
-{
- if(X509at_add1_attr_by_txt(&req->req_info->attributes, attrname,
- type, bytes, len)) return 1;
- return 0;
-}
diff --git a/src/lib/libcrypto/x509/x509_set.c b/src/lib/libcrypto/x509/x509_set.c
deleted file mode 100644
index aaf61ca062..0000000000
--- a/src/lib/libcrypto/x509/x509_set.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* crypto/x509/x509_set.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_set_version(X509 *x, long version)
- {
- if (x == NULL) return(0);
- if (x->cert_info->version == NULL)
- {
- if ((x->cert_info->version=M_ASN1_INTEGER_new()) == NULL)
- return(0);
- }
- return(ASN1_INTEGER_set(x->cert_info->version,version));
- }
-
-int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial)
- {
- ASN1_INTEGER *in;
-
- if (x == NULL) return(0);
- in=x->cert_info->serialNumber;
- if (in != serial)
- {
- in=M_ASN1_INTEGER_dup(serial);
- if (in != NULL)
- {
- M_ASN1_INTEGER_free(x->cert_info->serialNumber);
- x->cert_info->serialNumber=in;
- }
- }
- return(in != NULL);
- }
-
-int X509_set_issuer_name(X509 *x, X509_NAME *name)
- {
- if ((x == NULL) || (x->cert_info == NULL)) return(0);
- return(X509_NAME_set(&x->cert_info->issuer,name));
- }
-
-int X509_set_subject_name(X509 *x, X509_NAME *name)
- {
- if ((x == NULL) || (x->cert_info == NULL)) return(0);
- return(X509_NAME_set(&x->cert_info->subject,name));
- }
-
-int X509_set_notBefore(X509 *x, ASN1_TIME *tm)
- {
- ASN1_TIME *in;
-
- if ((x == NULL) || (x->cert_info->validity == NULL)) return(0);
- in=x->cert_info->validity->notBefore;
- if (in != tm)
- {
- in=M_ASN1_TIME_dup(tm);
- if (in != NULL)
- {
- M_ASN1_TIME_free(x->cert_info->validity->notBefore);
- x->cert_info->validity->notBefore=in;
- }
- }
- return(in != NULL);
- }
-
-int X509_set_notAfter(X509 *x, ASN1_TIME *tm)
- {
- ASN1_TIME *in;
-
- if ((x == NULL) || (x->cert_info->validity == NULL)) return(0);
- in=x->cert_info->validity->notAfter;
- if (in != tm)
- {
- in=M_ASN1_TIME_dup(tm);
- if (in != NULL)
- {
- M_ASN1_TIME_free(x->cert_info->validity->notAfter);
- x->cert_info->validity->notAfter=in;
- }
- }
- return(in != NULL);
- }
-
-int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
- {
- if ((x == NULL) || (x->cert_info == NULL)) return(0);
- return(X509_PUBKEY_set(&(x->cert_info->key),pkey));
- }
-
-
-
diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c
deleted file mode 100644
index 86b3b79dcc..0000000000
--- a/src/lib/libcrypto/x509/x509_trs.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/* x509_trs.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-
-
-static int tr_cmp(const X509_TRUST * const *a,
- const X509_TRUST * const *b);
-static void trtable_free(X509_TRUST *p);
-
-static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
-static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
-
-static int obj_trust(int id, X509 *x, int flags);
-static int (*default_trust)(int id, X509 *x, int flags) = obj_trust;
-
-/* WARNING: the following table should be kept in order of trust
- * and without any gaps so we can just subtract the minimum trust
- * value to get an index into the table
- */
-
-static X509_TRUST trstandard[] = {
-{X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL},
-{X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL},
-{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Client", NID_server_auth, NULL},
-{X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL},
-};
-
-#define X509_TRUST_COUNT (sizeof(trstandard)/sizeof(X509_TRUST))
-
-IMPLEMENT_STACK_OF(X509_TRUST)
-
-static STACK_OF(X509_TRUST) *trtable = NULL;
-
-static int tr_cmp(const X509_TRUST * const *a,
- const X509_TRUST * const *b)
-{
- return (*a)->trust - (*b)->trust;
-}
-
-int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int)
-{
-int (*oldtrust)(int , X509 *, int);
-oldtrust = default_trust;
-default_trust = trust;
-return oldtrust;
-}
-
-
-int X509_check_trust(X509 *x, int id, int flags)
-{
- X509_TRUST *pt;
- int idx;
- if(id == -1) return 1;
- idx = X509_TRUST_get_by_id(id);
- if(idx == -1) return default_trust(id, x, flags);
- pt = X509_TRUST_get0(idx);
- return pt->check_trust(pt, x, flags);
-}
-
-int X509_TRUST_get_count(void)
-{
- if(!trtable) return X509_TRUST_COUNT;
- return sk_X509_TRUST_num(trtable) + X509_TRUST_COUNT;
-}
-
-X509_TRUST * X509_TRUST_get0(int idx)
-{
- if(idx < 0) return NULL;
- if(idx < X509_TRUST_COUNT) return trstandard + idx;
- return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT);
-}
-
-int X509_TRUST_get_by_id(int id)
-{
- X509_TRUST tmp;
- int idx;
- if((id >= X509_TRUST_MIN) && (id <= X509_TRUST_MAX))
- return id - X509_TRUST_MIN;
- tmp.trust = id;
- if(!trtable) return -1;
- idx = sk_X509_TRUST_find(trtable, &tmp);
- if(idx == -1) return -1;
- return idx + X509_TRUST_COUNT;
-}
-
-int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
- char *name, int arg1, void *arg2)
-{
- int idx;
- X509_TRUST *trtmp;
- /* This is set according to what we change: application can't set it */
- flags &= ~X509_TRUST_DYNAMIC;
- /* This will always be set for application modified trust entries */
- flags |= X509_TRUST_DYNAMIC_NAME;
- /* Get existing entry if any */
- idx = X509_TRUST_get_by_id(id);
- /* Need a new entry */
- if(idx == -1) {
- if(!(trtmp = OPENSSL_malloc(sizeof(X509_TRUST)))) {
- X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- trtmp->flags = X509_TRUST_DYNAMIC;
- } else trtmp = X509_TRUST_get0(idx);
-
- /* OPENSSL_free existing name if dynamic */
- if(trtmp->flags & X509_TRUST_DYNAMIC_NAME) OPENSSL_free(trtmp->name);
- /* dup supplied name */
- if(!(trtmp->name = BUF_strdup(name))) {
- X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- /* Keep the dynamic flag of existing entry */
- trtmp->flags &= X509_TRUST_DYNAMIC;
- /* Set all other flags */
- trtmp->flags |= flags;
-
- trtmp->trust = id;
- trtmp->check_trust = ck;
- trtmp->arg1 = arg1;
- trtmp->arg2 = arg2;
-
- /* If its a new entry manage the dynamic table */
- if(idx == -1) {
- if(!trtable && !(trtable = sk_X509_TRUST_new(tr_cmp))) {
- X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (!sk_X509_TRUST_push(trtable, trtmp)) {
- X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- }
- return 1;
-}
-
-static void trtable_free(X509_TRUST *p)
- {
- if(!p) return;
- if (p->flags & X509_TRUST_DYNAMIC)
- {
- if (p->flags & X509_TRUST_DYNAMIC_NAME)
- OPENSSL_free(p->name);
- OPENSSL_free(p);
- }
- }
-
-void X509_TRUST_cleanup(void)
-{
- int i;
- for(i = 0; i < X509_TRUST_COUNT; i++) trtable_free(trstandard + i);
- sk_X509_TRUST_pop_free(trtable, trtable_free);
- trtable = NULL;
-}
-
-int X509_TRUST_get_flags(X509_TRUST *xp)
-{
- return xp->flags;
-}
-
-char *X509_TRUST_get0_name(X509_TRUST *xp)
-{
- return xp->name;
-}
-
-int X509_TRUST_get_trust(X509_TRUST *xp)
-{
- return xp->trust;
-}
-
-static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags)
-{
- if(x->aux && (x->aux->trust || x->aux->reject))
- return obj_trust(trust->arg1, x, flags);
- /* we don't have any trust settings: for compatibility
- * we return trusted if it is self signed
- */
- return trust_compat(trust, x, flags);
-}
-
-static int trust_compat(X509_TRUST *trust, X509 *x, int flags)
-{
- X509_check_purpose(x, -1, 0);
- if(x->ex_flags & EXFLAG_SS) return X509_TRUST_TRUSTED;
- else return X509_TRUST_UNTRUSTED;
-}
-
-static int obj_trust(int id, X509 *x, int flags)
-{
- ASN1_OBJECT *obj;
- int i;
- X509_CERT_AUX *ax;
- ax = x->aux;
- if(!ax) return X509_TRUST_UNTRUSTED;
- if(ax->reject) {
- for(i = 0; i < sk_ASN1_OBJECT_num(ax->reject); i++) {
- obj = sk_ASN1_OBJECT_value(ax->reject, i);
- if(OBJ_obj2nid(obj) == id) return X509_TRUST_REJECTED;
- }
- }
- if(ax->trust) {
- for(i = 0; i < sk_ASN1_OBJECT_num(ax->trust); i++) {
- obj = sk_ASN1_OBJECT_value(ax->trust, i);
- if(OBJ_obj2nid(obj) == id) return X509_TRUST_TRUSTED;
- }
- }
- return X509_TRUST_UNTRUSTED;
-}
-
diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c
deleted file mode 100644
index cfb478d4bc..0000000000
--- a/src/lib/libcrypto/x509/x509_txt.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* crypto/x509/x509_txt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-
-const char *X509_verify_cert_error_string(long n)
- {
- static char buf[100];
-
- switch ((int)n)
- {
- case X509_V_OK:
- return("ok");
- case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
- return("unable to get issuer certificate");
- case X509_V_ERR_UNABLE_TO_GET_CRL:
- return("unable to get certificate CRL");
- case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
- return("unable to decrypt certificate's signature");
- case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
- return("unable to decrypt CRL's's signature");
- case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
- return("unable to decode issuer public key");
- case X509_V_ERR_CERT_SIGNATURE_FAILURE:
- return("certificate signature failure");
- case X509_V_ERR_CRL_SIGNATURE_FAILURE:
- return("CRL signature failure");
- case X509_V_ERR_CERT_NOT_YET_VALID:
- return("certificate is not yet valid");
- case X509_V_ERR_CRL_NOT_YET_VALID:
- return("CRL is not yet valid");
- case X509_V_ERR_CERT_HAS_EXPIRED:
- return("Certificate has expired");
- case X509_V_ERR_CRL_HAS_EXPIRED:
- return("CRL has expired");
- case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
- return("format error in certificate's notBefore field");
- case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
- return("format error in certificate's notAfter field");
- case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
- return("format error in CRL's lastUpdate field");
- case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
- return("format error in CRL's nextUpdate field");
- case X509_V_ERR_OUT_OF_MEM:
- return("out of memory");
- case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
- return("self signed certificate");
- case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
- return("self signed certificate in certificate chain");
- case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
- return("unable to get local issuer certificate");
- case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
- return("unable to verify the first certificate");
- case X509_V_ERR_CERT_CHAIN_TOO_LONG:
- return("certificate chain too long");
- case X509_V_ERR_CERT_REVOKED:
- return("certificate revoked");
- case X509_V_ERR_INVALID_CA:
- return ("invalid CA certificate");
- case X509_V_ERR_PATH_LENGTH_EXCEEDED:
- return ("path length constraint exceeded");
- case X509_V_ERR_INVALID_PURPOSE:
- return ("unsupported certificate purpose");
- case X509_V_ERR_CERT_UNTRUSTED:
- return ("certificate not trusted");
- case X509_V_ERR_CERT_REJECTED:
- return ("certificate rejected");
- case X509_V_ERR_APPLICATION_VERIFICATION:
- return("application verification failure");
- case X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
- return("subject issuer mismatch");
- case X509_V_ERR_AKID_SKID_MISMATCH:
- return("authority and subject key identifier mismatch");
- case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:
- return("authority and issuer serial number mismatch");
- case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
- return("key usage does not include certificate signing");
-
- default:
- sprintf(buf,"error number %ld",n);
- return(buf);
- }
- }
-
-
diff --git a/src/lib/libcrypto/x509/x509_v3.c b/src/lib/libcrypto/x509/x509_v3.c
deleted file mode 100644
index 52887986fe..0000000000
--- a/src/lib/libcrypto/x509/x509_v3.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/* crypto/x509/x509_v3.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)
- {
- if (x == NULL) return(0);
- return(sk_X509_EXTENSION_num(x));
- }
-
-int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid,
- int lastpos)
- {
- ASN1_OBJECT *obj;
-
- obj=OBJ_nid2obj(nid);
- if (obj == NULL) return(-2);
- return(X509v3_get_ext_by_OBJ(x,obj,lastpos));
- }
-
-int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk, ASN1_OBJECT *obj,
- int lastpos)
- {
- int n;
- X509_EXTENSION *ex;
-
- if (sk == NULL) return(-1);
- lastpos++;
- if (lastpos < 0)
- lastpos=0;
- n=sk_X509_EXTENSION_num(sk);
- for ( ; lastpos < n; lastpos++)
- {
- ex=sk_X509_EXTENSION_value(sk,lastpos);
- if (OBJ_cmp(ex->object,obj) == 0)
- return(lastpos);
- }
- return(-1);
- }
-
-int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
- int lastpos)
- {
- int n;
- X509_EXTENSION *ex;
-
- if (sk == NULL) return(-1);
- lastpos++;
- if (lastpos < 0)
- lastpos=0;
- n=sk_X509_EXTENSION_num(sk);
- for ( ; lastpos < n; lastpos++)
- {
- ex=sk_X509_EXTENSION_value(sk,lastpos);
- if ( (ex->critical && crit) ||
- (!ex->critical && !crit))
- return(lastpos);
- }
- return(-1);
- }
-
-X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc)
- {
- if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
- return NULL;
- else
- return sk_X509_EXTENSION_value(x,loc);
- }
-
-X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc)
- {
- X509_EXTENSION *ret;
-
- if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
- return(NULL);
- ret=sk_X509_EXTENSION_delete(x,loc);
- return(ret);
- }
-
-STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
- X509_EXTENSION *ex, int loc)
- {
- X509_EXTENSION *new_ex=NULL;
- int n;
- STACK_OF(X509_EXTENSION) *sk=NULL;
-
- if ((x != NULL) && (*x == NULL))
- {
- if ((sk=sk_X509_EXTENSION_new_null()) == NULL)
- goto err;
- }
- else
- sk= *x;
-
- n=sk_X509_EXTENSION_num(sk);
- if (loc > n) loc=n;
- else if (loc < 0) loc=n;
-
- if ((new_ex=X509_EXTENSION_dup(ex)) == NULL)
- goto err2;
- if (!sk_X509_EXTENSION_insert(sk,new_ex,loc))
- goto err;
- if ((x != NULL) && (*x == NULL))
- *x=sk;
- return(sk);
-err:
- X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE);
-err2:
- if (new_ex != NULL) X509_EXTENSION_free(new_ex);
- if (sk != NULL) sk_X509_EXTENSION_free(sk);
- return(NULL);
- }
-
-X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid,
- int crit, ASN1_OCTET_STRING *data)
- {
- ASN1_OBJECT *obj;
- X509_EXTENSION *ret;
-
- obj=OBJ_nid2obj(nid);
- if (obj == NULL)
- {
- X509err(X509_F_X509_EXTENSION_CREATE_BY_NID,X509_R_UNKNOWN_NID);
- return(NULL);
- }
- ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data);
- if (ret == NULL) ASN1_OBJECT_free(obj);
- return(ret);
- }
-
-X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
- ASN1_OBJECT *obj, int crit, ASN1_OCTET_STRING *data)
- {
- X509_EXTENSION *ret;
-
- if ((ex == NULL) || (*ex == NULL))
- {
- if ((ret=X509_EXTENSION_new()) == NULL)
- {
- X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- }
- else
- ret= *ex;
-
- if (!X509_EXTENSION_set_object(ret,obj))
- goto err;
- if (!X509_EXTENSION_set_critical(ret,crit))
- goto err;
- if (!X509_EXTENSION_set_data(ret,data))
- goto err;
-
- if ((ex != NULL) && (*ex == NULL)) *ex=ret;
- return(ret);
-err:
- if ((ex == NULL) || (ret != *ex))
- X509_EXTENSION_free(ret);
- return(NULL);
- }
-
-int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj)
- {
- if ((ex == NULL) || (obj == NULL))
- return(0);
- ASN1_OBJECT_free(ex->object);
- ex->object=OBJ_dup(obj);
- return(1);
- }
-
-int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
- {
- if (ex == NULL) return(0);
- ex->critical=(crit)?0xFF:0;
- return(1);
- }
-
-int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data)
- {
- int i;
-
- if (ex == NULL) return(0);
- i=M_ASN1_OCTET_STRING_set(ex->value,data->data,data->length);
- if (!i) return(0);
- return(1);
- }
-
-ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex)
- {
- if (ex == NULL) return(NULL);
- return(ex->object);
- }
-
-ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex)
- {
- if (ex == NULL) return(NULL);
- return(ex->value);
- }
-
-int X509_EXTENSION_get_critical(X509_EXTENSION *ex)
- {
- if (ex == NULL) return(0);
- return(ex->critical);
- }
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
deleted file mode 100644
index 0f4110cc64..0000000000
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ /dev/null
@@ -1,920 +0,0 @@
-/* crypto/x509/x509_vfy.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/objects.h>
-
-static int null_callback(int ok,X509_STORE_CTX *e);
-static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
-static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
-static int check_chain_purpose(X509_STORE_CTX *ctx);
-static int check_trust(X509_STORE_CTX *ctx);
-static int internal_verify(X509_STORE_CTX *ctx);
-const char *X509_version="X.509" OPENSSL_VERSION_PTEXT;
-
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_store_ctx_method=NULL;
-static int x509_store_ctx_num=0;
-#if 0
-static int x509_store_num=1;
-static STACK *x509_store_method=NULL;
-#endif
-
-static int null_callback(int ok, X509_STORE_CTX *e)
- {
- return ok;
- }
-
-#if 0
-static int x509_subject_cmp(X509 **a, X509 **b)
- {
- return X509_subject_name_cmp(*a,*b);
- }
-#endif
-
-int X509_verify_cert(X509_STORE_CTX *ctx)
- {
- X509 *x,*xtmp,*chain_ss=NULL;
- X509_NAME *xn;
- int depth,i,ok=0;
- int num;
- int (*cb)();
- STACK_OF(X509) *sktmp=NULL;
-
- if (ctx->cert == NULL)
- {
- X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
- return -1;
- }
-
- cb=ctx->verify_cb;
- if (cb == NULL) cb=null_callback;
-
- /* first we make sure the chain we are going to build is
- * present and that the first entry is in place */
- if (ctx->chain == NULL)
- {
- if ( ((ctx->chain=sk_X509_new_null()) == NULL) ||
- (!sk_X509_push(ctx->chain,ctx->cert)))
- {
- X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
- goto end;
- }
- CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509);
- ctx->last_untrusted=1;
- }
-
- /* We use a temporary STACK so we can chop and hack at it */
- if (ctx->untrusted != NULL
- && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL)
- {
- X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
- goto end;
- }
-
- num=sk_X509_num(ctx->chain);
- x=sk_X509_value(ctx->chain,num-1);
- depth=ctx->depth;
-
-
- for (;;)
- {
- /* If we have enough, we break */
- if (depth < num) break; /* FIXME: If this happens, we should take
- * note of it and, if appropriate, use the
- * X509_V_ERR_CERT_CHAIN_TOO_LONG error
- * code later.
- */
-
- /* If we are self signed, we break */
- xn=X509_get_issuer_name(x);
- if (ctx->check_issued(ctx, x,x)) break;
-
- /* If we were passed a cert chain, use it first */
- if (ctx->untrusted != NULL)
- {
- xtmp=find_issuer(ctx, sktmp,x);
- if (xtmp != NULL)
- {
- if (!sk_X509_push(ctx->chain,xtmp))
- {
- X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
- goto end;
- }
- CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
- sk_X509_delete_ptr(sktmp,xtmp);
- ctx->last_untrusted++;
- x=xtmp;
- num++;
- /* reparse the full chain for
- * the next one */
- continue;
- }
- }
- break;
- }
-
- /* at this point, chain should contain a list of untrusted
- * certificates. We now need to add at least one trusted one,
- * if possible, otherwise we complain. */
-
- /* Examine last certificate in chain and see if it
- * is self signed.
- */
-
- i=sk_X509_num(ctx->chain);
- x=sk_X509_value(ctx->chain,i-1);
- xn = X509_get_subject_name(x);
- if (ctx->check_issued(ctx, x, x))
- {
- /* we have a self signed certificate */
- if (sk_X509_num(ctx->chain) == 1)
- {
- /* We have a single self signed certificate: see if
- * we can find it in the store. We must have an exact
- * match to avoid possible impersonation.
- */
- ok = ctx->get_issuer(&xtmp, ctx, x);
- if ((ok <= 0) || X509_cmp(x, xtmp))
- {
- ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
- ctx->current_cert=x;
- ctx->error_depth=i-1;
- if (ok == 1) X509_free(xtmp);
- ok=cb(0,ctx);
- if (!ok) goto end;
- }
- else
- {
- /* We have a match: replace certificate with store version
- * so we get any trust settings.
- */
- X509_free(x);
- x = xtmp;
- sk_X509_set(ctx->chain, i - 1, x);
- ctx->last_untrusted=0;
- }
- }
- else
- {
- /* extract and save self signed certificate for later use */
- chain_ss=sk_X509_pop(ctx->chain);
- ctx->last_untrusted--;
- num--;
- x=sk_X509_value(ctx->chain,num-1);
- }
- }
-
- /* We now lookup certs from the certificate store */
- for (;;)
- {
- /* If we have enough, we break */
- if (depth < num) break;
-
- /* If we are self signed, we break */
- xn=X509_get_issuer_name(x);
- if (ctx->check_issued(ctx,x,x)) break;
-
- ok = ctx->get_issuer(&xtmp, ctx, x);
-
- if (ok < 0) return ok;
- if (ok == 0) break;
-
- x = xtmp;
- if (!sk_X509_push(ctx->chain,x))
- {
- X509_free(xtmp);
- X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- num++;
- }
-
- /* we now have our chain, lets check it... */
- xn=X509_get_issuer_name(x);
-
- /* Is last certificate looked up self signed? */
- if (!ctx->check_issued(ctx,x,x))
- {
- if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss))
- {
- if (ctx->last_untrusted >= num)
- ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
- else
- ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
- ctx->current_cert=x;
- }
- else
- {
-
- sk_X509_push(ctx->chain,chain_ss);
- num++;
- ctx->last_untrusted=num;
- ctx->current_cert=chain_ss;
- ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
- chain_ss=NULL;
- }
-
- ctx->error_depth=num-1;
- ok=cb(0,ctx);
- if (!ok) goto end;
- }
-
- /* We have the chain complete: now we need to check its purpose */
- if (ctx->purpose > 0) ok = check_chain_purpose(ctx);
-
- if (!ok) goto end;
-
- /* The chain extensions are OK: check trust */
-
- if (ctx->trust > 0) ok = check_trust(ctx);
-
- if (!ok) goto end;
-
- /* We may as well copy down any DSA parameters that are required */
- X509_get_pubkey_parameters(NULL,ctx->chain);
-
- /* At this point, we have a chain and just need to verify it */
- if (ctx->verify != NULL)
- ok=ctx->verify(ctx);
- else
- ok=internal_verify(ctx);
- if (0)
- {
-end:
- X509_get_pubkey_parameters(NULL,ctx->chain);
- }
- if (sktmp != NULL) sk_X509_free(sktmp);
- if (chain_ss != NULL) X509_free(chain_ss);
- return ok;
- }
-
-
-/* Given a STACK_OF(X509) find the issuer of cert (if any)
- */
-
-static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
-{
- int i;
- X509 *issuer;
- for (i = 0; i < sk_X509_num(sk); i++)
- {
- issuer = sk_X509_value(sk, i);
- if (ctx->check_issued(ctx, x, issuer))
- return issuer;
- }
- return NULL;
-}
-
-/* Given a possible certificate and issuer check them */
-
-static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
-{
- int ret;
- ret = X509_check_issued(issuer, x);
- if (ret == X509_V_OK)
- return 1;
- /* If we haven't asked for issuer errors don't set ctx */
- if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK))
- return 0;
-
- ctx->error = ret;
- ctx->current_cert = x;
- ctx->current_issuer = issuer;
- if (ctx->verify_cb)
- return ctx->verify_cb(0, ctx);
- return 0;
-}
-
-/* Alternative lookup method: look from a STACK stored in other_ctx */
-
-static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
-{
- *issuer = find_issuer(ctx, ctx->other_ctx, x);
- if (*issuer)
- {
- CRYPTO_add(&(*issuer)->references,1,CRYPTO_LOCK_X509);
- return 1;
- }
- else
- return 0;
-}
-
-
-/* Check a certificate chains extensions for consistency
- * with the supplied purpose
- */
-
-static int check_chain_purpose(X509_STORE_CTX *ctx)
-{
-#ifdef NO_CHAIN_VERIFY
- return 1;
-#else
- int i, ok=0;
- X509 *x;
- int (*cb)();
- cb=ctx->verify_cb;
- if (cb == NULL) cb=null_callback;
- /* Check all untrusted certificates */
- for (i = 0; i < ctx->last_untrusted; i++)
- {
- x = sk_X509_value(ctx->chain, i);
- if (!X509_check_purpose(x, ctx->purpose, i))
- {
- if (i)
- ctx->error = X509_V_ERR_INVALID_CA;
- else
- ctx->error = X509_V_ERR_INVALID_PURPOSE;
- ctx->error_depth = i;
- ctx->current_cert = x;
- ok=cb(0,ctx);
- if (!ok) goto end;
- }
- /* Check pathlen */
- if ((i > 1) && (x->ex_pathlen != -1)
- && (i > (x->ex_pathlen + 1)))
- {
- ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
- ctx->error_depth = i;
- ctx->current_cert = x;
- ok=cb(0,ctx);
- if (!ok) goto end;
- }
- }
- ok = 1;
- end:
- return ok;
-#endif
-}
-
-static int check_trust(X509_STORE_CTX *ctx)
-{
-#ifdef NO_CHAIN_VERIFY
- return 1;
-#else
- int i, ok;
- X509 *x;
- int (*cb)();
- cb=ctx->verify_cb;
- if (cb == NULL) cb=null_callback;
-/* For now just check the last certificate in the chain */
- i = sk_X509_num(ctx->chain) - 1;
- x = sk_X509_value(ctx->chain, i);
- ok = X509_check_trust(x, ctx->trust, 0);
- if (ok == X509_TRUST_TRUSTED)
- return 1;
- ctx->error_depth = sk_X509_num(ctx->chain) - 1;
- ctx->current_cert = x;
- if (ok == X509_TRUST_REJECTED)
- ctx->error = X509_V_ERR_CERT_REJECTED;
- else
- ctx->error = X509_V_ERR_CERT_UNTRUSTED;
- ok = cb(0, ctx);
- return ok;
-#endif
-}
-
-static int internal_verify(X509_STORE_CTX *ctx)
- {
- int i,ok=0,n;
- X509 *xs,*xi;
- EVP_PKEY *pkey=NULL;
- time_t *ptime;
- int (*cb)();
-
- cb=ctx->verify_cb;
- if (cb == NULL) cb=null_callback;
-
- n=sk_X509_num(ctx->chain);
- ctx->error_depth=n-1;
- n--;
- xi=sk_X509_value(ctx->chain,n);
- if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME)
- ptime = &ctx->check_time;
- else
- ptime = NULL;
- if (ctx->check_issued(ctx, xi, xi))
- xs=xi;
- else
- {
- if (n <= 0)
- {
- ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
- ctx->current_cert=xi;
- ok=cb(0,ctx);
- goto end;
- }
- else
- {
- n--;
- ctx->error_depth=n;
- xs=sk_X509_value(ctx->chain,n);
- }
- }
-
-/* ctx->error=0; not needed */
- while (n >= 0)
- {
- ctx->error_depth=n;
- if (!xs->valid)
- {
- if ((pkey=X509_get_pubkey(xi)) == NULL)
- {
- ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
- ctx->current_cert=xi;
- ok=(*cb)(0,ctx);
- if (!ok) goto end;
- }
- if (X509_verify(xs,pkey) <= 0)
- {
- ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
- ctx->current_cert=xs;
- ok=(*cb)(0,ctx);
- if (!ok)
- {
- EVP_PKEY_free(pkey);
- goto end;
- }
- }
- EVP_PKEY_free(pkey);
- pkey=NULL;
-
- i=X509_cmp_time(X509_get_notBefore(xs), ptime);
- if (i == 0)
- {
- ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
- ctx->current_cert=xs;
- ok=(*cb)(0,ctx);
- if (!ok) goto end;
- }
- if (i > 0)
- {
- ctx->error=X509_V_ERR_CERT_NOT_YET_VALID;
- ctx->current_cert=xs;
- ok=(*cb)(0,ctx);
- if (!ok) goto end;
- }
- xs->valid=1;
- }
-
- i=X509_cmp_time(X509_get_notAfter(xs), ptime);
- if (i == 0)
- {
- ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
- ctx->current_cert=xs;
- ok=(*cb)(0,ctx);
- if (!ok) goto end;
- }
-
- if (i < 0)
- {
- ctx->error=X509_V_ERR_CERT_HAS_EXPIRED;
- ctx->current_cert=xs;
- ok=(*cb)(0,ctx);
- if (!ok) goto end;
- }
-
- /* CRL CHECK */
-
- /* The last error (if any) is still in the error value */
- ctx->current_cert=xs;
- ok=(*cb)(1,ctx);
- if (!ok) goto end;
-
- n--;
- if (n >= 0)
- {
- xi=xs;
- xs=sk_X509_value(ctx->chain,n);
- }
- }
- ok=1;
-end:
- return ok;
- }
-
-int X509_cmp_current_time(ASN1_TIME *ctm)
-{
- return X509_cmp_time(ctm, NULL);
-}
-
-int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
- {
- char *str;
- ASN1_TIME atm;
- time_t offset;
- char buff1[24],buff2[24],*p;
- int i,j;
-
- p=buff1;
- i=ctm->length;
- str=(char *)ctm->data;
- if (ctm->type == V_ASN1_UTCTIME)
- {
- if ((i < 11) || (i > 17)) return 0;
- memcpy(p,str,10);
- p+=10;
- str+=10;
- }
- else
- {
- if (i < 13) return 0;
- memcpy(p,str,12);
- p+=12;
- str+=12;
- }
-
- if ((*str == 'Z') || (*str == '-') || (*str == '+'))
- { *(p++)='0'; *(p++)='0'; }
- else
- {
- *(p++)= *(str++);
- *(p++)= *(str++);
- /* Skip any fractional seconds... */
- if (*str == '.')
- {
- str++;
- while ((*str >= '0') && (*str <= '9')) str++;
- }
-
- }
- *(p++)='Z';
- *(p++)='\0';
-
- if (*str == 'Z')
- offset=0;
- else
- {
- if ((*str != '+') && (str[5] != '-'))
- return 0;
- offset=((str[1]-'0')*10+(str[2]-'0'))*60;
- offset+=(str[3]-'0')*10+(str[4]-'0');
- if (*str == '-')
- offset= -offset;
- }
- atm.type=ctm->type;
- atm.length=sizeof(buff2);
- atm.data=(unsigned char *)buff2;
-
- X509_time_adj(&atm,-offset*60, cmp_time);
-
- if (ctm->type == V_ASN1_UTCTIME)
- {
- i=(buff1[0]-'0')*10+(buff1[1]-'0');
- if (i < 50) i+=100; /* cf. RFC 2459 */
- j=(buff2[0]-'0')*10+(buff2[1]-'0');
- if (j < 50) j+=100;
-
- if (i < j) return -1;
- if (i > j) return 1;
- }
- i=strcmp(buff1,buff2);
- if (i == 0) /* wait a second then return younger :-) */
- return -1;
- else
- return i;
- }
-
-ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
-{
- return X509_time_adj(s, adj, NULL);
-}
-
-ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm)
- {
- time_t t;
-
- if (in_tm) t = *in_tm;
- else time(&t);
-
- t+=adj;
- if (!s) return ASN1_TIME_set(s, t);
- if (s->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t);
- return ASN1_GENERALIZEDTIME_set(s, t);
- }
-
-int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
- {
- EVP_PKEY *ktmp=NULL,*ktmp2;
- int i,j;
-
- if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return 1;
-
- for (i=0; i<sk_X509_num(chain); i++)
- {
- ktmp=X509_get_pubkey(sk_X509_value(chain,i));
- if (ktmp == NULL)
- {
- X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
- return 0;
- }
- if (!EVP_PKEY_missing_parameters(ktmp))
- break;
- else
- {
- EVP_PKEY_free(ktmp);
- ktmp=NULL;
- }
- }
- if (ktmp == NULL)
- {
- X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
- return 0;
- }
-
- /* first, populate the other certs */
- for (j=i-1; j >= 0; j--)
- {
- ktmp2=X509_get_pubkey(sk_X509_value(chain,j));
- EVP_PKEY_copy_parameters(ktmp2,ktmp);
- EVP_PKEY_free(ktmp2);
- }
-
- if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp);
- EVP_PKEY_free(ktmp);
- return 1;
- }
-
-int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
- {
- x509_store_ctx_num++;
- return CRYPTO_get_ex_new_index(x509_store_ctx_num-1,
- &x509_store_ctx_method,
- argl,argp,new_func,dup_func,free_func);
- }
-
-int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
- {
- return CRYPTO_set_ex_data(&ctx->ex_data,idx,data);
- }
-
-void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
- {
- return CRYPTO_get_ex_data(&ctx->ex_data,idx);
- }
-
-int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
- {
- return ctx->error;
- }
-
-void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
- {
- ctx->error=err;
- }
-
-int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
- {
- return ctx->error_depth;
- }
-
-X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
- {
- return ctx->current_cert;
- }
-
-STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
- {
- return ctx->chain;
- }
-
-STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
- {
- int i;
- X509 *x;
- STACK_OF(X509) *chain;
- if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL;
- for (i = 0; i < sk_X509_num(chain); i++)
- {
- x = sk_X509_value(chain, i);
- CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
- }
- return chain;
- }
-
-void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
- {
- ctx->cert=x;
- }
-
-void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
- {
- ctx->untrusted=sk;
- }
-
-int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
- {
- return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
- }
-
-int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust)
- {
- return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);
- }
-
-/* This function is used to set the X509_STORE_CTX purpose and trust
- * values. This is intended to be used when another structure has its
- * own trust and purpose values which (if set) will be inherited by
- * the ctx. If they aren't set then we will usually have a default
- * purpose in mind which should then be used to set the trust value.
- * An example of this is SSL use: an SSL structure will have its own
- * purpose and trust settings which the application can set: if they
- * aren't set then we use the default of SSL client/server.
- */
-
-int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
- int purpose, int trust)
-{
- int idx;
- /* If purpose not set use default */
- if (!purpose) purpose = def_purpose;
- /* If we have a purpose then check it is valid */
- if (purpose)
- {
- X509_PURPOSE *ptmp;
- idx = X509_PURPOSE_get_by_id(purpose);
- if (idx == -1)
- {
- X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
- X509_R_UNKNOWN_PURPOSE_ID);
- return 0;
- }
- ptmp = X509_PURPOSE_get0(idx);
- if (ptmp->trust == X509_TRUST_DEFAULT)
- {
- idx = X509_PURPOSE_get_by_id(def_purpose);
- if (idx == -1)
- {
- X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
- X509_R_UNKNOWN_PURPOSE_ID);
- return 0;
- }
- ptmp = X509_PURPOSE_get0(idx);
- }
- /* If trust not set then get from purpose default */
- if (!trust) trust = ptmp->trust;
- }
- if (trust)
- {
- idx = X509_TRUST_get_by_id(trust);
- if (idx == -1)
- {
- X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
- X509_R_UNKNOWN_TRUST_ID);
- return 0;
- }
- }
-
- if (purpose) ctx->purpose = purpose;
- if (trust) ctx->trust = trust;
- return 1;
-}
-
-X509_STORE_CTX *X509_STORE_CTX_new(void)
-{
- X509_STORE_CTX *ctx;
- ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX));
- if (ctx) memset(ctx, 0, sizeof(X509_STORE_CTX));
- return ctx;
-}
-
-void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
-{
- X509_STORE_CTX_cleanup(ctx);
- OPENSSL_free(ctx);
-}
-
-void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
- STACK_OF(X509) *chain)
- {
- ctx->ctx=store;
- ctx->current_method=0;
- ctx->cert=x509;
- ctx->untrusted=chain;
- ctx->last_untrusted=0;
- ctx->purpose=0;
- ctx->trust=0;
- ctx->check_time=0;
- ctx->flags=0;
- ctx->other_ctx=NULL;
- ctx->valid=0;
- ctx->chain=NULL;
- ctx->depth=9;
- ctx->error=0;
- ctx->error_depth=0;
- ctx->current_cert=NULL;
- ctx->current_issuer=NULL;
- ctx->check_issued = check_issued;
- ctx->get_issuer = X509_STORE_CTX_get1_issuer;
- ctx->verify_cb = store->verify_cb;
- ctx->verify = store->verify;
- ctx->cleanup = 0;
- memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA));
- }
-
-/* Set alternative lookup method: just a STACK of trusted certificates.
- * This avoids X509_STORE nastiness where it isn't needed.
- */
-
-void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
-{
- ctx->other_ctx = sk;
- ctx->get_issuer = get_issuer_sk;
-}
-
-void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
- {
- if (ctx->cleanup) ctx->cleanup(ctx);
- if (ctx->chain != NULL)
- {
- sk_X509_pop_free(ctx->chain,X509_free);
- ctx->chain=NULL;
- }
- CRYPTO_free_ex_data(x509_store_ctx_method,ctx,&(ctx->ex_data));
- memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
- }
-
-void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags)
- {
- ctx->flags |= flags;
- }
-
-void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t)
- {
- ctx->check_time = t;
- ctx->flags |= X509_V_FLAG_USE_CHECK_TIME;
- }
-
-IMPLEMENT_STACK_OF(X509)
-IMPLEMENT_ASN1_SET_OF(X509)
-
-IMPLEMENT_STACK_OF(X509_NAME)
-
-IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
-IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
deleted file mode 100644
index e289d5309a..0000000000
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ /dev/null
@@ -1,390 +0,0 @@
-/* crypto/x509/x509_vfy.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_X509_H
-#include <openssl/x509.h>
-/* openssl/x509.h ends up #include-ing this file at about the only
- * appropriate moment. */
-#endif
-
-#ifndef HEADER_X509_VFY_H
-#define HEADER_X509_VFY_H
-
-#ifndef NO_LHASH
-#include <openssl/lhash.h>
-#endif
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Outer object */
-typedef struct x509_hash_dir_st
- {
- int num_dirs;
- char **dirs;
- int *dirs_type;
- int num_dirs_alloced;
- } X509_HASH_DIR_CTX;
-
-typedef struct x509_file_st
- {
- int num_paths; /* number of paths to files or directories */
- int num_alloced;
- char **paths; /* the list of paths or directories */
- int *path_type;
- } X509_CERT_FILE_CTX;
-
-/*******************************/
-/*
-SSL_CTX -> X509_STORE
- -> X509_LOOKUP
- ->X509_LOOKUP_METHOD
- -> X509_LOOKUP
- ->X509_LOOKUP_METHOD
-
-SSL -> X509_STORE_CTX
- ->X509_STORE
-
-The X509_STORE holds the tables etc for verification stuff.
-A X509_STORE_CTX is used while validating a single certificate.
-The X509_STORE has X509_LOOKUPs for looking up certs.
-The X509_STORE then calls a function to actually verify the
-certificate chain.
-*/
-
-#define X509_LU_RETRY -1
-#define X509_LU_FAIL 0
-#define X509_LU_X509 1
-#define X509_LU_CRL 2
-#define X509_LU_PKEY 3
-
-typedef struct x509_object_st
- {
- /* one of the above types */
- int type;
- union {
- char *ptr;
- X509 *x509;
- X509_CRL *crl;
- EVP_PKEY *pkey;
- } data;
- } X509_OBJECT;
-
-typedef struct x509_lookup_st X509_LOOKUP;
-
-DECLARE_STACK_OF(X509_LOOKUP)
-DECLARE_STACK_OF(X509_OBJECT)
-
-/* This is a static that defines the function interface */
-typedef struct x509_lookup_method_st
- {
- const char *name;
- int (*new_item)(X509_LOOKUP *ctx);
- void (*free)(X509_LOOKUP *ctx);
- int (*init)(X509_LOOKUP *ctx);
- int (*shutdown)(X509_LOOKUP *ctx);
- int (*ctrl)(X509_LOOKUP *ctx,int cmd,const char *argc,long argl,
- char **ret);
- int (*get_by_subject)(X509_LOOKUP *ctx,int type,X509_NAME *name,
- X509_OBJECT *ret);
- int (*get_by_issuer_serial)(X509_LOOKUP *ctx,int type,X509_NAME *name,
- ASN1_INTEGER *serial,X509_OBJECT *ret);
- int (*get_by_fingerprint)(X509_LOOKUP *ctx,int type,
- unsigned char *bytes,int len,
- X509_OBJECT *ret);
- int (*get_by_alias)(X509_LOOKUP *ctx,int type,char *str,int len,
- X509_OBJECT *ret);
- } X509_LOOKUP_METHOD;
-
-typedef struct x509_store_ctx_st X509_STORE_CTX;
-
-/* This is used to hold everything. It is used for all certificate
- * validation. Once we have a certificate chain, the 'verify'
- * function is then called to actually check the cert chain. */
-typedef struct x509_store_st
- {
- /* The following is a cache of trusted certs */
- int cache; /* if true, stash any hits */
- STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
-
- /* These are external lookup methods */
- STACK_OF(X509_LOOKUP) *get_cert_methods;
- int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
- int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
-
- CRYPTO_EX_DATA ex_data;
- int references;
- int depth; /* how deep to look (still unused -- X509_STORE_CTX's depth is used) */
- } X509_STORE;
-
-#define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d))
-
-#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
-#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
-
-/* This is the functions plus an instance of the local variables. */
-struct x509_lookup_st
- {
- int init; /* have we been started */
- int skip; /* don't use us. */
- X509_LOOKUP_METHOD *method; /* the functions */
- char *method_data; /* method data */
-
- X509_STORE *store_ctx; /* who owns us */
- };
-
-/* This is a used when verifying cert chains. Since the
- * gathering of the cert chain can take some time (and have to be
- * 'retried', this needs to be kept and passed around. */
-struct x509_store_ctx_st /* X509_STORE_CTX */
- {
- X509_STORE *ctx;
- int current_method; /* used when looking up certs */
-
- /* The following are set by the caller */
- X509 *cert; /* The cert to check */
- STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */
- int purpose; /* purpose to check untrusted certificates */
- int trust; /* trust setting to check */
- time_t check_time; /* time to make verify at */
- unsigned long flags; /* Various verify flags */
- void *other_ctx; /* Other info for use with get_issuer() */
-
- /* Callbacks for various operations */
- int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
- int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
- int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */
- int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
- int (*cleanup)(X509_STORE_CTX *ctx);
-
- /* The following is built up */
- int depth; /* how far to go looking up certs */
- int valid; /* if 0, rebuild chain */
- int last_untrusted; /* index of last untrusted cert */
- STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */
-
- /* When something goes wrong, this is why */
- int error_depth;
- int error;
- X509 *current_cert;
- X509 *current_issuer; /* cert currently being tested as valid issuer */
-
- CRYPTO_EX_DATA ex_data;
- };
-
-#define X509_STORE_CTX_set_depth(ctx,d) ((ctx)->depth=(d))
-
-#define X509_STORE_CTX_set_app_data(ctx,data) \
- X509_STORE_CTX_set_ex_data(ctx,0,data)
-#define X509_STORE_CTX_get_app_data(ctx) \
- X509_STORE_CTX_get_ex_data(ctx,0)
-
-#define X509_L_FILE_LOAD 1
-#define X509_L_ADD_DIR 2
-
-#define X509_LOOKUP_load_file(x,name,type) \
- X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
-
-#define X509_LOOKUP_add_dir(x,name,type) \
- X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
-
-#define X509_V_OK 0
-/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */
-
-#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
-#define X509_V_ERR_UNABLE_TO_GET_CRL 3
-#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
-#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
-#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
-#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
-#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
-#define X509_V_ERR_CERT_NOT_YET_VALID 9
-#define X509_V_ERR_CERT_HAS_EXPIRED 10
-#define X509_V_ERR_CRL_NOT_YET_VALID 11
-#define X509_V_ERR_CRL_HAS_EXPIRED 12
-#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
-#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
-#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
-#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
-#define X509_V_ERR_OUT_OF_MEM 17
-#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
-#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
-#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
-#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
-#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
-#define X509_V_ERR_CERT_REVOKED 23
-#define X509_V_ERR_INVALID_CA 24
-#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
-#define X509_V_ERR_INVALID_PURPOSE 26
-#define X509_V_ERR_CERT_UNTRUSTED 27
-#define X509_V_ERR_CERT_REJECTED 28
-/* These are 'informational' when looking for issuer cert */
-#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
-#define X509_V_ERR_AKID_SKID_MISMATCH 30
-#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
-#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
-
-/* The application is not happy */
-#define X509_V_ERR_APPLICATION_VERIFICATION 50
-
-/* Certificate verify flags */
-
-#define X509_V_FLAG_CB_ISSUER_CHECK 0x1 /* Send issuer+subject checks to verify_cb */
-#define X509_V_FLAG_USE_CHECK_TIME 0x2 /* Use check time instead of current time */
-
- /* These functions are being redefined in another directory,
- and clash when the linker is case-insensitive, so let's
- hide them a little, by giving them an extra 'o' at the
- beginning of the name... */
-#ifdef VMS
-#undef X509v3_cleanup_extensions
-#define X509v3_cleanup_extensions oX509v3_cleanup_extensions
-#undef X509v3_add_extension
-#define X509v3_add_extension oX509v3_add_extension
-#undef X509v3_add_netscape_extensions
-#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions
-#undef X509v3_add_standard_extensions
-#define X509v3_add_standard_extensions oX509v3_add_standard_extensions
-#endif
-
-int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
- X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,int type,X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x);
-void X509_OBJECT_up_ref_count(X509_OBJECT *a);
-void X509_OBJECT_free_contents(X509_OBJECT *a);
-X509_STORE *X509_STORE_new(void );
-void X509_STORE_free(X509_STORE *v);
-
-X509_STORE_CTX *X509_STORE_CTX_new(void);
-
-int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
-
-void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
- X509 *x509, STACK_OF(X509) *chain);
-void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
-void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
-
-X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
-
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
-X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
-
-int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
-int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
-
-int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name,
- X509_OBJECT *ret);
-
-int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
- long argl, char **ret);
-
-#ifndef NO_STDIO
-int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-#endif
-
-
-X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
-void X509_LOOKUP_free(X509_LOOKUP *ctx);
-int X509_LOOKUP_init(X509_LOOKUP *ctx);
-int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
- X509_OBJECT *ret);
-int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
- ASN1_INTEGER *serial, X509_OBJECT *ret);
-int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
- unsigned char *bytes, int len, X509_OBJECT *ret);
-int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
- int len, X509_OBJECT *ret);
-int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
-
-#ifndef NO_STDIO
-int X509_STORE_load_locations (X509_STORE *ctx,
- const char *file, const char *dir);
-int X509_STORE_set_default_paths(X509_STORE *ctx);
-#endif
-
-int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,void *data);
-void * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx);
-int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
-int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
-X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
-void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
-int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
-int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
-int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
- int purpose, int trust);
-void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags);
-void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libcrypto/x509/x509name.c b/src/lib/libcrypto/x509/x509name.c
deleted file mode 100644
index 4c20e03ece..0000000000
--- a/src/lib/libcrypto/x509/x509name.c
+++ /dev/null
@@ -1,383 +0,0 @@
-/* crypto/x509/x509name.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
- {
- ASN1_OBJECT *obj;
-
- obj=OBJ_nid2obj(nid);
- if (obj == NULL) return(-1);
- return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
- }
-
-int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,
- int len)
- {
- int i;
- ASN1_STRING *data;
-
- i=X509_NAME_get_index_by_OBJ(name,obj,-1);
- if (i < 0) return(-1);
- data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
- i=(data->length > (len-1))?(len-1):data->length;
- if (buf == NULL) return(data->length);
- memcpy(buf,data->data,i);
- buf[i]='\0';
- return(i);
- }
-
-int X509_NAME_entry_count(X509_NAME *name)
- {
- if (name == NULL) return(0);
- return(sk_X509_NAME_ENTRY_num(name->entries));
- }
-
-int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
- {
- ASN1_OBJECT *obj;
-
- obj=OBJ_nid2obj(nid);
- if (obj == NULL) return(-2);
- return(X509_NAME_get_index_by_OBJ(name,obj,lastpos));
- }
-
-/* NOTE: you should be passsing -1, not 0 as lastpos */
-int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
- int lastpos)
- {
- int n;
- X509_NAME_ENTRY *ne;
- STACK_OF(X509_NAME_ENTRY) *sk;
-
- if (name == NULL) return(-1);
- if (lastpos < 0)
- lastpos= -1;
- sk=name->entries;
- n=sk_X509_NAME_ENTRY_num(sk);
- for (lastpos++; lastpos < n; lastpos++)
- {
- ne=sk_X509_NAME_ENTRY_value(sk,lastpos);
- if (OBJ_cmp(ne->object,obj) == 0)
- return(lastpos);
- }
- return(-1);
- }
-
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc)
- {
- if(name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
- || loc < 0)
- return(NULL);
- else
- return(sk_X509_NAME_ENTRY_value(name->entries,loc));
- }
-
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
- {
- X509_NAME_ENTRY *ret;
- int i,n,set_prev,set_next;
- STACK_OF(X509_NAME_ENTRY) *sk;
-
- if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
- || loc < 0)
- return(NULL);
- sk=name->entries;
- ret=sk_X509_NAME_ENTRY_delete(sk,loc);
- n=sk_X509_NAME_ENTRY_num(sk);
- name->modified=1;
- if (loc == n) return(ret);
-
- /* else we need to fixup the set field */
- if (loc != 0)
- set_prev=(sk_X509_NAME_ENTRY_value(sk,loc-1))->set;
- else
- set_prev=ret->set-1;
- set_next=sk_X509_NAME_ENTRY_value(sk,loc)->set;
-
- /* set_prev is the previous set
- * set is the current set
- * set_next is the following
- * prev 1 1 1 1 1 1 1 1
- * set 1 1 2 2
- * next 1 1 2 2 2 2 3 2
- * so basically only if prev and next differ by 2, then
- * re-number down by 1 */
- if (set_prev+1 < set_next)
- for (i=loc; i<n; i++)
- sk_X509_NAME_ENTRY_value(sk,i)->set--;
- return(ret);
- }
-
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
- unsigned char *bytes, int len, int loc, int set)
-{
- X509_NAME_ENTRY *ne;
- int ret;
- ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len);
- if(!ne) return 0;
- ret = X509_NAME_add_entry(name, ne, loc, set);
- X509_NAME_ENTRY_free(ne);
- return ret;
-}
-
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
- unsigned char *bytes, int len, int loc, int set)
-{
- X509_NAME_ENTRY *ne;
- int ret;
- ne = X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len);
- if(!ne) return 0;
- ret = X509_NAME_add_entry(name, ne, loc, set);
- X509_NAME_ENTRY_free(ne);
- return ret;
-}
-
-int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type,
- unsigned char *bytes, int len, int loc, int set)
-{
- X509_NAME_ENTRY *ne;
- int ret;
- ne = X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len);
- if(!ne) return 0;
- ret = X509_NAME_add_entry(name, ne, loc, set);
- X509_NAME_ENTRY_free(ne);
- return ret;
-}
-
-/* if set is -1, append to previous set, 0 'a new one', and 1,
- * prepend to the guy we are about to stomp on. */
-int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc,
- int set)
- {
- X509_NAME_ENTRY *new_name=NULL;
- int n,i,inc;
- STACK_OF(X509_NAME_ENTRY) *sk;
-
- if (name == NULL) return(0);
- sk=name->entries;
- n=sk_X509_NAME_ENTRY_num(sk);
- if (loc > n) loc=n;
- else if (loc < 0) loc=n;
-
- name->modified=1;
-
- if (set == -1)
- {
- if (loc == 0)
- {
- set=0;
- inc=1;
- }
- else
- {
- set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set;
- inc=0;
- }
- }
- else /* if (set >= 0) */
- {
- if (loc >= n)
- {
- if (loc != 0)
- set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set+1;
- else
- set=0;
- }
- else
- set=sk_X509_NAME_ENTRY_value(sk,loc)->set;
- inc=(set == 0)?1:0;
- }
-
- if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)
- goto err;
- new_name->set=set;
- if (!sk_X509_NAME_ENTRY_insert(sk,new_name,loc))
- {
- X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (inc)
- {
- n=sk_X509_NAME_ENTRY_num(sk);
- for (i=loc+1; i<n; i++)
- sk_X509_NAME_ENTRY_value(sk,i-1)->set+=1;
- }
- return(1);
-err:
- if (new_name != NULL)
- X509_NAME_ENTRY_free(new_name);
- return(0);
- }
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
- char *field, int type, unsigned char *bytes, int len)
- {
- ASN1_OBJECT *obj;
- X509_NAME_ENTRY *nentry;
-
- obj=OBJ_txt2obj(field, 0);
- if (obj == NULL)
- {
- X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,
- X509_R_INVALID_FIELD_NAME);
- ERR_add_error_data(2, "name=", field);
- return(NULL);
- }
- nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len);
- ASN1_OBJECT_free(obj);
- return nentry;
- }
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
- int type, unsigned char *bytes, int len)
- {
- ASN1_OBJECT *obj;
- X509_NAME_ENTRY *nentry;
-
- obj=OBJ_nid2obj(nid);
- if (obj == NULL)
- {
- X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
- return(NULL);
- }
- nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len);
- ASN1_OBJECT_free(obj);
- return nentry;
- }
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
- ASN1_OBJECT *obj, int type, unsigned char *bytes, int len)
- {
- X509_NAME_ENTRY *ret;
-
- if ((ne == NULL) || (*ne == NULL))
- {
- if ((ret=X509_NAME_ENTRY_new()) == NULL)
- return(NULL);
- }
- else
- ret= *ne;
-
- if (!X509_NAME_ENTRY_set_object(ret,obj))
- goto err;
- if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
- goto err;
-
- if ((ne != NULL) && (*ne == NULL)) *ne=ret;
- return(ret);
-err:
- if ((ne == NULL) || (ret != *ne))
- X509_NAME_ENTRY_free(ret);
- return(NULL);
- }
-
-int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
- {
- if ((ne == NULL) || (obj == NULL))
- {
- X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
- ASN1_OBJECT_free(ne->object);
- ne->object=OBJ_dup(obj);
- return((ne->object == NULL)?0:1);
- }
-
-int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
- unsigned char *bytes, int len)
- {
- int i;
-
- if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
- if((type > 0) && (type & MBSTRING_FLAG))
- return ASN1_STRING_set_by_NID(&ne->value, bytes,
- len, type,
- OBJ_obj2nid(ne->object)) ? 1 : 0;
- if (len < 0) len=strlen((char *)bytes);
- i=ASN1_STRING_set(ne->value,bytes,len);
- if (!i) return(0);
- if (type != V_ASN1_UNDEF)
- {
- if (type == V_ASN1_APP_CHOOSE)
- ne->value->type=ASN1_PRINTABLE_type(bytes,len);
- else
- ne->value->type=type;
- }
- return(1);
- }
-
-ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne)
- {
- if (ne == NULL) return(NULL);
- return(ne->object);
- }
-
-ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne)
- {
- if (ne == NULL) return(NULL);
- return(ne->value);
- }
-
diff --git a/src/lib/libcrypto/x509/x509rset.c b/src/lib/libcrypto/x509/x509rset.c
deleted file mode 100644
index d9f6b57372..0000000000
--- a/src/lib/libcrypto/x509/x509rset.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/x509/x509rset.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_REQ_set_version(X509_REQ *x, long version)
- {
- if (x == NULL) return(0);
- return(ASN1_INTEGER_set(x->req_info->version,version));
- }
-
-int X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name)
- {
- if ((x == NULL) || (x->req_info == NULL)) return(0);
- return(X509_NAME_set(&x->req_info->subject,name));
- }
-
-int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey)
- {
- if ((x == NULL) || (x->req_info == NULL)) return(0);
- return(X509_PUBKEY_set(&x->req_info->pubkey,pkey));
- }
-
diff --git a/src/lib/libcrypto/x509/x509spki.c b/src/lib/libcrypto/x509/x509spki.c
deleted file mode 100644
index fd0a534d88..0000000000
--- a/src/lib/libcrypto/x509/x509spki.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* x509spki.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/asn1_mac.h>
-
-int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey)
-{
- if ((x == NULL) || (x->spkac == NULL)) return(0);
- return(X509_PUBKEY_set(&(x->spkac->pubkey),pkey));
-}
-
-EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x)
-{
- if ((x == NULL) || (x->spkac == NULL))
- return(NULL);
- return(X509_PUBKEY_get(x->spkac->pubkey));
-}
-
-/* Load a Netscape SPKI from a base64 encoded string */
-
-NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len)
-{
- unsigned char *spki_der, *p;
- int spki_len;
- NETSCAPE_SPKI *spki;
- if(len <= 0) len = strlen(str);
- if (!(spki_der = OPENSSL_malloc(len + 1))) {
- X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len);
- if(spki_len < 0) {
- X509err(X509_F_NETSCAPE_SPKI_B64_DECODE,
- X509_R_BASE64_DECODE_ERROR);
- OPENSSL_free(spki_der);
- return NULL;
- }
- p = spki_der;
- spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len);
- OPENSSL_free(spki_der);
- return spki;
-}
-
-/* Generate a base64 encoded string from an SPKI */
-
-char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki)
-{
- unsigned char *der_spki, *p;
- char *b64_str;
- int der_len;
- der_len = i2d_NETSCAPE_SPKI(spki, NULL);
- der_spki = OPENSSL_malloc(der_len);
- b64_str = OPENSSL_malloc(der_len * 2);
- if(!der_spki || !b64_str) {
- X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- p = der_spki;
- i2d_NETSCAPE_SPKI(spki, &p);
- EVP_EncodeBlock((unsigned char *)b64_str, der_spki, der_len);
- OPENSSL_free(der_spki);
- return b64_str;
-}
diff --git a/src/lib/libcrypto/x509/x509type.c b/src/lib/libcrypto/x509/x509type.c
deleted file mode 100644
index 8e78b34458..0000000000
--- a/src/lib/libcrypto/x509/x509type.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/* crypto/x509/x509type.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
- {
- EVP_PKEY *pk;
- int ret=0,i;
-
- if (x == NULL) return(0);
-
- if (pkey == NULL)
- pk=X509_get_pubkey(x);
- else
- pk=pkey;
-
- if (pk == NULL) return(0);
-
- switch (pk->type)
- {
- case EVP_PKEY_RSA:
- ret=EVP_PK_RSA|EVP_PKT_SIGN;
-/* if (!sign only extension) */
- ret|=EVP_PKT_ENC;
- break;
- case EVP_PKEY_DSA:
- ret=EVP_PK_DSA|EVP_PKT_SIGN;
- break;
- case EVP_PKEY_DH:
- ret=EVP_PK_DH|EVP_PKT_EXCH;
- break;
- default:
- break;
- }
-
- i=X509_get_signature_type(x);
- switch (i)
- {
- case EVP_PKEY_RSA:
- ret|=EVP_PKS_RSA;
- break;
- case EVP_PKS_DSA:
- ret|=EVP_PKS_DSA;
- break;
- default:
- break;
- }
-
- if (EVP_PKEY_size(pk) <= 512)
- ret|=EVP_PKT_EXP;
- if(pkey==NULL) EVP_PKEY_free(pk);
- return(ret);
- }
-
diff --git a/src/lib/libcrypto/x509/x_all.c b/src/lib/libcrypto/x509/x_all.c
deleted file mode 100644
index 9bd6e2a39b..0000000000
--- a/src/lib/libcrypto/x509/x_all.c
+++ /dev/null
@@ -1,565 +0,0 @@
-/* crypto/x509/x_all.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#undef SSLEAY_MACROS
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_verify(X509 *a, EVP_PKEY *r)
- {
- return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,
- a->signature,(char *)a->cert_info,r));
- }
-
-int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
- {
- return( ASN1_verify((int (*)())i2d_X509_REQ_INFO,
- a->sig_alg,a->signature,(char *)a->req_info,r));
- }
-
-int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r)
- {
- return(ASN1_verify((int (*)())i2d_X509_CRL_INFO,
- a->sig_alg, a->signature,(char *)a->crl,r));
- }
-
-int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
- {
- return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC,
- a->sig_algor,a->signature, (char *)a->spkac,r));
- }
-
-int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
- {
- return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature,
- x->sig_alg, x->signature, (char *)x->cert_info,pkey,md));
- }
-
-int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
- {
- return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL,
- x->signature, (char *)x->req_info,pkey,md));
- }
-
-int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
- {
- return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,
- x->sig_alg, x->signature, (char *)x->crl,pkey,md));
- }
-
-int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
- {
- return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL,
- x->signature, (char *)x->spkac,pkey,md));
- }
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa)
- {
- return((X509_ATTRIBUTE *)ASN1_dup((int (*)())i2d_X509_ATTRIBUTE,
- (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa));
- }
-
-X509 *X509_dup(X509 *x509)
- {
- return((X509 *)ASN1_dup((int (*)())i2d_X509,
- (char *(*)())d2i_X509,(char *)x509));
- }
-
-X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex)
- {
- return((X509_EXTENSION *)ASN1_dup(
- (int (*)())i2d_X509_EXTENSION,
- (char *(*)())d2i_X509_EXTENSION,(char *)ex));
- }
-
-#ifndef NO_FP_API
-X509 *d2i_X509_fp(FILE *fp, X509 **x509)
- {
- return((X509 *)ASN1_d2i_fp((char *(*)())X509_new,
- (char *(*)())d2i_X509, (fp),(unsigned char **)(x509)));
- }
-
-int i2d_X509_fp(FILE *fp, X509 *x509)
- {
- return(ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509));
- }
-#endif
-
-X509 *d2i_X509_bio(BIO *bp, X509 **x509)
- {
- return((X509 *)ASN1_d2i_bio((char *(*)())X509_new,
- (char *(*)())d2i_X509, (bp),(unsigned char **)(x509)));
- }
-
-int i2d_X509_bio(BIO *bp, X509 *x509)
- {
- return(ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509));
- }
-
-X509_CRL *X509_CRL_dup(X509_CRL *crl)
- {
- return((X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL,
- (char *(*)())d2i_X509_CRL,(char *)crl));
- }
-
-#ifndef NO_FP_API
-X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
- {
- return((X509_CRL *)ASN1_d2i_fp((char *(*)())
- X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),
- (unsigned char **)(crl)));
- }
-
-int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl)
- {
- return(ASN1_i2d_fp(i2d_X509_CRL,fp,(unsigned char *)crl));
- }
-#endif
-
-X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
- {
- return((X509_CRL *)ASN1_d2i_bio((char *(*)())
- X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),
- (unsigned char **)(crl)));
- }
-
-int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl)
- {
- return(ASN1_i2d_bio(i2d_X509_CRL,bp,(unsigned char *)crl));
- }
-
-PKCS7 *PKCS7_dup(PKCS7 *p7)
- {
- return((PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7,
- (char *(*)())d2i_PKCS7,(char *)p7));
- }
-
-#ifndef NO_FP_API
-PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
- {
- return((PKCS7 *)ASN1_d2i_fp((char *(*)())
- PKCS7_new,(char *(*)())d2i_PKCS7, (fp),
- (unsigned char **)(p7)));
- }
-
-int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7)
- {
- return(ASN1_i2d_fp(i2d_PKCS7,fp,(unsigned char *)p7));
- }
-#endif
-
-PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
- {
- return((PKCS7 *)ASN1_d2i_bio((char *(*)())
- PKCS7_new,(char *(*)())d2i_PKCS7, (bp),
- (unsigned char **)(p7)));
- }
-
-int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7)
- {
- return(ASN1_i2d_bio(i2d_PKCS7,bp,(unsigned char *)p7));
- }
-
-X509_REQ *X509_REQ_dup(X509_REQ *req)
- {
- return((X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ,
- (char *(*)())d2i_X509_REQ,(char *)req));
- }
-
-#ifndef NO_FP_API
-X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
- {
- return((X509_REQ *)ASN1_d2i_fp((char *(*)())
- X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),
- (unsigned char **)(req)));
- }
-
-int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req)
- {
- return(ASN1_i2d_fp(i2d_X509_REQ,fp,(unsigned char *)req));
- }
-#endif
-
-X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
- {
- return((X509_REQ *)ASN1_d2i_bio((char *(*)())
- X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),
- (unsigned char **)(req)));
- }
-
-int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req)
- {
- return(ASN1_i2d_bio(i2d_X509_REQ,bp,(unsigned char *)req));
- }
-
-#ifndef NO_RSA
-RSA *RSAPublicKey_dup(RSA *rsa)
- {
- return((RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey,
- (char *(*)())d2i_RSAPublicKey,(char *)rsa));
- }
-
-RSA *RSAPrivateKey_dup(RSA *rsa)
- {
- return((RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey,
- (char *(*)())d2i_RSAPrivateKey,(char *)rsa));
- }
-
-#ifndef NO_FP_API
-RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
- {
- return((RSA *)ASN1_d2i_fp((char *(*)())
- RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp),
- (unsigned char **)(rsa)));
- }
-
-int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa)
- {
- return(ASN1_i2d_fp(i2d_RSAPrivateKey,fp,(unsigned char *)rsa));
- }
-
-RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
- {
- return((RSA *)ASN1_d2i_fp((char *(*)())
- RSA_new,(char *(*)())d2i_RSAPublicKey, (fp),
- (unsigned char **)(rsa)));
- }
-
-RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
- {
- return((RSA *)ASN1_d2i_fp((char *(*)())
- RSA_new,(char *(*)())d2i_RSA_PUBKEY, (fp),
- (unsigned char **)(rsa)));
- }
-
-int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
- {
- return(ASN1_i2d_fp(i2d_RSAPublicKey,fp,(unsigned char *)rsa));
- }
-
-int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa)
- {
- return(ASN1_i2d_fp(i2d_RSA_PUBKEY,fp,(unsigned char *)rsa));
- }
-#endif
-
-RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
- {
- return((RSA *)ASN1_d2i_bio((char *(*)())
- RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp),
- (unsigned char **)(rsa)));
- }
-
-int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa)
- {
- return(ASN1_i2d_bio(i2d_RSAPrivateKey,bp,(unsigned char *)rsa));
- }
-
-RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
- {
- return((RSA *)ASN1_d2i_bio((char *(*)())
- RSA_new,(char *(*)())d2i_RSAPublicKey, (bp),
- (unsigned char **)(rsa)));
- }
-
-RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
- {
- return((RSA *)ASN1_d2i_bio((char *(*)())
- RSA_new,(char *(*)())d2i_RSA_PUBKEY, (bp),
- (unsigned char **)(rsa)));
- }
-
-int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
- {
- return(ASN1_i2d_bio(i2d_RSAPublicKey,bp,(unsigned char *)rsa));
- }
-
-int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
- {
- return(ASN1_i2d_bio(i2d_RSA_PUBKEY,bp,(unsigned char *)rsa));
- }
-#endif
-
-#ifndef NO_DSA
-#ifndef NO_FP_API
-DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
- {
- return((DSA *)ASN1_d2i_fp((char *(*)())
- DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp),
- (unsigned char **)(dsa)));
- }
-
-int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
- {
- return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa));
- }
-
-DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
- {
- return((DSA *)ASN1_d2i_fp((char *(*)())
- DSA_new,(char *(*)())d2i_DSA_PUBKEY, (fp),
- (unsigned char **)(dsa)));
- }
-
-int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa)
- {
- return(ASN1_i2d_fp(i2d_DSA_PUBKEY,fp,(unsigned char *)dsa));
- }
-#endif
-
-DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
- {
- return((DSA *)ASN1_d2i_bio((char *(*)())
- DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp),
- (unsigned char **)(dsa)));
- }
-
-int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
- {
- return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa));
- }
-
-DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
- {
- return((DSA *)ASN1_d2i_bio((char *(*)())
- DSA_new,(char *(*)())d2i_DSA_PUBKEY, (bp),
- (unsigned char **)(dsa)));
- }
-
-int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
- {
- return(ASN1_i2d_bio(i2d_DSA_PUBKEY,bp,(unsigned char *)dsa));
- }
-
-#endif
-
-X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn)
- {
- return((X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,
- (char *(*)())d2i_X509_ALGOR,(char *)xn));
- }
-
-X509_NAME *X509_NAME_dup(X509_NAME *xn)
- {
- return((X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME,
- (char *(*)())d2i_X509_NAME,(char *)xn));
- }
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne)
- {
- return((X509_NAME_ENTRY *)ASN1_dup((int (*)())i2d_X509_NAME_ENTRY,
- (char *(*)())d2i_X509_NAME_ENTRY,(char *)ne));
- }
-
-int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
- unsigned int *len)
- {
- return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len));
- }
-
-int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
- unsigned int *len)
- {
- return(ASN1_digest((int (*)())i2d_X509_CRL,type,(char *)data,md,len));
- }
-
-int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md,
- unsigned int *len)
- {
- return(ASN1_digest((int (*)())i2d_X509_REQ,type,(char *)data,md,len));
- }
-
-int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md,
- unsigned int *len)
- {
- return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len));
- }
-
-int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *type,
- unsigned char *md, unsigned int *len)
- {
- return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,
- (char *)data,md,len));
- }
-
-
-#ifndef NO_FP_API
-X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
- {
- return((X509_SIG *)ASN1_d2i_fp((char *(*)())X509_SIG_new,
- (char *(*)())d2i_X509_SIG, (fp),(unsigned char **)(p8)));
- }
-
-int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8)
- {
- return(ASN1_i2d_fp(i2d_X509_SIG,fp,(unsigned char *)p8));
- }
-#endif
-
-X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
- {
- return((X509_SIG *)ASN1_d2i_bio((char *(*)())X509_SIG_new,
- (char *(*)())d2i_X509_SIG, (bp),(unsigned char **)(p8)));
- }
-
-int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8)
- {
- return(ASN1_i2d_bio(i2d_X509_SIG,bp,(unsigned char *)p8));
- }
-
-#ifndef NO_FP_API
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
- PKCS8_PRIV_KEY_INFO **p8inf)
- {
- return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_fp(
- (char *(*)())PKCS8_PRIV_KEY_INFO_new,
- (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (fp),
- (unsigned char **)(p8inf)));
- }
-
-int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf)
- {
- return(ASN1_i2d_fp(i2d_PKCS8_PRIV_KEY_INFO,fp,(unsigned char *)p8inf));
- }
-
-int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
- {
- PKCS8_PRIV_KEY_INFO *p8inf;
- int ret;
- p8inf = EVP_PKEY2PKCS8(key);
- if(!p8inf) return 0;
- ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- return ret;
- }
-
-int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey)
- {
- return(ASN1_i2d_fp(i2d_PrivateKey,fp,(unsigned char *)pkey));
- }
-
-EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
-{
- return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new,
- (char *(*)())d2i_AutoPrivateKey, (fp),(unsigned char **)(a)));
-}
-
-int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey)
- {
- return(ASN1_i2d_fp(i2d_PUBKEY,fp,(unsigned char *)pkey));
- }
-
-EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
-{
- return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new,
- (char *(*)())d2i_PUBKEY, (fp),(unsigned char **)(a)));
-}
-
-#endif
-
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
- PKCS8_PRIV_KEY_INFO **p8inf)
- {
- return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_bio(
- (char *(*)())PKCS8_PRIV_KEY_INFO_new,
- (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (bp),
- (unsigned char **)(p8inf)));
- }
-
-int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf)
- {
- return(ASN1_i2d_bio(i2d_PKCS8_PRIV_KEY_INFO,bp,(unsigned char *)p8inf));
- }
-
-int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
- {
- PKCS8_PRIV_KEY_INFO *p8inf;
- int ret;
- p8inf = EVP_PKEY2PKCS8(key);
- if(!p8inf) return 0;
- ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- return ret;
- }
-
-int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey)
- {
- return(ASN1_i2d_bio(i2d_PrivateKey,bp,(unsigned char *)pkey));
- }
-
-EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
- {
- return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new,
- (char *(*)())d2i_AutoPrivateKey, (bp),(unsigned char **)(a)));
- }
-
-int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey)
- {
- return(ASN1_i2d_bio(i2d_PUBKEY,bp,(unsigned char *)pkey));
- }
-
-EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
- {
- return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new,
- (char *(*)())d2i_PUBKEY, (bp),(unsigned char **)(a)));
- }
diff --git a/src/lib/libcrypto/x509v3/ext_dat.h b/src/lib/libcrypto/x509v3/ext_dat.h
deleted file mode 100644
index 801a585a52..0000000000
--- a/src/lib/libcrypto/x509v3/ext_dat.h
+++ /dev/null
@@ -1,97 +0,0 @@
-/* ext_dat.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* This file contains a table of "standard" extensions */
-
-extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
-extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info;
-extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
-extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_cpols, v3_crld;
-
-/* This table will be searched using OBJ_bsearch so it *must* kept in
- * order of the ext_nid values.
- */
-
-static X509V3_EXT_METHOD *standard_exts[] = {
-&v3_nscert,
-&v3_ns_ia5_list[0],
-&v3_ns_ia5_list[1],
-&v3_ns_ia5_list[2],
-&v3_ns_ia5_list[3],
-&v3_ns_ia5_list[4],
-&v3_ns_ia5_list[5],
-&v3_ns_ia5_list[6],
-&v3_skey_id,
-&v3_key_usage,
-&v3_pkey_usage_period,
-&v3_alt[0],
-&v3_alt[1],
-&v3_bcons,
-&v3_crl_num,
-&v3_cpols,
-&v3_akey_id,
-&v3_crld,
-&v3_ext_ku,
-&v3_crl_reason,
-&v3_sxnet,
-&v3_info,
-};
-
-/* Number of standard extensions */
-
-#define STANDARD_EXTENSION_COUNT (sizeof(standard_exts)/sizeof(X509V3_EXT_METHOD *))
-
diff --git a/src/lib/libcrypto/x509v3/v3_akey.c b/src/lib/libcrypto/x509v3/v3_akey.c
deleted file mode 100644
index 0889a18993..0000000000
--- a/src/lib/libcrypto/x509v3/v3_akey.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/* v3_akey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
- AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist);
-static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
-
-X509V3_EXT_METHOD v3_akey_id = {
-NID_authority_key_identifier, X509V3_EXT_MULTILINE,
-(X509V3_EXT_NEW)AUTHORITY_KEYID_new,
-(X509V3_EXT_FREE)AUTHORITY_KEYID_free,
-(X509V3_EXT_D2I)d2i_AUTHORITY_KEYID,
-(X509V3_EXT_I2D)i2d_AUTHORITY_KEYID,
-NULL, NULL,
-(X509V3_EXT_I2V)i2v_AUTHORITY_KEYID,
-(X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,
-NULL,NULL,
-NULL
-};
-
-
-int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_len_IMP_opt (a->issuer, i2d_GENERAL_NAMES);
- M_ASN1_I2D_len_IMP_opt (a->serial, i2d_ASN1_INTEGER);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING, 0);
- M_ASN1_I2D_put_IMP_opt (a->issuer, i2d_GENERAL_NAMES, 1);
- M_ASN1_I2D_put_IMP_opt (a->serial, i2d_ASN1_INTEGER, 2);
-
- M_ASN1_I2D_finish();
-}
-
-AUTHORITY_KEYID *AUTHORITY_KEYID_new(void)
-{
- AUTHORITY_KEYID *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, AUTHORITY_KEYID);
- ret->keyid = NULL;
- ret->issuer = NULL;
- ret->serial = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_AUTHORITY_KEYID_NEW);
-}
-
-AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp,
- long length)
-{
- M_ASN1_D2I_vars(a,AUTHORITY_KEYID *,AUTHORITY_KEYID_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_IMP_opt (ret->keyid, d2i_ASN1_OCTET_STRING, 0,
- V_ASN1_OCTET_STRING);
- M_ASN1_D2I_get_IMP_opt (ret->issuer, d2i_GENERAL_NAMES, 1,
- V_ASN1_SEQUENCE);
- M_ASN1_D2I_get_IMP_opt (ret->serial, d2i_ASN1_INTEGER, 2,
- V_ASN1_INTEGER);
- M_ASN1_D2I_Finish(a, AUTHORITY_KEYID_free, ASN1_F_D2I_AUTHORITY_KEYID);
-}
-
-void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a)
-{
- if (a == NULL) return;
- M_ASN1_OCTET_STRING_free(a->keyid);
- sk_GENERAL_NAME_pop_free(a->issuer, GENERAL_NAME_free);
- M_ASN1_INTEGER_free (a->serial);
- OPENSSL_free (a);
-}
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
- AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist)
-{
- char *tmp;
- if(akeyid->keyid) {
- tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length);
- X509V3_add_value("keyid", tmp, &extlist);
- OPENSSL_free(tmp);
- }
- if(akeyid->issuer)
- extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
- if(akeyid->serial) {
- tmp = hex_to_string(akeyid->serial->data,
- akeyid->serial->length);
- X509V3_add_value("serial", tmp, &extlist);
- OPENSSL_free(tmp);
- }
- return extlist;
-}
-
-/* Currently two options:
- * keyid: use the issuers subject keyid, the value 'always' means its is
- * an error if the issuer certificate doesn't have a key id.
- * issuer: use the issuers cert issuer and serial number. The default is
- * to only use this if keyid is not present. With the option 'always'
- * this is always included.
- */
-
-static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values)
-{
-char keyid=0, issuer=0;
-int i;
-CONF_VALUE *cnf;
-ASN1_OCTET_STRING *ikeyid = NULL;
-X509_NAME *isname = NULL;
-STACK_OF(GENERAL_NAME) * gens = NULL;
-GENERAL_NAME *gen = NULL;
-ASN1_INTEGER *serial = NULL;
-X509_EXTENSION *ext;
-X509 *cert;
-AUTHORITY_KEYID *akeyid;
-for(i = 0; i < sk_CONF_VALUE_num(values); i++) {
- cnf = sk_CONF_VALUE_value(values, i);
- if(!strcmp(cnf->name, "keyid")) {
- keyid = 1;
- if(cnf->value && !strcmp(cnf->value, "always")) keyid = 2;
- } else if(!strcmp(cnf->name, "issuer")) {
- issuer = 1;
- if(cnf->value && !strcmp(cnf->value, "always")) issuer = 2;
- } else {
- X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION);
- ERR_add_error_data(2, "name=", cnf->name);
- return NULL;
- }
-}
-
-
-
-if(!ctx || !ctx->issuer_cert) {
- if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new();
- X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE);
- return NULL;
-}
-
-cert = ctx->issuer_cert;
-
-if(keyid) {
- i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
- if((i >= 0) && (ext = X509_get_ext(cert, i)))
- ikeyid = X509V3_EXT_d2i(ext);
- if(keyid==2 && !ikeyid) {
- X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
- return NULL;
- }
-}
-
-if((issuer && !ikeyid) || (issuer == 2)) {
- isname = X509_NAME_dup(X509_get_issuer_name(cert));
- serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert));
- if(!isname || !serial) {
- X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);
- goto err;
- }
-}
-
-if(!(akeyid = AUTHORITY_KEYID_new())) goto err;
-
-if(isname) {
- if(!(gens = sk_GENERAL_NAME_new_null()) || !(gen = GENERAL_NAME_new())
- || !sk_GENERAL_NAME_push(gens, gen)) {
- X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- gen->type = GEN_DIRNAME;
- gen->d.dirn = isname;
-}
-
-akeyid->issuer = gens;
-akeyid->serial = serial;
-akeyid->keyid = ikeyid;
-
-return akeyid;
-
-err:
-X509_NAME_free(isname);
-M_ASN1_INTEGER_free(serial);
-M_ASN1_OCTET_STRING_free(ikeyid);
-return NULL;
-
-}
-
diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c
deleted file mode 100644
index 94bebcd448..0000000000
--- a/src/lib/libcrypto/x509v3/v3_alt.c
+++ /dev/null
@@ -1,401 +0,0 @@
-/* v3_alt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
-static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
-X509V3_EXT_METHOD v3_alt[] = {
-{ NID_subject_alt_name, 0,
-(X509V3_EXT_NEW)GENERAL_NAMES_new,
-(X509V3_EXT_FREE)GENERAL_NAMES_free,
-(X509V3_EXT_D2I)d2i_GENERAL_NAMES,
-(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
-NULL, NULL,
-(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
-(X509V3_EXT_V2I)v2i_subject_alt,
-NULL, NULL, NULL},
-{ NID_issuer_alt_name, 0,
-(X509V3_EXT_NEW)GENERAL_NAMES_new,
-(X509V3_EXT_FREE)GENERAL_NAMES_free,
-(X509V3_EXT_D2I)d2i_GENERAL_NAMES,
-(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
-NULL, NULL,
-(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
-(X509V3_EXT_V2I)v2i_issuer_alt,
-NULL, NULL, NULL},
-};
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
- STACK_OF(GENERAL_NAME) *gens, STACK_OF(CONF_VALUE) *ret)
-{
- int i;
- GENERAL_NAME *gen;
- for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
- gen = sk_GENERAL_NAME_value(gens, i);
- ret = i2v_GENERAL_NAME(method, gen, ret);
- }
- if(!ret) return sk_CONF_VALUE_new_null();
- return ret;
-}
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
- GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret)
-{
- char oline[256];
- unsigned char *p;
- switch (gen->type)
- {
- case GEN_OTHERNAME:
- X509V3_add_value("othername","<unsupported>", &ret);
- break;
-
- case GEN_X400:
- X509V3_add_value("X400Name","<unsupported>", &ret);
- break;
-
- case GEN_EDIPARTY:
- X509V3_add_value("EdiPartyName","<unsupported>", &ret);
- break;
-
- case GEN_EMAIL:
- X509V3_add_value_uchar("email",gen->d.ia5->data, &ret);
- break;
-
- case GEN_DNS:
- X509V3_add_value_uchar("DNS",gen->d.ia5->data, &ret);
- break;
-
- case GEN_URI:
- X509V3_add_value_uchar("URI",gen->d.ia5->data, &ret);
- break;
-
- case GEN_DIRNAME:
- X509_NAME_oneline(gen->d.dirn, oline, 256);
- X509V3_add_value("DirName",oline, &ret);
- break;
-
- case GEN_IPADD:
- p = gen->d.ip->data;
- /* BUG: doesn't support IPV6 */
- if(gen->d.ip->length != 4) {
- X509V3_add_value("IP Address","<invalid>", &ret);
- break;
- }
- sprintf(oline, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
- X509V3_add_value("IP Address",oline, &ret);
- break;
-
- case GEN_RID:
- i2t_ASN1_OBJECT(oline, 256, gen->d.rid);
- X509V3_add_value("Registered ID",oline, &ret);
- break;
- }
- return ret;
-}
-
-static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
- STACK_OF(GENERAL_NAME) *gens = NULL;
- CONF_VALUE *cnf;
- int i;
- if(!(gens = sk_GENERAL_NAME_new_null())) {
- X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
- cnf = sk_CONF_VALUE_value(nval, i);
- if(!name_cmp(cnf->name, "issuer") && cnf->value &&
- !strcmp(cnf->value, "copy")) {
- if(!copy_issuer(ctx, gens)) goto err;
- } else {
- GENERAL_NAME *gen;
- if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
- goto err;
- sk_GENERAL_NAME_push(gens, gen);
- }
- }
- return gens;
- err:
- sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
- return NULL;
-}
-
-/* Append subject altname of issuer to issuer alt name of subject */
-
-static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
-{
- STACK_OF(GENERAL_NAME) *ialt;
- GENERAL_NAME *gen;
- X509_EXTENSION *ext;
- int i;
- if(ctx && (ctx->flags == CTX_TEST)) return 1;
- if(!ctx || !ctx->issuer_cert) {
- X509V3err(X509V3_F_COPY_ISSUER,X509V3_R_NO_ISSUER_DETAILS);
- goto err;
- }
- i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);
- if(i < 0) return 1;
- if(!(ext = X509_get_ext(ctx->issuer_cert, i)) ||
- !(ialt = X509V3_EXT_d2i(ext)) ) {
- X509V3err(X509V3_F_COPY_ISSUER,X509V3_R_ISSUER_DECODE_ERROR);
- goto err;
- }
-
- for(i = 0; i < sk_GENERAL_NAME_num(ialt); i++) {
- gen = sk_GENERAL_NAME_value(ialt, i);
- if(!sk_GENERAL_NAME_push(gens, gen)) {
- X509V3err(X509V3_F_COPY_ISSUER,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
- sk_GENERAL_NAME_free(ialt);
-
- return 1;
-
- err:
- return 0;
-
-}
-
-static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
- STACK_OF(GENERAL_NAME) *gens = NULL;
- CONF_VALUE *cnf;
- int i;
- if(!(gens = sk_GENERAL_NAME_new_null())) {
- X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
- cnf = sk_CONF_VALUE_value(nval, i);
- if(!name_cmp(cnf->name, "email") && cnf->value &&
- !strcmp(cnf->value, "copy")) {
- if(!copy_email(ctx, gens)) goto err;
- } else {
- GENERAL_NAME *gen;
- if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
- goto err;
- sk_GENERAL_NAME_push(gens, gen);
- }
- }
- return gens;
- err:
- sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
- return NULL;
-}
-
-/* Copy any email addresses in a certificate or request to
- * GENERAL_NAMES
- */
-
-static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
-{
- X509_NAME *nm;
- ASN1_IA5STRING *email = NULL;
- X509_NAME_ENTRY *ne;
- GENERAL_NAME *gen = NULL;
- int i;
- if(ctx->flags == CTX_TEST) return 1;
- if(!ctx || (!ctx->subject_cert && !ctx->subject_req)) {
- X509V3err(X509V3_F_COPY_EMAIL,X509V3_R_NO_SUBJECT_DETAILS);
- goto err;
- }
- /* Find the subject name */
- if(ctx->subject_cert) nm = X509_get_subject_name(ctx->subject_cert);
- else nm = X509_REQ_get_subject_name(ctx->subject_req);
-
- /* Now add any email address(es) to STACK */
- i = -1;
- while((i = X509_NAME_get_index_by_NID(nm,
- NID_pkcs9_emailAddress, i)) >= 0) {
- ne = X509_NAME_get_entry(nm, i);
- email = M_ASN1_IA5STRING_dup(X509_NAME_ENTRY_get_data(ne));
- if(!email || !(gen = GENERAL_NAME_new())) {
- X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- gen->d.ia5 = email;
- email = NULL;
- gen->type = GEN_EMAIL;
- if(!sk_GENERAL_NAME_push(gens, gen)) {
- X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- gen = NULL;
- }
-
-
- return 1;
-
- err:
- GENERAL_NAME_free(gen);
- M_ASN1_IA5STRING_free(email);
- return 0;
-
-}
-
-STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
- GENERAL_NAME *gen;
- STACK_OF(GENERAL_NAME) *gens = NULL;
- CONF_VALUE *cnf;
- int i;
- if(!(gens = sk_GENERAL_NAME_new_null())) {
- X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
- cnf = sk_CONF_VALUE_value(nval, i);
- if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err;
- sk_GENERAL_NAME_push(gens, gen);
- }
- return gens;
- err:
- sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
- return NULL;
-}
-
-GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- CONF_VALUE *cnf)
-{
-char is_string = 0;
-int type;
-GENERAL_NAME *gen = NULL;
-
-char *name, *value;
-
-name = cnf->name;
-value = cnf->value;
-
-if(!value) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_MISSING_VALUE);
- return NULL;
-}
-
-if(!(gen = GENERAL_NAME_new())) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
- return NULL;
-}
-
-if(!name_cmp(name, "email")) {
- is_string = 1;
- type = GEN_EMAIL;
-} else if(!name_cmp(name, "URI")) {
- is_string = 1;
- type = GEN_URI;
-} else if(!name_cmp(name, "DNS")) {
- is_string = 1;
- type = GEN_DNS;
-} else if(!name_cmp(name, "RID")) {
- ASN1_OBJECT *obj;
- if(!(obj = OBJ_txt2obj(value,0))) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_OBJECT);
- ERR_add_error_data(2, "value=", value);
- goto err;
- }
- gen->d.rid = obj;
- type = GEN_RID;
-} else if(!name_cmp(name, "IP")) {
- int i1,i2,i3,i4;
- unsigned char ip[4];
- if((sscanf(value, "%d.%d.%d.%d",&i1,&i2,&i3,&i4) != 4) ||
- (i1 < 0) || (i1 > 255) || (i2 < 0) || (i2 > 255) ||
- (i3 < 0) || (i3 > 255) || (i4 < 0) || (i4 > 255) ) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS);
- ERR_add_error_data(2, "value=", value);
- goto err;
- }
- ip[0] = i1; ip[1] = i2 ; ip[2] = i3 ; ip[3] = i4;
- if(!(gen->d.ip = M_ASN1_OCTET_STRING_new()) ||
- !ASN1_STRING_set(gen->d.ip, ip, 4)) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- type = GEN_IPADD;
-} else {
- X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_OPTION);
- ERR_add_error_data(2, "name=", name);
- goto err;
-}
-
-if(is_string) {
- if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) ||
- !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
- strlen(value))) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-}
-
-gen->type = type;
-
-return gen;
-
-err:
-GENERAL_NAME_free(gen);
-return NULL;
-}
diff --git a/src/lib/libcrypto/x509v3/v3_bcons.c b/src/lib/libcrypto/x509v3/v3_bcons.c
deleted file mode 100644
index c576b8e955..0000000000
--- a/src/lib/libcrypto/x509v3/v3_bcons.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/* v3_bcons.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist);
-static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
-
-X509V3_EXT_METHOD v3_bcons = {
-NID_basic_constraints, 0,
-(X509V3_EXT_NEW)BASIC_CONSTRAINTS_new,
-(X509V3_EXT_FREE)BASIC_CONSTRAINTS_free,
-(X509V3_EXT_D2I)d2i_BASIC_CONSTRAINTS,
-(X509V3_EXT_I2D)i2d_BASIC_CONSTRAINTS,
-NULL, NULL,
-(X509V3_EXT_I2V)i2v_BASIC_CONSTRAINTS,
-(X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS,
-NULL,NULL,
-NULL
-};
-
-
-int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
- if(a->ca) M_ASN1_I2D_len (a->ca, i2d_ASN1_BOOLEAN);
- M_ASN1_I2D_len (a->pathlen, i2d_ASN1_INTEGER);
-
- M_ASN1_I2D_seq_total();
-
- if (a->ca) M_ASN1_I2D_put (a->ca, i2d_ASN1_BOOLEAN);
- M_ASN1_I2D_put (a->pathlen, i2d_ASN1_INTEGER);
- M_ASN1_I2D_finish();
-}
-
-BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void)
-{
- BASIC_CONSTRAINTS *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, BASIC_CONSTRAINTS);
- ret->ca = 0;
- ret->pathlen = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_BASIC_CONSTRAINTS_NEW);
-}
-
-BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a,
- unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,BASIC_CONSTRAINTS *,BASIC_CONSTRAINTS_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- if((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) ==
- (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN) ) {
- M_ASN1_D2I_get_int (ret->ca, d2i_ASN1_BOOLEAN);
- }
- M_ASN1_D2I_get_opt (ret->pathlen, d2i_ASN1_INTEGER, V_ASN1_INTEGER);
- M_ASN1_D2I_Finish(a, BASIC_CONSTRAINTS_free, ASN1_F_D2I_BASIC_CONSTRAINTS);
-}
-
-void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a)
-{
- if (a == NULL) return;
- M_ASN1_INTEGER_free (a->pathlen);
- OPENSSL_free (a);
-}
-
-static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
- BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist)
-{
- X509V3_add_value_bool("CA", bcons->ca, &extlist);
- X509V3_add_value_int("pathlen", bcons->pathlen, &extlist);
- return extlist;
-}
-
-static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values)
-{
- BASIC_CONSTRAINTS *bcons=NULL;
- CONF_VALUE *val;
- int i;
- if(!(bcons = BASIC_CONSTRAINTS_new())) {
- X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- for(i = 0; i < sk_CONF_VALUE_num(values); i++) {
- val = sk_CONF_VALUE_value(values, i);
- if(!strcmp(val->name, "CA")) {
- if(!X509V3_get_value_bool(val, &bcons->ca)) goto err;
- } else if(!strcmp(val->name, "pathlen")) {
- if(!X509V3_get_value_int(val, &bcons->pathlen)) goto err;
- } else {
- X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, X509V3_R_INVALID_NAME);
- X509V3_conf_err(val);
- goto err;
- }
- }
- return bcons;
- err:
- BASIC_CONSTRAINTS_free(bcons);
- return NULL;
-}
-
diff --git a/src/lib/libcrypto/x509v3/v3_bitst.c b/src/lib/libcrypto/x509v3/v3_bitst.c
deleted file mode 100644
index 0e1167d05c..0000000000
--- a/src/lib/libcrypto/x509v3/v3_bitst.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/* v3_bitst.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
- ASN1_BIT_STRING *bits,
- STACK_OF(CONF_VALUE) *extlist);
-static BIT_STRING_BITNAME ns_cert_type_table[] = {
-{0, "SSL Client", "client"},
-{1, "SSL Server", "server"},
-{2, "S/MIME", "email"},
-{3, "Object Signing", "objsign"},
-{4, "Unused", "reserved"},
-{5, "SSL CA", "sslCA"},
-{6, "S/MIME CA", "emailCA"},
-{7, "Object Signing CA", "objCA"},
-{-1, NULL, NULL}
-};
-
-static BIT_STRING_BITNAME key_usage_type_table[] = {
-{0, "Digital Signature", "digitalSignature"},
-{1, "Non Repudiation", "nonRepudiation"},
-{2, "Key Encipherment", "keyEncipherment"},
-{3, "Data Encipherment", "dataEncipherment"},
-{4, "Key Agreement", "keyAgreement"},
-{5, "Certificate Sign", "keyCertSign"},
-{6, "CRL Sign", "cRLSign"},
-{7, "Encipher Only", "encipherOnly"},
-{8, "Decipher Only", "decipherOnly"},
-{-1, NULL, NULL}
-};
-
-
-
-X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table);
-X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table);
-
-static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
- ASN1_BIT_STRING *bits, STACK_OF(CONF_VALUE) *ret)
-{
- BIT_STRING_BITNAME *bnam;
- for(bnam =method->usr_data; bnam->lname; bnam++) {
- if(ASN1_BIT_STRING_get_bit(bits, bnam->bitnum))
- X509V3_add_value(bnam->lname, NULL, &ret);
- }
- return ret;
-}
-
-static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
- CONF_VALUE *val;
- ASN1_BIT_STRING *bs;
- int i;
- BIT_STRING_BITNAME *bnam;
- if(!(bs = M_ASN1_BIT_STRING_new())) {
- X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
- val = sk_CONF_VALUE_value(nval, i);
- for(bnam = method->usr_data; bnam->lname; bnam++) {
- if(!strcmp(bnam->sname, val->name) ||
- !strcmp(bnam->lname, val->name) ) {
- ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1);
- break;
- }
- }
- if(!bnam->lname) {
- X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
- X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
- X509V3_conf_err(val);
- M_ASN1_BIT_STRING_free(bs);
- return NULL;
- }
- }
- return bs;
-}
-
-
diff --git a/src/lib/libcrypto/x509v3/v3_conf.c b/src/lib/libcrypto/x509v3/v3_conf.c
deleted file mode 100644
index bdc9c1cbc1..0000000000
--- a/src/lib/libcrypto/x509v3/v3_conf.c
+++ /dev/null
@@ -1,390 +0,0 @@
-/* v3_conf.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* extension creation utilities */
-
-
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static int v3_check_critical(char **value);
-static int v3_check_generic(char **value);
-static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value);
-static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type);
-static char *conf_lhash_get_string(void *db, char *section, char *value);
-static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section);
-static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
- int crit, void *ext_struc);
-/* LHASH *conf: Config file */
-/* char *name: Name */
-/* char *value: Value */
-X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
- char *value)
-{
- int crit;
- int ext_type;
- X509_EXTENSION *ret;
- crit = v3_check_critical(&value);
- if((ext_type = v3_check_generic(&value)))
- return v3_generic_extension(name, value, crit, ext_type);
- ret = do_ext_conf(conf, ctx, OBJ_sn2nid(name), crit, value);
- if(!ret) {
- X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_ERROR_IN_EXTENSION);
- ERR_add_error_data(4,"name=", name, ", value=", value);
- }
- return ret;
-}
-
-/* LHASH *conf: Config file */
-/* char *value: Value */
-X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid,
- char *value)
-{
- int crit;
- int ext_type;
- crit = v3_check_critical(&value);
- if((ext_type = v3_check_generic(&value)))
- return v3_generic_extension(OBJ_nid2sn(ext_nid),
- value, crit, ext_type);
- return do_ext_conf(conf, ctx, ext_nid, crit, value);
-}
-
-/* LHASH *conf: Config file */
-/* char *value: Value */
-static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid,
- int crit, char *value)
-{
- X509V3_EXT_METHOD *method;
- X509_EXTENSION *ext;
- STACK_OF(CONF_VALUE) *nval;
- void *ext_struc;
- if(ext_nid == NID_undef) {
- X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION_NAME);
- return NULL;
- }
- if(!(method = X509V3_EXT_get_nid(ext_nid))) {
- X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION);
- return NULL;
- }
- /* Now get internal extension representation based on type */
- if(method->v2i) {
- if(*value == '@') nval = CONF_get_section(conf, value + 1);
- else nval = X509V3_parse_list(value);
- if(!nval) {
- X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_INVALID_EXTENSION_STRING);
- ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value);
- return NULL;
- }
- ext_struc = method->v2i(method, ctx, nval);
- if(*value != '@') sk_CONF_VALUE_pop_free(nval,
- X509V3_conf_free);
- if(!ext_struc) return NULL;
- } else if(method->s2i) {
- if(!(ext_struc = method->s2i(method, ctx, value))) return NULL;
- } else if(method->r2i) {
- if(!ctx->db) {
- X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE);
- return NULL;
- }
- if(!(ext_struc = method->r2i(method, ctx, value))) return NULL;
- } else {
- X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
- ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid));
- return NULL;
- }
-
- ext = do_ext_i2d(method, ext_nid, crit, ext_struc);
- method->ext_free(ext_struc);
- return ext;
-
-}
-
-static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
- int crit, void *ext_struc)
-{
- unsigned char *ext_der, *p;
- int ext_len;
- ASN1_OCTET_STRING *ext_oct;
- X509_EXTENSION *ext;
- /* Convert internal representation to DER */
- ext_len = method->i2d(ext_struc, NULL);
- if(!(ext_der = OPENSSL_malloc(ext_len))) goto merr;
- p = ext_der;
- method->i2d(ext_struc, &p);
- if(!(ext_oct = M_ASN1_OCTET_STRING_new())) goto merr;
- ext_oct->data = ext_der;
- ext_oct->length = ext_len;
-
- ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
- if(!ext) goto merr;
- M_ASN1_OCTET_STRING_free(ext_oct);
-
- return ext;
-
- merr:
- X509V3err(X509V3_F_DO_EXT_I2D,ERR_R_MALLOC_FAILURE);
- return NULL;
-
-}
-
-/* Given an internal structure, nid and critical flag create an extension */
-
-X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
-{
- X509V3_EXT_METHOD *method;
- if(!(method = X509V3_EXT_get_nid(ext_nid))) {
- X509V3err(X509V3_F_X509V3_EXT_I2D,X509V3_R_UNKNOWN_EXTENSION);
- return NULL;
- }
- return do_ext_i2d(method, ext_nid, crit, ext_struc);
-}
-
-/* Check the extension string for critical flag */
-static int v3_check_critical(char **value)
-{
- char *p = *value;
- if((strlen(p) < 9) || strncmp(p, "critical,", 9)) return 0;
- p+=9;
- while(isspace((unsigned char)*p)) p++;
- *value = p;
- return 1;
-}
-
-/* Check extension string for generic extension and return the type */
-static int v3_check_generic(char **value)
-{
- char *p = *value;
- if((strlen(p) < 4) || strncmp(p, "DER:,", 4)) return 0;
- p+=4;
- while(isspace((unsigned char)*p)) p++;
- *value = p;
- return 1;
-}
-
-/* Create a generic extension: for now just handle DER type */
-static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
- int crit, int type)
-{
-unsigned char *ext_der=NULL;
-long ext_len;
-ASN1_OBJECT *obj=NULL;
-ASN1_OCTET_STRING *oct=NULL;
-X509_EXTENSION *extension=NULL;
-if(!(obj = OBJ_txt2obj(ext, 0))) {
- X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_NAME_ERROR);
- ERR_add_error_data(2, "name=", ext);
- goto err;
-}
-
-if(!(ext_der = string_to_hex(value, &ext_len))) {
- X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_VALUE_ERROR);
- ERR_add_error_data(2, "value=", value);
- goto err;
-}
-
-if(!(oct = M_ASN1_OCTET_STRING_new())) {
- X509V3err(X509V3_F_V3_GENERIC_EXTENSION,ERR_R_MALLOC_FAILURE);
- goto err;
-}
-
-oct->data = ext_der;
-oct->length = ext_len;
-ext_der = NULL;
-
-extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);
-
-err:
-ASN1_OBJECT_free(obj);
-M_ASN1_OCTET_STRING_free(oct);
-if(ext_der) OPENSSL_free(ext_der);
-return extension;
-}
-
-
-/* This is the main function: add a bunch of extensions based on a config file
- * section
- */
-
-int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
- X509 *cert)
-{
- X509_EXTENSION *ext;
- STACK_OF(CONF_VALUE) *nval;
- CONF_VALUE *val;
- int i;
- if(!(nval = CONF_get_section(conf, section))) return 0;
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
- val = sk_CONF_VALUE_value(nval, i);
- if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
- return 0;
- if(cert) X509_add_ext(cert, ext, -1);
- X509_EXTENSION_free(ext);
- }
- return 1;
-}
-
-/* Same as above but for a CRL */
-
-int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
- X509_CRL *crl)
-{
- X509_EXTENSION *ext;
- STACK_OF(CONF_VALUE) *nval;
- CONF_VALUE *val;
- int i;
- if(!(nval = CONF_get_section(conf, section))) return 0;
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
- val = sk_CONF_VALUE_value(nval, i);
- if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
- return 0;
- if(crl) X509_CRL_add_ext(crl, ext, -1);
- X509_EXTENSION_free(ext);
- }
- return 1;
-}
-
-/* Add extensions to certificate request */
-
-int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
- X509_REQ *req)
-{
- X509_EXTENSION *ext;
- STACK_OF(X509_EXTENSION) *extlist = NULL;
- STACK_OF(CONF_VALUE) *nval;
- CONF_VALUE *val;
- int i;
- if(!(nval = CONF_get_section(conf, section))) return 0;
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
- val = sk_CONF_VALUE_value(nval, i);
- if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
- return 0;
- if(!extlist) extlist = sk_X509_EXTENSION_new_null();
- sk_X509_EXTENSION_push(extlist, ext);
- }
- if(req) i = X509_REQ_add_extensions(req, extlist);
- else i = 1;
- sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free);
- return i;
-}
-
-/* Config database functions */
-
-char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section)
-{
- if(ctx->db_meth->get_string)
- return ctx->db_meth->get_string(ctx->db, name, section);
- return NULL;
-}
-
-STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section)
-{
- if(ctx->db_meth->get_section)
- return ctx->db_meth->get_section(ctx->db, section);
- return NULL;
-}
-
-void X509V3_string_free(X509V3_CTX *ctx, char *str)
-{
- if(!str) return;
- if(ctx->db_meth->free_string)
- ctx->db_meth->free_string(ctx->db, str);
-}
-
-void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section)
-{
- if(!section) return;
- if(ctx->db_meth->free_section)
- ctx->db_meth->free_section(ctx->db, section);
-}
-
-static char *conf_lhash_get_string(void *db, char *section, char *value)
-{
- return CONF_get_string(db, section, value);
-}
-
-static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section)
-{
- return CONF_get_section(db, section);
-}
-
-static X509V3_CONF_METHOD conf_lhash_method = {
-conf_lhash_get_string,
-conf_lhash_get_section,
-NULL,
-NULL
-};
-
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash)
-{
- ctx->db_meth = &conf_lhash_method;
- ctx->db = lhash;
-}
-
-void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req,
- X509_CRL *crl, int flags)
-{
- ctx->issuer_cert = issuer;
- ctx->subject_cert = subj;
- ctx->crl = crl;
- ctx->subject_req = req;
- ctx->flags = flags;
-}
diff --git a/src/lib/libcrypto/x509v3/v3_cpols.c b/src/lib/libcrypto/x509v3/v3_cpols.c
deleted file mode 100644
index 8203ed7571..0000000000
--- a/src/lib/libcrypto/x509v3/v3_cpols.c
+++ /dev/null
@@ -1,660 +0,0 @@
-/* v3_cpols.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509v3.h>
-
-/* Certificate policies extension support: this one is a bit complex... */
-
-static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent);
-static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value);
-static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent);
-static void print_notice(BIO *out, USERNOTICE *notice, int indent);
-static POLICYINFO *policy_section(X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *polstrs, int ia5org);
-static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *unot, int ia5org);
-static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos);
-
-X509V3_EXT_METHOD v3_cpols = {
-NID_certificate_policies, 0,
-(X509V3_EXT_NEW)CERTIFICATEPOLICIES_new,
-(X509V3_EXT_FREE)CERTIFICATEPOLICIES_free,
-(X509V3_EXT_D2I)d2i_CERTIFICATEPOLICIES,
-(X509V3_EXT_I2D)i2d_CERTIFICATEPOLICIES,
-NULL, NULL,
-NULL, NULL,
-(X509V3_EXT_I2R)i2r_certpol,
-(X509V3_EXT_R2I)r2i_certpol,
-NULL
-};
-
-
-static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *value)
-{
- STACK_OF(POLICYINFO) *pols = NULL;
- char *pstr;
- POLICYINFO *pol;
- ASN1_OBJECT *pobj;
- STACK_OF(CONF_VALUE) *vals;
- CONF_VALUE *cnf;
- int i, ia5org;
- pols = sk_POLICYINFO_new_null();
- vals = X509V3_parse_list(value);
- ia5org = 0;
- for(i = 0; i < sk_CONF_VALUE_num(vals); i++) {
- cnf = sk_CONF_VALUE_value(vals, i);
- if(cnf->value || !cnf->name ) {
- X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_POLICY_IDENTIFIER);
- X509V3_conf_err(cnf);
- goto err;
- }
- pstr = cnf->name;
- if(!strcmp(pstr,"ia5org")) {
- ia5org = 1;
- continue;
- } else if(*pstr == '@') {
- STACK_OF(CONF_VALUE) *polsect;
- polsect = X509V3_get_section(ctx, pstr + 1);
- if(!polsect) {
- X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_SECTION);
-
- X509V3_conf_err(cnf);
- goto err;
- }
- pol = policy_section(ctx, polsect, ia5org);
- X509V3_section_free(ctx, polsect);
- if(!pol) goto err;
- } else {
- if(!(pobj = OBJ_txt2obj(cnf->name, 0))) {
- X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_OBJECT_IDENTIFIER);
- X509V3_conf_err(cnf);
- goto err;
- }
- pol = POLICYINFO_new();
- pol->policyid = pobj;
- }
- sk_POLICYINFO_push(pols, pol);
- }
- sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
- return pols;
- err:
- sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
- return NULL;
-}
-
-static POLICYINFO *policy_section(X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *polstrs, int ia5org)
-{
- int i;
- CONF_VALUE *cnf;
- POLICYINFO *pol;
- POLICYQUALINFO *qual;
- if(!(pol = POLICYINFO_new())) goto merr;
- for(i = 0; i < sk_CONF_VALUE_num(polstrs); i++) {
- cnf = sk_CONF_VALUE_value(polstrs, i);
- if(!strcmp(cnf->name, "policyIdentifier")) {
- ASN1_OBJECT *pobj;
- if(!(pobj = OBJ_txt2obj(cnf->value, 0))) {
- X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_OBJECT_IDENTIFIER);
- X509V3_conf_err(cnf);
- goto err;
- }
- pol->policyid = pobj;
-
- } else if(!name_cmp(cnf->name, "CPS")) {
- if(!pol->qualifiers) pol->qualifiers =
- sk_POLICYQUALINFO_new_null();
- if(!(qual = POLICYQUALINFO_new())) goto merr;
- if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
- goto merr;
- qual->pqualid = OBJ_nid2obj(NID_id_qt_cps);
- qual->d.cpsuri = M_ASN1_IA5STRING_new();
- if(!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
- strlen(cnf->value))) goto merr;
- } else if(!name_cmp(cnf->name, "userNotice")) {
- STACK_OF(CONF_VALUE) *unot;
- if(*cnf->value != '@') {
- X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_EXPECTED_A_SECTION_NAME);
- X509V3_conf_err(cnf);
- goto err;
- }
- unot = X509V3_get_section(ctx, cnf->value + 1);
- if(!unot) {
- X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_SECTION);
-
- X509V3_conf_err(cnf);
- goto err;
- }
- qual = notice_section(ctx, unot, ia5org);
- X509V3_section_free(ctx, unot);
- if(!qual) goto err;
- if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
- goto merr;
- } else {
- X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_OPTION);
-
- X509V3_conf_err(cnf);
- goto err;
- }
- }
- if(!pol->policyid) {
- X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_NO_POLICY_IDENTIFIER);
- goto err;
- }
-
- return pol;
-
- merr:
- X509V3err(X509V3_F_POLICY_SECTION,ERR_R_MALLOC_FAILURE);
-
- err:
- POLICYINFO_free(pol);
- return NULL;
-
-
-}
-
-static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *unot, int ia5org)
-{
- int i;
- CONF_VALUE *cnf;
- USERNOTICE *not;
- POLICYQUALINFO *qual;
- if(!(qual = POLICYQUALINFO_new())) goto merr;
- qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice);
- if(!(not = USERNOTICE_new())) goto merr;
- qual->d.usernotice = not;
- for(i = 0; i < sk_CONF_VALUE_num(unot); i++) {
- cnf = sk_CONF_VALUE_value(unot, i);
- if(!strcmp(cnf->name, "explicitText")) {
- not->exptext = M_ASN1_VISIBLESTRING_new();
- if(!ASN1_STRING_set(not->exptext, cnf->value,
- strlen(cnf->value))) goto merr;
- } else if(!strcmp(cnf->name, "organization")) {
- NOTICEREF *nref;
- if(!not->noticeref) {
- if(!(nref = NOTICEREF_new())) goto merr;
- not->noticeref = nref;
- } else nref = not->noticeref;
- if(ia5org) nref->organization = M_ASN1_IA5STRING_new();
- else nref->organization = M_ASN1_VISIBLESTRING_new();
- if(!ASN1_STRING_set(nref->organization, cnf->value,
- strlen(cnf->value))) goto merr;
- } else if(!strcmp(cnf->name, "noticeNumbers")) {
- NOTICEREF *nref;
- STACK_OF(CONF_VALUE) *nos;
- if(!not->noticeref) {
- if(!(nref = NOTICEREF_new())) goto merr;
- not->noticeref = nref;
- } else nref = not->noticeref;
- nos = X509V3_parse_list(cnf->value);
- if(!nos || !sk_CONF_VALUE_num(nos)) {
- X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_NUMBERS);
- X509V3_conf_err(cnf);
- goto err;
- }
- nref->noticenos = nref_nos(nos);
- sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
- if(!nref->noticenos) goto err;
- } else {
- X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_OPTION);
-
- X509V3_conf_err(cnf);
- goto err;
- }
- }
-
- if(not->noticeref &&
- (!not->noticeref->noticenos || !not->noticeref->organization)) {
- X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_NEED_ORGANIZATION_AND_NUMBERS);
- goto err;
- }
-
- return qual;
-
- merr:
- X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE);
-
- err:
- POLICYQUALINFO_free(qual);
- return NULL;
-}
-
-static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos)
-{
- STACK_OF(ASN1_INTEGER) *nnums;
- CONF_VALUE *cnf;
- ASN1_INTEGER *aint;
-
- int i;
-
- if(!(nnums = sk_ASN1_INTEGER_new_null())) goto merr;
- for(i = 0; i < sk_CONF_VALUE_num(nos); i++) {
- cnf = sk_CONF_VALUE_value(nos, i);
- if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) {
- X509V3err(X509V3_F_NREF_NOS,X509V3_R_INVALID_NUMBER);
- goto err;
- }
- if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr;
- }
- return nnums;
-
- merr:
- X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE);
-
- err:
- sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free);
- return NULL;
-}
-
-
-static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol,
- BIO *out, int indent)
-{
- int i;
- POLICYINFO *pinfo;
- /* First print out the policy OIDs */
- for(i = 0; i < sk_POLICYINFO_num(pol); i++) {
- pinfo = sk_POLICYINFO_value(pol, i);
- BIO_printf(out, "%*sPolicy: ", indent, "");
- i2a_ASN1_OBJECT(out, pinfo->policyid);
- BIO_puts(out, "\n");
- if(pinfo->qualifiers)
- print_qualifiers(out, pinfo->qualifiers, indent + 2);
- }
- return 1;
-}
-
-
-int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp)
-{
-
-return i2d_ASN1_SET_OF_POLICYINFO(a, pp, i2d_POLICYINFO, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);}
-
-STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void)
-{
- return sk_POLICYINFO_new_null();
-}
-
-void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a)
-{
- sk_POLICYINFO_pop_free(a, POLICYINFO_free);
-}
-
-STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a,
- unsigned char **pp,long length)
-{
-return d2i_ASN1_SET_OF_POLICYINFO(a, pp, length, d2i_POLICYINFO,
- POLICYINFO_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-
-}
-
-IMPLEMENT_STACK_OF(POLICYINFO)
-IMPLEMENT_ASN1_SET_OF(POLICYINFO)
-
-int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->policyid, i2d_ASN1_OBJECT);
- M_ASN1_I2D_len_SEQUENCE_type(POLICYQUALINFO, a->qualifiers,
- i2d_POLICYQUALINFO);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->policyid, i2d_ASN1_OBJECT);
- M_ASN1_I2D_put_SEQUENCE_type(POLICYQUALINFO, a->qualifiers,
- i2d_POLICYQUALINFO);
-
- M_ASN1_I2D_finish();
-}
-
-POLICYINFO *POLICYINFO_new(void)
-{
- POLICYINFO *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, POLICYINFO);
- ret->policyid = NULL;
- ret->qualifiers = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_POLICYINFO_NEW);
-}
-
-POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp,long length)
-{
- M_ASN1_D2I_vars(a,POLICYINFO *,POLICYINFO_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->policyid, d2i_ASN1_OBJECT);
- if(!M_ASN1_D2I_end_sequence()) {
- M_ASN1_D2I_get_seq_type (POLICYQUALINFO, ret->qualifiers,
- d2i_POLICYQUALINFO, POLICYQUALINFO_free);
- }
- M_ASN1_D2I_Finish(a, POLICYINFO_free, ASN1_F_D2I_POLICYINFO);
-}
-
-void POLICYINFO_free(POLICYINFO *a)
-{
- if (a == NULL) return;
- ASN1_OBJECT_free(a->policyid);
- sk_POLICYQUALINFO_pop_free(a->qualifiers, POLICYQUALINFO_free);
- OPENSSL_free (a);
-}
-
-static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals,
- int indent)
-{
- POLICYQUALINFO *qualinfo;
- int i;
- for(i = 0; i < sk_POLICYQUALINFO_num(quals); i++) {
- qualinfo = sk_POLICYQUALINFO_value(quals, i);
- switch(OBJ_obj2nid(qualinfo->pqualid))
- {
- case NID_id_qt_cps:
- BIO_printf(out, "%*sCPS: %s\n", indent, "",
- qualinfo->d.cpsuri->data);
- break;
-
- case NID_id_qt_unotice:
- BIO_printf(out, "%*sUser Notice:\n", indent, "");
- print_notice(out, qualinfo->d.usernotice, indent + 2);
- break;
-
- default:
- BIO_printf(out, "%*sUnknown Qualifier: ",
- indent + 2, "");
-
- i2a_ASN1_OBJECT(out, qualinfo->pqualid);
- BIO_puts(out, "\n");
- break;
- }
- }
-}
-
-static void print_notice(BIO *out, USERNOTICE *notice, int indent)
-{
- int i;
- if(notice->noticeref) {
- NOTICEREF *ref;
- ref = notice->noticeref;
- BIO_printf(out, "%*sOrganization: %s\n", indent, "",
- ref->organization->data);
- BIO_printf(out, "%*sNumber%s: ", indent, "",
- sk_ASN1_INTEGER_num(ref->noticenos) > 1 ? "s" : "");
- for(i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) {
- ASN1_INTEGER *num;
- char *tmp;
- num = sk_ASN1_INTEGER_value(ref->noticenos, i);
- if(i) BIO_puts(out, ", ");
- tmp = i2s_ASN1_INTEGER(NULL, num);
- BIO_puts(out, tmp);
- OPENSSL_free(tmp);
- }
- BIO_puts(out, "\n");
- }
- if(notice->exptext)
- BIO_printf(out, "%*sExplicit Text: %s\n", indent, "",
- notice->exptext->data);
-}
-
-
-
-int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->pqualid, i2d_ASN1_OBJECT);
- switch(OBJ_obj2nid(a->pqualid)) {
- case NID_id_qt_cps:
- M_ASN1_I2D_len(a->d.cpsuri, i2d_ASN1_IA5STRING);
- break;
-
- case NID_id_qt_unotice:
- M_ASN1_I2D_len(a->d.usernotice, i2d_USERNOTICE);
- break;
-
- default:
- M_ASN1_I2D_len(a->d.other, i2d_ASN1_TYPE);
- break;
- }
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->pqualid, i2d_ASN1_OBJECT);
- switch(OBJ_obj2nid(a->pqualid)) {
- case NID_id_qt_cps:
- M_ASN1_I2D_put(a->d.cpsuri, i2d_ASN1_IA5STRING);
- break;
-
- case NID_id_qt_unotice:
- M_ASN1_I2D_put(a->d.usernotice, i2d_USERNOTICE);
- break;
-
- default:
- M_ASN1_I2D_put(a->d.other, i2d_ASN1_TYPE);
- break;
- }
-
- M_ASN1_I2D_finish();
-}
-
-POLICYQUALINFO *POLICYQUALINFO_new(void)
-{
- POLICYQUALINFO *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, POLICYQUALINFO);
- ret->pqualid = NULL;
- ret->d.other = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_POLICYQUALINFO_NEW);
-}
-
-POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp,
- long length)
-{
- M_ASN1_D2I_vars(a,POLICYQUALINFO *,POLICYQUALINFO_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->pqualid, d2i_ASN1_OBJECT);
- switch(OBJ_obj2nid(ret->pqualid)) {
- case NID_id_qt_cps:
- M_ASN1_D2I_get(ret->d.cpsuri, d2i_ASN1_IA5STRING);
- break;
-
- case NID_id_qt_unotice:
- M_ASN1_D2I_get(ret->d.usernotice, d2i_USERNOTICE);
- break;
-
- default:
- M_ASN1_D2I_get(ret->d.other, d2i_ASN1_TYPE);
- break;
- }
- M_ASN1_D2I_Finish(a, POLICYQUALINFO_free, ASN1_F_D2I_POLICYQUALINFO);
-}
-
-void POLICYQUALINFO_free(POLICYQUALINFO *a)
-{
- if (a == NULL) return;
- switch(OBJ_obj2nid(a->pqualid)) {
- case NID_id_qt_cps:
- M_ASN1_IA5STRING_free(a->d.cpsuri);
- break;
-
- case NID_id_qt_unotice:
- USERNOTICE_free(a->d.usernotice);
- break;
-
- default:
- ASN1_TYPE_free(a->d.other);
- break;
- }
-
- ASN1_OBJECT_free(a->pqualid);
- OPENSSL_free (a);
-}
-
-int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->noticeref, i2d_NOTICEREF);
- M_ASN1_I2D_len (a->exptext, i2d_DISPLAYTEXT);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->noticeref, i2d_NOTICEREF);
- M_ASN1_I2D_put (a->exptext, i2d_DISPLAYTEXT);
-
- M_ASN1_I2D_finish();
-}
-
-USERNOTICE *USERNOTICE_new(void)
-{
- USERNOTICE *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, USERNOTICE);
- ret->noticeref = NULL;
- ret->exptext = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_USERNOTICE_NEW);
-}
-
-USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp,long length)
-{
- M_ASN1_D2I_vars(a,USERNOTICE *,USERNOTICE_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_opt(ret->noticeref, d2i_NOTICEREF, V_ASN1_SEQUENCE);
- if (!M_ASN1_D2I_end_sequence()) {
- M_ASN1_D2I_get(ret->exptext, d2i_DISPLAYTEXT);
- }
- M_ASN1_D2I_Finish(a, USERNOTICE_free, ASN1_F_D2I_USERNOTICE);
-}
-
-void USERNOTICE_free(USERNOTICE *a)
-{
- if (a == NULL) return;
- NOTICEREF_free(a->noticeref);
- M_DISPLAYTEXT_free(a->exptext);
- OPENSSL_free (a);
-}
-
-int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->organization, i2d_DISPLAYTEXT);
- M_ASN1_I2D_len_SEQUENCE_type(ASN1_INTEGER, a->noticenos,
- i2d_ASN1_INTEGER);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->organization, i2d_DISPLAYTEXT);
- M_ASN1_I2D_put_SEQUENCE_type(ASN1_INTEGER, a->noticenos,
- i2d_ASN1_INTEGER);
-
- M_ASN1_I2D_finish();
-}
-
-NOTICEREF *NOTICEREF_new(void)
-{
- NOTICEREF *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, NOTICEREF);
- ret->organization = NULL;
- ret->noticenos = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_NOTICEREF_NEW);
-}
-
-NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp,long length)
-{
- M_ASN1_D2I_vars(a,NOTICEREF *,NOTICEREF_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- /* This is to cope with some broken encodings that use IA5STRING for
- * the organization field
- */
- M_ASN1_D2I_get_opt(ret->organization, d2i_ASN1_IA5STRING,
- V_ASN1_IA5STRING);
- if(!ret->organization) {
- M_ASN1_D2I_get(ret->organization, d2i_DISPLAYTEXT);
- }
- M_ASN1_D2I_get_seq_type(ASN1_INTEGER, ret->noticenos, d2i_ASN1_INTEGER,
- ASN1_STRING_free);
- M_ASN1_D2I_Finish(a, NOTICEREF_free, ASN1_F_D2I_NOTICEREF);
-}
-
-void NOTICEREF_free(NOTICEREF *a)
-{
- if (a == NULL) return;
- M_DISPLAYTEXT_free(a->organization);
- sk_ASN1_INTEGER_pop_free(a->noticenos, ASN1_STRING_free);
- OPENSSL_free (a);
-}
-
-IMPLEMENT_STACK_OF(POLICYQUALINFO)
-IMPLEMENT_ASN1_SET_OF(POLICYQUALINFO)
diff --git a/src/lib/libcrypto/x509v3/v3_crld.c b/src/lib/libcrypto/x509v3/v3_crld.c
deleted file mode 100644
index 67feea4017..0000000000
--- a/src/lib/libcrypto/x509v3/v3_crld.c
+++ /dev/null
@@ -1,285 +0,0 @@
-/* v3_crld.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
- STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *extlist);
-static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-X509V3_EXT_METHOD v3_crld = {
-NID_crl_distribution_points, X509V3_EXT_MULTILINE,
-(X509V3_EXT_NEW)CRL_DIST_POINTS_new,
-(X509V3_EXT_FREE)CRL_DIST_POINTS_free,
-(X509V3_EXT_D2I)d2i_CRL_DIST_POINTS,
-(X509V3_EXT_I2D)i2d_CRL_DIST_POINTS,
-NULL, NULL,
-(X509V3_EXT_I2V)i2v_crld,
-(X509V3_EXT_V2I)v2i_crld,
-NULL, NULL, NULL
-};
-
-static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
- STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *exts)
-{
- DIST_POINT *point;
- int i;
- for(i = 0; i < sk_DIST_POINT_num(crld); i++) {
- point = sk_DIST_POINT_value(crld, i);
- if(point->distpoint && point->distpoint->fullname) {
- exts = i2v_GENERAL_NAMES(NULL,
- point->distpoint->fullname, exts);
- }
- if(point->reasons)
- X509V3_add_value("reasons","<UNSUPPORTED>", &exts);
- if(point->CRLissuer)
- X509V3_add_value("CRLissuer","<UNSUPPORTED>", &exts);
- if(point->distpoint && point->distpoint->relativename)
- X509V3_add_value("RelativeName","<UNSUPPORTED>", &exts);
- }
- return exts;
-}
-
-static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
- STACK_OF(DIST_POINT) *crld = NULL;
- STACK_OF(GENERAL_NAME) *gens = NULL;
- GENERAL_NAME *gen = NULL;
- CONF_VALUE *cnf;
- int i;
- if(!(crld = sk_DIST_POINT_new_null())) goto merr;
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
- DIST_POINT *point;
- cnf = sk_CONF_VALUE_value(nval, i);
- if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err;
- if(!(gens = GENERAL_NAMES_new())) goto merr;
- if(!sk_GENERAL_NAME_push(gens, gen)) goto merr;
- gen = NULL;
- if(!(point = DIST_POINT_new())) goto merr;
- if(!sk_DIST_POINT_push(crld, point)) {
- DIST_POINT_free(point);
- goto merr;
- }
- if(!(point->distpoint = DIST_POINT_NAME_new())) goto merr;
- point->distpoint->fullname = gens;
- gens = NULL;
- }
- return crld;
-
- merr:
- X509V3err(X509V3_F_V2I_CRLD,ERR_R_MALLOC_FAILURE);
- err:
- GENERAL_NAME_free(gen);
- GENERAL_NAMES_free(gens);
- sk_DIST_POINT_pop_free(crld, DIST_POINT_free);
- return NULL;
-}
-
-int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp)
-{
-
-return i2d_ASN1_SET_OF_DIST_POINT(a, pp, i2d_DIST_POINT, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);}
-
-STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void)
-{
- return sk_DIST_POINT_new_null();
-}
-
-void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a)
-{
- sk_DIST_POINT_pop_free(a, DIST_POINT_free);
-}
-
-STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a,
- unsigned char **pp,long length)
-{
-return d2i_ASN1_SET_OF_DIST_POINT(a, pp, length, d2i_DIST_POINT,
- DIST_POINT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-
-}
-
-IMPLEMENT_STACK_OF(DIST_POINT)
-IMPLEMENT_ASN1_SET_OF(DIST_POINT)
-
-int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp)
-{
- int v = 0;
- M_ASN1_I2D_vars(a);
- /* NB: underlying type is a CHOICE so need EXPLICIT tagging */
- M_ASN1_I2D_len_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v);
- M_ASN1_I2D_len_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING);
- M_ASN1_I2D_len_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v);
- M_ASN1_I2D_put_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING, 1);
- M_ASN1_I2D_put_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES, 2);
-
- M_ASN1_I2D_finish();
-}
-
-DIST_POINT *DIST_POINT_new(void)
-{
- DIST_POINT *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, DIST_POINT);
- ret->distpoint = NULL;
- ret->reasons = NULL;
- ret->CRLissuer = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_DIST_POINT_NEW);
-}
-
-DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,DIST_POINT *,DIST_POINT_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_EXP_opt (ret->distpoint, d2i_DIST_POINT_NAME, 0);
- M_ASN1_D2I_get_IMP_opt (ret->reasons, d2i_ASN1_BIT_STRING, 1,
- V_ASN1_BIT_STRING);
- M_ASN1_D2I_get_IMP_opt (ret->CRLissuer, d2i_GENERAL_NAMES, 2,
- V_ASN1_SEQUENCE);
- M_ASN1_D2I_Finish(a, DIST_POINT_free, ASN1_F_D2I_DIST_POINT);
-}
-
-void DIST_POINT_free(DIST_POINT *a)
-{
- if (a == NULL) return;
- DIST_POINT_NAME_free(a->distpoint);
- M_ASN1_BIT_STRING_free(a->reasons);
- sk_GENERAL_NAME_pop_free(a->CRLissuer, GENERAL_NAME_free);
- OPENSSL_free (a);
-}
-
-int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- if(a->fullname) {
- M_ASN1_I2D_len_IMP_opt (a->fullname, i2d_GENERAL_NAMES);
- } else {
- M_ASN1_I2D_len_IMP_SET_opt_type(X509_NAME_ENTRY,
- a->relativename, i2d_X509_NAME_ENTRY, 1);
- }
-
- /* Don't want a SEQUENCE so... */
- if(pp == NULL) return ret;
- p = *pp;
-
- if(a->fullname) {
- M_ASN1_I2D_put_IMP_opt (a->fullname, i2d_GENERAL_NAMES, 0);
- } else {
- M_ASN1_I2D_put_IMP_SET_opt_type(X509_NAME_ENTRY,
- a->relativename, i2d_X509_NAME_ENTRY, 1);
- }
- M_ASN1_I2D_finish();
-}
-
-DIST_POINT_NAME *DIST_POINT_NAME_new(void)
-{
- DIST_POINT_NAME *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, DIST_POINT_NAME);
- ret->fullname = NULL;
- ret->relativename = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_DIST_POINT_NAME_NEW);
-}
-
-void DIST_POINT_NAME_free(DIST_POINT_NAME *a)
-{
- if (a == NULL) return;
- sk_X509_NAME_ENTRY_pop_free(a->relativename, X509_NAME_ENTRY_free);
- sk_GENERAL_NAME_pop_free(a->fullname, GENERAL_NAME_free);
- OPENSSL_free (a);
-}
-
-DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp,
- long length)
-{
- unsigned char _tmp, tag;
- M_ASN1_D2I_vars(a,DIST_POINT_NAME *,DIST_POINT_NAME_new);
- M_ASN1_D2I_Init();
- c.slen = length;
-
- _tmp = M_ASN1_next;
- tag = _tmp & ~V_ASN1_CONSTRUCTED;
-
- if(tag == (0|V_ASN1_CONTEXT_SPECIFIC)) {
- M_ASN1_D2I_get_imp(ret->fullname, d2i_GENERAL_NAMES,
- V_ASN1_SEQUENCE);
- } else if (tag == (1|V_ASN1_CONTEXT_SPECIFIC)) {
- M_ASN1_D2I_get_IMP_set_opt_type (X509_NAME_ENTRY,
- ret->relativename, d2i_X509_NAME_ENTRY, X509_NAME_ENTRY_free, 1);
- } else {
- c.error = ASN1_R_BAD_TAG;
- goto err;
- }
-
- M_ASN1_D2I_Finish(a, DIST_POINT_NAME_free, ASN1_F_D2I_DIST_POINT_NAME);
-}
diff --git a/src/lib/libcrypto/x509v3/v3_enum.c b/src/lib/libcrypto/x509v3/v3_enum.c
deleted file mode 100644
index aecfdc87f8..0000000000
--- a/src/lib/libcrypto/x509v3/v3_enum.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* v3_enum.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-
-static ENUMERATED_NAMES crl_reasons[] = {
-{0, "Unspecified", "unspecified"},
-{1, "Key Compromise", "keyCompromise"},
-{2, "CA Compromise", "CACompromise"},
-{3, "Affiliation Changed", "affiliationChanged"},
-{4, "Superseded", "superseded"},
-{5, "Cessation Of Operation", "cessationOfOperation"},
-{6, "Certificate Hold", "certificateHold"},
-{8, "Remove From CRL", "removeFromCRL"},
-{-1, NULL, NULL}
-};
-
-X509V3_EXT_METHOD v3_crl_reason = {
-NID_crl_reason, 0,
-(X509V3_EXT_NEW)ASN1_ENUMERATED_new,
-(X509V3_EXT_FREE)ASN1_ENUMERATED_free,
-(X509V3_EXT_D2I)d2i_ASN1_ENUMERATED,
-(X509V3_EXT_I2D)i2d_ASN1_ENUMERATED,
-(X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE,
-(X509V3_EXT_S2I)0,
-NULL, NULL, NULL, NULL, crl_reasons};
-
-
-char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method,
- ASN1_ENUMERATED *e)
-{
- ENUMERATED_NAMES *enam;
- long strval;
- strval = ASN1_ENUMERATED_get(e);
- for(enam = method->usr_data; enam->lname; enam++) {
- if(strval == enam->bitnum) return BUF_strdup(enam->lname);
- }
- return i2s_ASN1_ENUMERATED(method, e);
-}
diff --git a/src/lib/libcrypto/x509v3/v3_extku.c b/src/lib/libcrypto/x509v3/v3_extku.c
deleted file mode 100644
index 53ec40a027..0000000000
--- a/src/lib/libcrypto/x509v3/v3_extku.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* v3_extku.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
- STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *extlist);
-X509V3_EXT_METHOD v3_ext_ku = {
-NID_ext_key_usage, 0,
-(X509V3_EXT_NEW)ext_ku_new,
-(X509V3_EXT_FREE)ext_ku_free,
-(X509V3_EXT_D2I)d2i_ext_ku,
-(X509V3_EXT_I2D)i2d_ext_ku,
-NULL, NULL,
-(X509V3_EXT_I2V)i2v_ext_ku,
-(X509V3_EXT_V2I)v2i_ext_ku,
-NULL,NULL,
-NULL
-};
-
-STACK_OF(ASN1_OBJECT) *ext_ku_new(void)
-{
- return sk_ASN1_OBJECT_new_null();
-}
-
-void ext_ku_free(STACK_OF(ASN1_OBJECT) *eku)
-{
- sk_ASN1_OBJECT_pop_free(eku, ASN1_OBJECT_free);
- return;
-}
-
-int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp)
-{
- return i2d_ASN1_SET_OF_ASN1_OBJECT(a, pp, i2d_ASN1_OBJECT,
- V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
-}
-
-STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
- unsigned char **pp, long length)
-{
- return d2i_ASN1_SET_OF_ASN1_OBJECT(a, pp, length, d2i_ASN1_OBJECT,
- ASN1_OBJECT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
-
-
-static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
- STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *ext_list)
-{
-int i;
-ASN1_OBJECT *obj;
-char obj_tmp[80];
-for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {
- obj = sk_ASN1_OBJECT_value(eku, i);
- i2t_ASN1_OBJECT(obj_tmp, 80, obj);
- X509V3_add_value(NULL, obj_tmp, &ext_list);
-}
-return ext_list;
-}
-
-static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-STACK_OF(ASN1_OBJECT) *extku;
-char *extval;
-ASN1_OBJECT *objtmp;
-CONF_VALUE *val;
-int i;
-
-if(!(extku = sk_ASN1_OBJECT_new_null())) {
- X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE);
- return NULL;
-}
-
-for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
- val = sk_CONF_VALUE_value(nval, i);
- if(val->value) extval = val->value;
- else extval = val->name;
- if(!(objtmp = OBJ_txt2obj(extval, 0))) {
- sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
- X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER);
- X509V3_conf_err(val);
- return NULL;
- }
- sk_ASN1_OBJECT_push(extku, objtmp);
-}
-return extku;
-}
diff --git a/src/lib/libcrypto/x509v3/v3_genn.c b/src/lib/libcrypto/x509v3/v3_genn.c
deleted file mode 100644
index d44751458e..0000000000
--- a/src/lib/libcrypto/x509v3/v3_genn.c
+++ /dev/null
@@ -1,291 +0,0 @@
-/* v3_genn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp)
-{
- unsigned char *p;
- int ret;
-
- ret = 0;
-
- /* Save the location of initial TAG */
- if(pp) p = *pp;
- else p = NULL;
-
- /* GEN_DNAME needs special treatment because of EXPLICIT tag */
-
- if(a->type == GEN_DIRNAME) {
- int v = 0;
- M_ASN1_I2D_len_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v);
- if(!p) return ret;
- M_ASN1_I2D_put_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v);
- *pp = p;
- return ret;
- }
-
- switch(a->type) {
-
- case GEN_X400:
- case GEN_EDIPARTY:
- ret = i2d_ASN1_TYPE(a->d.other, pp);
- break;
-
- case GEN_OTHERNAME:
- ret = i2d_OTHERNAME(a->d.otherName, pp);
- break;
-
- case GEN_EMAIL:
- case GEN_DNS:
- case GEN_URI:
- ret = i2d_ASN1_IA5STRING(a->d.ia5, pp);
- break;
-
- case GEN_IPADD:
- ret = i2d_ASN1_OCTET_STRING(a->d.ip, pp);
- break;
-
- case GEN_RID:
- ret = i2d_ASN1_OBJECT(a->d.rid, pp);
- break;
- }
- /* Replace TAG with IMPLICIT value */
- if(p) *p = (*p & V_ASN1_CONSTRUCTED) | a->type;
- return ret;
-}
-
-GENERAL_NAME *GENERAL_NAME_new()
-{
- GENERAL_NAME *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, GENERAL_NAME);
- ret->type = -1;
- ret->d.ptr = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_GENERAL_NAME_NEW);
-}
-
-GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp,
- long length)
-{
- unsigned char _tmp;
- M_ASN1_D2I_vars(a,GENERAL_NAME *,GENERAL_NAME_new);
- M_ASN1_D2I_Init();
- c.slen = length;
-
- _tmp = M_ASN1_next;
- ret->type = _tmp & ~V_ASN1_CONSTRUCTED;
-
- switch(ret->type) {
- /* Just put these in a "blob" for now */
- case GEN_X400:
- case GEN_EDIPARTY:
- M_ASN1_D2I_get_imp(ret->d.other, d2i_ASN1_TYPE,V_ASN1_SEQUENCE);
- break;
-
- case GEN_OTHERNAME:
- M_ASN1_D2I_get_imp(ret->d.otherName, d2i_OTHERNAME,V_ASN1_SEQUENCE);
- break;
-
- case GEN_EMAIL:
- case GEN_DNS:
- case GEN_URI:
- M_ASN1_D2I_get_imp(ret->d.ia5, d2i_ASN1_IA5STRING,
- V_ASN1_IA5STRING);
- break;
-
- case GEN_DIRNAME:
- M_ASN1_D2I_get_EXP_opt(ret->d.dirn, d2i_X509_NAME, 4);
- break;
-
- case GEN_IPADD:
- M_ASN1_D2I_get_imp(ret->d.ip, d2i_ASN1_OCTET_STRING,
- V_ASN1_OCTET_STRING);
- break;
-
- case GEN_RID:
- M_ASN1_D2I_get_imp(ret->d.rid, d2i_ASN1_OBJECT,V_ASN1_OBJECT);
- break;
-
- default:
- c.error = ASN1_R_BAD_TAG;
- goto err;
- }
-
- c.slen = 0;
- M_ASN1_D2I_Finish(a, GENERAL_NAME_free, ASN1_F_D2I_GENERAL_NAME);
-}
-
-void GENERAL_NAME_free(GENERAL_NAME *a)
-{
- if (a == NULL) return;
- switch(a->type) {
- case GEN_X400:
- case GEN_EDIPARTY:
- ASN1_TYPE_free(a->d.other);
- break;
-
- case GEN_OTHERNAME:
- OTHERNAME_free(a->d.otherName);
- break;
-
- case GEN_EMAIL:
- case GEN_DNS:
- case GEN_URI:
-
- M_ASN1_IA5STRING_free(a->d.ia5);
- break;
-
- case GEN_DIRNAME:
- X509_NAME_free(a->d.dirn);
- break;
-
- case GEN_IPADD:
- M_ASN1_OCTET_STRING_free(a->d.ip);
- break;
-
- case GEN_RID:
- ASN1_OBJECT_free(a->d.rid);
- break;
-
- }
- OPENSSL_free (a);
-}
-
-/* Now the GeneralNames versions: a SEQUENCE OF GeneralName. These are needed as
- * explicit functions.
- */
-
-STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new()
-{
- return sk_GENERAL_NAME_new_null();
-}
-
-void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a)
-{
- sk_GENERAL_NAME_pop_free(a, GENERAL_NAME_free);
-}
-
-STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a,
- unsigned char **pp, long length)
-{
-return d2i_ASN1_SET_OF_GENERAL_NAME(a, pp, length, d2i_GENERAL_NAME,
- GENERAL_NAME_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
-int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp)
-{
-return i2d_ASN1_SET_OF_GENERAL_NAME(a, pp, i2d_GENERAL_NAME, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);
-}
-
-IMPLEMENT_STACK_OF(GENERAL_NAME)
-IMPLEMENT_ASN1_SET_OF(GENERAL_NAME)
-
-int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp)
-{
- int v = 0;
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->type_id, i2d_ASN1_OBJECT);
- M_ASN1_I2D_len_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->type_id, i2d_ASN1_OBJECT);
- M_ASN1_I2D_put_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
-
- M_ASN1_I2D_finish();
-}
-
-OTHERNAME *OTHERNAME_new(void)
-{
- OTHERNAME *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, OTHERNAME);
- ret->type_id = OBJ_nid2obj(NID_undef);
- M_ASN1_New(ret->value, ASN1_TYPE_new);
- return (ret);
- M_ASN1_New_Error(ASN1_F_OTHERNAME_NEW);
-}
-
-OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,OTHERNAME *,OTHERNAME_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->type_id, d2i_ASN1_OBJECT);
- M_ASN1_D2I_get_EXP_opt(ret->value, d2i_ASN1_TYPE, 0);
- M_ASN1_D2I_Finish(a, OTHERNAME_free, ASN1_F_D2I_OTHERNAME);
-}
-
-void OTHERNAME_free(OTHERNAME *a)
-{
- if (a == NULL) return;
- ASN1_OBJECT_free(a->type_id);
- ASN1_TYPE_free(a->value);
- OPENSSL_free (a);
-}
-
diff --git a/src/lib/libcrypto/x509v3/v3_ia5.c b/src/lib/libcrypto/x509v3/v3_ia5.c
deleted file mode 100644
index f3bba38269..0000000000
--- a/src/lib/libcrypto/x509v3/v3_ia5.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* v3_ia5.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
-static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-X509V3_EXT_METHOD v3_ns_ia5_list[] = {
-EXT_IA5STRING(NID_netscape_base_url),
-EXT_IA5STRING(NID_netscape_revocation_url),
-EXT_IA5STRING(NID_netscape_ca_revocation_url),
-EXT_IA5STRING(NID_netscape_renewal_url),
-EXT_IA5STRING(NID_netscape_ca_policy_url),
-EXT_IA5STRING(NID_netscape_ssl_server_name),
-EXT_IA5STRING(NID_netscape_comment),
-EXT_END
-};
-
-
-static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
- ASN1_IA5STRING *ia5)
-{
- char *tmp;
- if(!ia5 || !ia5->length) return NULL;
- tmp = OPENSSL_malloc(ia5->length + 1);
- memcpy(tmp, ia5->data, ia5->length);
- tmp[ia5->length] = 0;
- return tmp;
-}
-
-static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str)
-{
- ASN1_IA5STRING *ia5;
- if(!str) {
- X509V3err(X509V3_F_S2I_ASN1_IA5STRING,X509V3_R_INVALID_NULL_ARGUMENT);
- return NULL;
- }
- if(!(ia5 = M_ASN1_IA5STRING_new())) goto err;
- if(!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str,
- strlen(str))) {
- M_ASN1_IA5STRING_free(ia5);
- goto err;
- }
-#ifdef CHARSET_EBCDIC
- ebcdic2ascii(ia5->data, ia5->data, ia5->length);
-#endif /*CHARSET_EBCDIC*/
- return ia5;
- err:
- X509V3err(X509V3_F_S2I_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE);
- return NULL;
-}
-
diff --git a/src/lib/libcrypto/x509v3/v3_info.c b/src/lib/libcrypto/x509v3/v3_info.c
deleted file mode 100644
index a045a629ee..0000000000
--- a/src/lib/libcrypto/x509v3/v3_info.c
+++ /dev/null
@@ -1,236 +0,0 @@
-/* v3_info.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- STACK_OF(ACCESS_DESCRIPTION) *ainfo,
- STACK_OF(CONF_VALUE) *ret);
-static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-X509V3_EXT_METHOD v3_info =
-{ NID_info_access, X509V3_EXT_MULTILINE,
-(X509V3_EXT_NEW)AUTHORITY_INFO_ACCESS_new,
-(X509V3_EXT_FREE)AUTHORITY_INFO_ACCESS_free,
-(X509V3_EXT_D2I)d2i_AUTHORITY_INFO_ACCESS,
-(X509V3_EXT_I2D)i2d_AUTHORITY_INFO_ACCESS,
-NULL, NULL,
-(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
-(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
-NULL, NULL, NULL};
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- STACK_OF(ACCESS_DESCRIPTION) *ainfo,
- STACK_OF(CONF_VALUE) *ret)
-{
- ACCESS_DESCRIPTION *desc;
- int i;
- char objtmp[80], *ntmp;
- CONF_VALUE *vtmp;
- for(i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
- desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
- ret = i2v_GENERAL_NAME(method, desc->location, ret);
- if(!ret) break;
- vtmp = sk_CONF_VALUE_value(ret, i);
- i2t_ASN1_OBJECT(objtmp, 80, desc->method);
- ntmp = OPENSSL_malloc(strlen(objtmp) + strlen(vtmp->name) + 5);
- if(!ntmp) {
- X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
- ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- strcpy(ntmp, objtmp);
- strcat(ntmp, " - ");
- strcat(ntmp, vtmp->name);
- OPENSSL_free(vtmp->name);
- vtmp->name = ntmp;
-
- }
- if(!ret) return sk_CONF_VALUE_new_null();
- return ret;
-}
-
-static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
- STACK_OF(ACCESS_DESCRIPTION) *ainfo = NULL;
- CONF_VALUE *cnf, ctmp;
- ACCESS_DESCRIPTION *acc;
- int i, objlen;
- char *objtmp, *ptmp;
- if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
- X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
- cnf = sk_CONF_VALUE_value(nval, i);
- if(!(acc = ACCESS_DESCRIPTION_new())
- || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
- X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ptmp = strchr(cnf->name, ';');
- if(!ptmp) {
- X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_INVALID_SYNTAX);
- goto err;
- }
- objlen = ptmp - cnf->name;
- ctmp.name = ptmp + 1;
- ctmp.value = cnf->value;
- if(!(acc->location = v2i_GENERAL_NAME(method, ctx, &ctmp)))
- goto err;
- if(!(objtmp = OPENSSL_malloc(objlen + 1))) {
- X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- strncpy(objtmp, cnf->name, objlen);
- objtmp[objlen] = 0;
- acc->method = OBJ_txt2obj(objtmp, 0);
- if(!acc->method) {
- X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_BAD_OBJECT);
- ERR_add_error_data(2, "value=", objtmp);
- OPENSSL_free(objtmp);
- goto err;
- }
- OPENSSL_free(objtmp);
-
- }
- return ainfo;
- err:
- sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free);
- return NULL;
-}
-
-int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->method, i2d_ASN1_OBJECT);
- M_ASN1_I2D_len(a->location, i2d_GENERAL_NAME);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->method, i2d_ASN1_OBJECT);
- M_ASN1_I2D_put(a->location, i2d_GENERAL_NAME);
-
- M_ASN1_I2D_finish();
-}
-
-ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void)
-{
- ACCESS_DESCRIPTION *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, ACCESS_DESCRIPTION);
- ret->method = OBJ_nid2obj(NID_undef);
- ret->location = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_ACCESS_DESCRIPTION_NEW);
-}
-
-ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp,
- long length)
-{
- M_ASN1_D2I_vars(a,ACCESS_DESCRIPTION *,ACCESS_DESCRIPTION_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->method, d2i_ASN1_OBJECT);
- M_ASN1_D2I_get(ret->location, d2i_GENERAL_NAME);
- M_ASN1_D2I_Finish(a, ACCESS_DESCRIPTION_free, ASN1_F_D2I_ACCESS_DESCRIPTION);
-}
-
-void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a)
-{
- if (a == NULL) return;
- ASN1_OBJECT_free(a->method);
- GENERAL_NAME_free(a->location);
- OPENSSL_free (a);
-}
-
-STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void)
-{
- return sk_ACCESS_DESCRIPTION_new_null();
-}
-
-void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a)
-{
- sk_ACCESS_DESCRIPTION_pop_free(a, ACCESS_DESCRIPTION_free);
-}
-
-STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a,
- unsigned char **pp, long length)
-{
-return d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, length, d2i_ACCESS_DESCRIPTION,
- ACCESS_DESCRIPTION_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
-int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp)
-{
-return i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, i2d_ACCESS_DESCRIPTION, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);
-}
-
-IMPLEMENT_STACK_OF(ACCESS_DESCRIPTION)
-IMPLEMENT_ASN1_SET_OF(ACCESS_DESCRIPTION)
-
-
diff --git a/src/lib/libcrypto/x509v3/v3_int.c b/src/lib/libcrypto/x509v3/v3_int.c
deleted file mode 100644
index 63c201e5f4..0000000000
--- a/src/lib/libcrypto/x509v3/v3_int.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* v3_int.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-
-X509V3_EXT_METHOD v3_crl_num = {
-NID_crl_number, 0,
-(X509V3_EXT_NEW)ASN1_INTEGER_new,
-(X509V3_EXT_FREE)ASN1_INTEGER_free,
-(X509V3_EXT_D2I)d2i_ASN1_INTEGER,
-(X509V3_EXT_I2D)i2d_ASN1_INTEGER,
-(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
-(X509V3_EXT_S2I)0,
-NULL, NULL, NULL, NULL, NULL};
-
diff --git a/src/lib/libcrypto/x509v3/v3_lib.c b/src/lib/libcrypto/x509v3/v3_lib.c
deleted file mode 100644
index ea86b9ebb9..0000000000
--- a/src/lib/libcrypto/x509v3/v3_lib.c
+++ /dev/null
@@ -1,225 +0,0 @@
-/* v3_lib.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* X509 v3 extension utilities */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-#include "ext_dat.h"
-
-static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
-
-static int ext_cmp(const X509V3_EXT_METHOD * const *a,
- const X509V3_EXT_METHOD * const *b);
-static void ext_list_free(X509V3_EXT_METHOD *ext);
-
-int X509V3_EXT_add(X509V3_EXT_METHOD *ext)
-{
- if(!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
- X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if(!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
- X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- return 1;
-}
-
-static int ext_cmp(const X509V3_EXT_METHOD * const *a,
- const X509V3_EXT_METHOD * const *b)
-{
- return ((*a)->ext_nid - (*b)->ext_nid);
-}
-
-X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
-{
- X509V3_EXT_METHOD tmp, *t = &tmp, **ret;
- int idx;
- if(nid < 0) return NULL;
- tmp.ext_nid = nid;
- ret = (X509V3_EXT_METHOD **) OBJ_bsearch((char *)&t,
- (char *)standard_exts, STANDARD_EXTENSION_COUNT,
- sizeof(X509V3_EXT_METHOD *), (int (*)(const void *, const void *))ext_cmp);
- if(ret) return *ret;
- if(!ext_list) return NULL;
- idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
- if(idx == -1) return NULL;
- return sk_X509V3_EXT_METHOD_value(ext_list, idx);
-}
-
-X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)
-{
- int nid;
- if((nid = OBJ_obj2nid(ext->object)) == NID_undef) return NULL;
- return X509V3_EXT_get_nid(nid);
-}
-
-
-int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
-{
- for(;extlist->ext_nid!=-1;extlist++)
- if(!X509V3_EXT_add(extlist)) return 0;
- return 1;
-}
-
-int X509V3_EXT_add_alias(int nid_to, int nid_from)
-{
- X509V3_EXT_METHOD *ext, *tmpext;
- if(!(ext = X509V3_EXT_get_nid(nid_from))) {
- X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND);
- return 0;
- }
- if(!(tmpext = (X509V3_EXT_METHOD *)OPENSSL_malloc(sizeof(X509V3_EXT_METHOD)))) {
- X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- *tmpext = *ext;
- tmpext->ext_nid = nid_to;
- tmpext->ext_flags |= X509V3_EXT_DYNAMIC;
- return X509V3_EXT_add(tmpext);
-}
-
-void X509V3_EXT_cleanup(void)
-{
- sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);
- ext_list = NULL;
-}
-
-static void ext_list_free(X509V3_EXT_METHOD *ext)
-{
- if(ext->ext_flags & X509V3_EXT_DYNAMIC) OPENSSL_free(ext);
-}
-
-/* Legacy function: we don't need to add standard extensions
- * any more because they are now kept in ext_dat.h.
- */
-
-int X509V3_add_standard_extensions(void)
-{
- return 1;
-}
-
-/* Return an extension internal structure */
-
-void *X509V3_EXT_d2i(X509_EXTENSION *ext)
-{
- X509V3_EXT_METHOD *method;
- unsigned char *p;
- if(!(method = X509V3_EXT_get(ext)) || !method->d2i) return NULL;
- p = ext->value->data;
- return method->d2i(NULL, &p, ext->value->length);
-}
-
-/* Get critical flag and decoded version of extension from a NID.
- * The "idx" variable returns the last found extension and can
- * be used to retrieve multiple extensions of the same NID.
- * However multiple extensions with the same NID is usually
- * due to a badly encoded certificate so if idx is NULL we
- * choke if multiple extensions exist.
- * The "crit" variable is set to the critical value.
- * The return value is the decoded extension or NULL on
- * error. The actual error can have several different causes,
- * the value of *crit reflects the cause:
- * >= 0, extension found but not decoded (reflects critical value).
- * -1 extension not found.
- * -2 extension occurs more than once.
- */
-
-void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
-{
- int lastpos, i;
- X509_EXTENSION *ex, *found_ex = NULL;
- if(!x) {
- if(idx) *idx = -1;
- if(crit) *crit = -1;
- return NULL;
- }
- if(idx) lastpos = *idx + 1;
- else lastpos = 0;
- if(lastpos < 0) lastpos = 0;
- for(i = lastpos; i < sk_X509_EXTENSION_num(x); i++)
- {
- ex = sk_X509_EXTENSION_value(x, i);
- if(OBJ_obj2nid(ex->object) == nid) {
- if(idx) {
- *idx = i;
- break;
- } else if(found_ex) {
- /* Found more than one */
- if(crit) *crit = -2;
- return NULL;
- }
- found_ex = ex;
- }
- }
- if(found_ex) {
- /* Found it */
- if(crit) *crit = found_ex->critical;
- return X509V3_EXT_d2i(found_ex);
- }
-
- /* Extension not found */
- if(idx) *idx = -1;
- if(crit) *crit = -1;
- return NULL;
-}
-
-IMPLEMENT_STACK_OF(X509V3_EXT_METHOD)
diff --git a/src/lib/libcrypto/x509v3/v3_pku.c b/src/lib/libcrypto/x509v3/v3_pku.c
deleted file mode 100644
index 47f9e8f123..0000000000
--- a/src/lib/libcrypto/x509v3/v3_pku.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* v3_pku.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509v3.h>
-
-static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent);
-/*
-static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
-*/
-X509V3_EXT_METHOD v3_pkey_usage_period = {
-NID_private_key_usage_period, 0,
-(X509V3_EXT_NEW)PKEY_USAGE_PERIOD_new,
-(X509V3_EXT_FREE)PKEY_USAGE_PERIOD_free,
-(X509V3_EXT_D2I)d2i_PKEY_USAGE_PERIOD,
-(X509V3_EXT_I2D)i2d_PKEY_USAGE_PERIOD,
-NULL, NULL, NULL, NULL,
-(X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD, NULL,
-NULL
-};
-
-int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME);
- M_ASN1_I2D_len_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME, 0);
- M_ASN1_I2D_put_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME, 1);
-
- M_ASN1_I2D_finish();
-}
-
-PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void)
-{
- PKEY_USAGE_PERIOD *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, PKEY_USAGE_PERIOD);
- ret->notBefore = NULL;
- ret->notAfter = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_PKEY_USAGE_PERIOD_NEW);
-}
-
-PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a,
- unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,PKEY_USAGE_PERIOD *,PKEY_USAGE_PERIOD_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_IMP_opt (ret->notBefore, d2i_ASN1_GENERALIZEDTIME, 0,
- V_ASN1_GENERALIZEDTIME);
- M_ASN1_D2I_get_IMP_opt (ret->notAfter, d2i_ASN1_GENERALIZEDTIME, 1,
- V_ASN1_GENERALIZEDTIME);
- M_ASN1_D2I_Finish(a, PKEY_USAGE_PERIOD_free, ASN1_F_D2I_PKEY_USAGE_PERIOD);
-}
-
-void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a)
-{
- if (a == NULL) return;
- M_ASN1_GENERALIZEDTIME_free(a->notBefore);
- M_ASN1_GENERALIZEDTIME_free(a->notAfter);
- OPENSSL_free (a);
-}
-
-static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
- PKEY_USAGE_PERIOD *usage, BIO *out, int indent)
-{
- BIO_printf(out, "%*s", indent, "");
- if(usage->notBefore) {
- BIO_write(out, "Not Before: ", 12);
- ASN1_GENERALIZEDTIME_print(out, usage->notBefore);
- if(usage->notAfter) BIO_write(out, ", ", 2);
- }
- if(usage->notAfter) {
- BIO_write(out, "Not After: ", 11);
- ASN1_GENERALIZEDTIME_print(out, usage->notAfter);
- }
- return 1;
-}
-
-/*
-static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(method, ctx, values)
-X509V3_EXT_METHOD *method;
-X509V3_CTX *ctx;
-STACK_OF(CONF_VALUE) *values;
-{
-return NULL;
-}
-*/
diff --git a/src/lib/libcrypto/x509v3/v3_prn.c b/src/lib/libcrypto/x509v3/v3_prn.c
deleted file mode 100644
index 14b804c4ad..0000000000
--- a/src/lib/libcrypto/x509v3/v3_prn.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/* v3_prn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* X509 v3 extension utilities */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-/* Extension printing routines */
-
-/* Print out a name+value stack */
-
-void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml)
-{
- int i;
- CONF_VALUE *nval;
- if(!val) return;
- if(!ml || !sk_CONF_VALUE_num(val)) {
- BIO_printf(out, "%*s", indent, "");
- if(!sk_CONF_VALUE_num(val)) BIO_puts(out, "<EMPTY>\n");
- }
- for(i = 0; i < sk_CONF_VALUE_num(val); i++) {
- if(ml) BIO_printf(out, "%*s", indent, "");
- else if(i > 0) BIO_printf(out, ", ");
- nval = sk_CONF_VALUE_value(val, i);
- if(!nval->name) BIO_puts(out, nval->value);
- else if(!nval->value) BIO_puts(out, nval->name);
-#ifndef CHARSET_EBCDIC
- else BIO_printf(out, "%s:%s", nval->name, nval->value);
-#else
- else {
- int len;
- char *tmp;
- len = strlen(nval->value)+1;
- tmp = OPENSSL_malloc(len);
- if (tmp)
- {
- ascii2ebcdic(tmp, nval->value, len);
- BIO_printf(out, "%s:%s", nval->name, tmp);
- OPENSSL_free(tmp);
- }
- }
-#endif
- if(ml) BIO_puts(out, "\n");
- }
-}
-
-/* Main routine: print out a general extension */
-
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent)
-{
- char *ext_str = NULL, *value = NULL;
- unsigned char *p;
- X509V3_EXT_METHOD *method;
- STACK_OF(CONF_VALUE) *nval = NULL;
- int ok = 1;
- if(!(method = X509V3_EXT_get(ext))) return 0;
- p = ext->value->data;
- if(!(ext_str = method->d2i(NULL, &p, ext->value->length))) return 0;
- if(method->i2s) {
- if(!(value = method->i2s(method, ext_str))) {
- ok = 0;
- goto err;
- }
-#ifndef CHARSET_EBCDIC
- BIO_printf(out, "%*s%s", indent, "", value);
-#else
- {
- int len;
- char *tmp;
- len = strlen(value)+1;
- tmp = OPENSSL_malloc(len);
- if (tmp)
- {
- ascii2ebcdic(tmp, value, len);
- BIO_printf(out, "%*s%s", indent, "", tmp);
- OPENSSL_free(tmp);
- }
- }
-#endif
- } else if(method->i2v) {
- if(!(nval = method->i2v(method, ext_str, NULL))) {
- ok = 0;
- goto err;
- }
- X509V3_EXT_val_prn(out, nval, indent,
- method->ext_flags & X509V3_EXT_MULTILINE);
- } else if(method->i2r) {
- if(!method->i2r(method, ext_str, out, indent)) ok = 0;
- } else ok = 0;
-
- err:
- sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
- if(value) OPENSSL_free(value);
- method->ext_free(ext_str);
- return ok;
-}
-
-#ifndef NO_FP_API
-int X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent)
-{
- BIO *bio_tmp;
- int ret;
- if(!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE))) return 0;
- ret = X509V3_EXT_print(bio_tmp, ext, flag, indent);
- BIO_free(bio_tmp);
- return ret;
-}
-#endif
diff --git a/src/lib/libcrypto/x509v3/v3_purp.c b/src/lib/libcrypto/x509v3/v3_purp.c
deleted file mode 100644
index 8aecd00e63..0000000000
--- a/src/lib/libcrypto/x509v3/v3_purp.c
+++ /dev/null
@@ -1,535 +0,0 @@
-/* v3_purp.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-#include <openssl/x509_vfy.h>
-
-
-static void x509v3_cache_extensions(X509 *x);
-
-static int ca_check(const X509 *x);
-static int check_ssl_ca(const X509 *x);
-static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int purpose_smime(const X509 *x, int ca);
-static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca);
-
-static int xp_cmp(const X509_PURPOSE * const *a,
- const X509_PURPOSE * const *b);
-static void xptable_free(X509_PURPOSE *p);
-
-static X509_PURPOSE xstandard[] = {
- {X509_PURPOSE_SSL_CLIENT, X509_TRUST_SSL_CLIENT, 0, check_purpose_ssl_client, "SSL client", "sslclient", NULL},
- {X509_PURPOSE_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ssl_server, "SSL server", "sslserver", NULL},
- {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL},
- {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign, "S/MIME signing", "smimesign", NULL},
- {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL},
- {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL},
- {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL},
-};
-
-#define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE))
-
-IMPLEMENT_STACK_OF(X509_PURPOSE)
-
-static STACK_OF(X509_PURPOSE) *xptable = NULL;
-
-static int xp_cmp(const X509_PURPOSE * const *a,
- const X509_PURPOSE * const *b)
-{
- return (*a)->purpose - (*b)->purpose;
-}
-
-/* As much as I'd like to make X509_check_purpose use a "const" X509*
- * I really can't because it does recalculate hashes and do other non-const
- * things. */
-int X509_check_purpose(X509 *x, int id, int ca)
-{
- int idx;
- const X509_PURPOSE *pt;
- if(!(x->ex_flags & EXFLAG_SET)) {
- CRYPTO_w_lock(CRYPTO_LOCK_X509);
- x509v3_cache_extensions(x);
- CRYPTO_w_unlock(CRYPTO_LOCK_X509);
- }
- if(id == -1) return 1;
- idx = X509_PURPOSE_get_by_id(id);
- if(idx == -1) return -1;
- pt = X509_PURPOSE_get0(idx);
- return pt->check_purpose(pt, x, ca);
-}
-
-int X509_PURPOSE_get_count(void)
-{
- if(!xptable) return X509_PURPOSE_COUNT;
- return sk_X509_PURPOSE_num(xptable) + X509_PURPOSE_COUNT;
-}
-
-X509_PURPOSE * X509_PURPOSE_get0(int idx)
-{
- if(idx < 0) return NULL;
- if(idx < X509_PURPOSE_COUNT) return xstandard + idx;
- return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT);
-}
-
-int X509_PURPOSE_get_by_sname(char *sname)
-{
- int i;
- X509_PURPOSE *xptmp;
- for(i = 0; i < X509_PURPOSE_get_count(); i++) {
- xptmp = X509_PURPOSE_get0(i);
- if(!strcmp(xptmp->sname, sname)) return i;
- }
- return -1;
-}
-
-
-int X509_PURPOSE_get_by_id(int purpose)
-{
- X509_PURPOSE tmp;
- int idx;
- if((purpose >= X509_PURPOSE_MIN) && (purpose <= X509_PURPOSE_MAX))
- return purpose - X509_PURPOSE_MIN;
- tmp.purpose = purpose;
- if(!xptable) return -1;
- idx = sk_X509_PURPOSE_find(xptable, &tmp);
- if(idx == -1) return -1;
- return idx + X509_PURPOSE_COUNT;
-}
-
-int X509_PURPOSE_add(int id, int trust, int flags,
- int (*ck)(const X509_PURPOSE *, const X509 *, int),
- char *name, char *sname, void *arg)
-{
- int idx;
- X509_PURPOSE *ptmp;
- /* This is set according to what we change: application can't set it */
- flags &= ~X509_PURPOSE_DYNAMIC;
- /* This will always be set for application modified trust entries */
- flags |= X509_PURPOSE_DYNAMIC_NAME;
- /* Get existing entry if any */
- idx = X509_PURPOSE_get_by_id(id);
- /* Need a new entry */
- if(idx == -1) {
- if(!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) {
- X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- ptmp->flags = X509_PURPOSE_DYNAMIC;
- } else ptmp = X509_PURPOSE_get0(idx);
-
- /* OPENSSL_free existing name if dynamic */
- if(ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) {
- OPENSSL_free(ptmp->name);
- OPENSSL_free(ptmp->sname);
- }
- /* dup supplied name */
- ptmp->name = BUF_strdup(name);
- ptmp->sname = BUF_strdup(sname);
- if(!ptmp->name || !ptmp->sname) {
- X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- /* Keep the dynamic flag of existing entry */
- ptmp->flags &= X509_PURPOSE_DYNAMIC;
- /* Set all other flags */
- ptmp->flags |= flags;
-
- ptmp->purpose = id;
- ptmp->trust = trust;
- ptmp->check_purpose = ck;
- ptmp->usr_data = arg;
-
- /* If its a new entry manage the dynamic table */
- if(idx == -1) {
- if(!xptable && !(xptable = sk_X509_PURPOSE_new(xp_cmp))) {
- X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (!sk_X509_PURPOSE_push(xptable, ptmp)) {
- X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE);
- return 0;
- }
- }
- return 1;
-}
-
-static void xptable_free(X509_PURPOSE *p)
- {
- if(!p) return;
- if (p->flags & X509_PURPOSE_DYNAMIC)
- {
- if (p->flags & X509_PURPOSE_DYNAMIC_NAME) {
- OPENSSL_free(p->name);
- OPENSSL_free(p->sname);
- }
- OPENSSL_free(p);
- }
- }
-
-void X509_PURPOSE_cleanup(void)
-{
- int i;
- sk_X509_PURPOSE_pop_free(xptable, xptable_free);
- for(i = 0; i < X509_PURPOSE_COUNT; i++) xptable_free(xstandard + i);
- xptable = NULL;
-}
-
-int X509_PURPOSE_get_id(X509_PURPOSE *xp)
-{
- return xp->purpose;
-}
-
-char *X509_PURPOSE_get0_name(X509_PURPOSE *xp)
-{
- return xp->name;
-}
-
-char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp)
-{
- return xp->sname;
-}
-
-int X509_PURPOSE_get_trust(X509_PURPOSE *xp)
-{
- return xp->trust;
-}
-
-static void x509v3_cache_extensions(X509 *x)
-{
- BASIC_CONSTRAINTS *bs;
- ASN1_BIT_STRING *usage;
- ASN1_BIT_STRING *ns;
- STACK_OF(ASN1_OBJECT) *extusage;
-
- int i;
- if(x->ex_flags & EXFLAG_SET) return;
-#ifndef NO_SHA
- X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);
-#endif
- /* Does subject name match issuer ? */
- if(!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x)))
- x->ex_flags |= EXFLAG_SS;
- /* V1 should mean no extensions ... */
- if(!X509_get_version(x)) x->ex_flags |= EXFLAG_V1;
- /* Handle basic constraints */
- if((bs=X509_get_ext_d2i(x, NID_basic_constraints, NULL, NULL))) {
- if(bs->ca) x->ex_flags |= EXFLAG_CA;
- if(bs->pathlen) {
- if((bs->pathlen->type == V_ASN1_NEG_INTEGER)
- || !bs->ca) {
- x->ex_flags |= EXFLAG_INVALID;
- x->ex_pathlen = 0;
- } else x->ex_pathlen = ASN1_INTEGER_get(bs->pathlen);
- } else x->ex_pathlen = -1;
- BASIC_CONSTRAINTS_free(bs);
- x->ex_flags |= EXFLAG_BCONS;
- }
- /* Handle key usage */
- if((usage=X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) {
- if(usage->length > 0) {
- x->ex_kusage = usage->data[0];
- if(usage->length > 1)
- x->ex_kusage |= usage->data[1] << 8;
- } else x->ex_kusage = 0;
- x->ex_flags |= EXFLAG_KUSAGE;
- ASN1_BIT_STRING_free(usage);
- }
- x->ex_xkusage = 0;
- if((extusage=X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL))) {
- x->ex_flags |= EXFLAG_XKUSAGE;
- for(i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) {
- switch(OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage,i))) {
- case NID_server_auth:
- x->ex_xkusage |= XKU_SSL_SERVER;
- break;
-
- case NID_client_auth:
- x->ex_xkusage |= XKU_SSL_CLIENT;
- break;
-
- case NID_email_protect:
- x->ex_xkusage |= XKU_SMIME;
- break;
-
- case NID_code_sign:
- x->ex_xkusage |= XKU_CODE_SIGN;
- break;
-
- case NID_ms_sgc:
- case NID_ns_sgc:
- x->ex_xkusage |= XKU_SGC;
- }
- }
- sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free);
- }
-
- if((ns=X509_get_ext_d2i(x, NID_netscape_cert_type, NULL, NULL))) {
- if(ns->length > 0) x->ex_nscert = ns->data[0];
- else x->ex_nscert = 0;
- x->ex_flags |= EXFLAG_NSCERT;
- ASN1_BIT_STRING_free(ns);
- }
- x->skid =X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL);
- x->akid =X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL);
- x->ex_flags |= EXFLAG_SET;
-}
-
-/* CA checks common to all purposes
- * return codes:
- * 0 not a CA
- * 1 is a CA
- * 2 basicConstraints absent so "maybe" a CA
- * 3 basicConstraints absent but self signed V1.
- */
-
-#define V1_ROOT (EXFLAG_V1|EXFLAG_SS)
-#define ku_reject(x, usage) \
- (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
-#define xku_reject(x, usage) \
- (((x)->ex_flags & EXFLAG_XKUSAGE) && !((x)->ex_xkusage & (usage)))
-#define ns_reject(x, usage) \
- (((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage)))
-
-static int ca_check(const X509 *x)
-{
- /* keyUsage if present should allow cert signing */
- if(ku_reject(x, KU_KEY_CERT_SIGN)) return 0;
- if(x->ex_flags & EXFLAG_BCONS) {
- if(x->ex_flags & EXFLAG_CA) return 1;
- /* If basicConstraints says not a CA then say so */
- else return 0;
- } else {
- if((x->ex_flags & V1_ROOT) == V1_ROOT) return 3;
- /* If key usage present it must have certSign so tolerate it */
- else if (x->ex_flags & EXFLAG_KUSAGE) return 3;
- else return 2;
- }
-}
-
-/* Check SSL CA: common checks for SSL client and server */
-static int check_ssl_ca(const X509 *x)
-{
- int ca_ret;
- ca_ret = ca_check(x);
- if(!ca_ret) return 0;
- /* check nsCertType if present */
- if(x->ex_flags & EXFLAG_NSCERT) {
- if(x->ex_nscert & NS_SSL_CA) return ca_ret;
- return 0;
- }
- if(ca_ret != 2) return ca_ret;
- else return 0;
-}
-
-
-static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
- if(xku_reject(x,XKU_SSL_CLIENT)) return 0;
- if(ca) return check_ssl_ca(x);
- /* We need to do digital signatures with it */
- if(ku_reject(x,KU_DIGITAL_SIGNATURE)) return 0;
- /* nsCertType if present should allow SSL client use */
- if(ns_reject(x, NS_SSL_CLIENT)) return 0;
- return 1;
-}
-
-static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
- if(xku_reject(x,XKU_SSL_SERVER|XKU_SGC)) return 0;
- if(ca) return check_ssl_ca(x);
-
- if(ns_reject(x, NS_SSL_SERVER)) return 0;
- /* Now as for keyUsage: we'll at least need to sign OR encipher */
- if(ku_reject(x, KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT)) return 0;
-
- return 1;
-
-}
-
-static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
- int ret;
- ret = check_purpose_ssl_server(xp, x, ca);
- if(!ret || ca) return ret;
- /* We need to encipher or Netscape complains */
- if(ku_reject(x, KU_KEY_ENCIPHERMENT)) return 0;
- return ret;
-}
-
-/* common S/MIME checks */
-static int purpose_smime(const X509 *x, int ca)
-{
- if(xku_reject(x,XKU_SMIME)) return 0;
- if(ca) {
- int ca_ret;
- ca_ret = ca_check(x);
- if(!ca_ret) return 0;
- /* check nsCertType if present */
- if(x->ex_flags & EXFLAG_NSCERT) {
- if(x->ex_nscert & NS_SMIME_CA) return ca_ret;
- return 0;
- }
- if(ca_ret != 2) return ca_ret;
- else return 0;
- }
- if(x->ex_flags & EXFLAG_NSCERT) {
- if(x->ex_nscert & NS_SMIME) return 1;
- /* Workaround for some buggy certificates */
- if(x->ex_nscert & NS_SSL_CLIENT) return 2;
- return 0;
- }
- return 1;
-}
-
-static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
- int ret;
- ret = purpose_smime(x, ca);
- if(!ret || ca) return ret;
- if(ku_reject(x, KU_DIGITAL_SIGNATURE|KU_NON_REPUDIATION)) return 0;
- return ret;
-}
-
-static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
- int ret;
- ret = purpose_smime(x, ca);
- if(!ret || ca) return ret;
- if(ku_reject(x, KU_KEY_ENCIPHERMENT)) return 0;
- return ret;
-}
-
-static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
- if(ca) {
- int ca_ret;
- if((ca_ret = ca_check(x)) != 2) return ca_ret;
- else return 0;
- }
- if(ku_reject(x, KU_CRL_SIGN)) return 0;
- return 1;
-}
-
-static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
- return 1;
-}
-
-/* Various checks to see if one certificate issued the second.
- * This can be used to prune a set of possible issuer certificates
- * which have been looked up using some simple method such as by
- * subject name.
- * These are:
- * 1. Check issuer_name(subject) == subject_name(issuer)
- * 2. If akid(subject) exists check it matches issuer
- * 3. If key_usage(issuer) exists check it supports certificate signing
- * returns 0 for OK, positive for reason for mismatch, reasons match
- * codes for X509_verify_cert()
- */
-
-int X509_check_issued(X509 *issuer, X509 *subject)
-{
- if(X509_NAME_cmp(X509_get_subject_name(issuer),
- X509_get_issuer_name(subject)))
- return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
- x509v3_cache_extensions(issuer);
- x509v3_cache_extensions(subject);
- if(subject->akid) {
- /* Check key ids (if present) */
- if(subject->akid->keyid && issuer->skid &&
- ASN1_OCTET_STRING_cmp(subject->akid->keyid, issuer->skid) )
- return X509_V_ERR_AKID_SKID_MISMATCH;
- /* Check serial number */
- if(subject->akid->serial &&
- ASN1_INTEGER_cmp(X509_get_serialNumber(issuer),
- subject->akid->serial))
- return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
- /* Check issuer name */
- if(subject->akid->issuer) {
- /* Ugh, for some peculiar reason AKID includes
- * SEQUENCE OF GeneralName. So look for a DirName.
- * There may be more than one but we only take any
- * notice of the first.
- */
- STACK_OF(GENERAL_NAME) *gens;
- GENERAL_NAME *gen;
- X509_NAME *nm = NULL;
- int i;
- gens = subject->akid->issuer;
- for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
- gen = sk_GENERAL_NAME_value(gens, i);
- if(gen->type == GEN_DIRNAME) {
- nm = gen->d.dirn;
- break;
- }
- }
- if(nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer)))
- return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
- }
- }
- if(ku_reject(issuer, KU_KEY_CERT_SIGN)) return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
- return X509_V_OK;
-}
-
diff --git a/src/lib/libcrypto/x509v3/v3_skey.c b/src/lib/libcrypto/x509v3/v3_skey.c
deleted file mode 100644
index 939845fa8f..0000000000
--- a/src/lib/libcrypto/x509v3/v3_skey.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* v3_skey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-
-static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-X509V3_EXT_METHOD v3_skey_id = {
-NID_subject_key_identifier, 0,
-(X509V3_EXT_NEW)ASN1_OCTET_STRING_new,
-(X509V3_EXT_FREE)ASN1_OCTET_STRING_free,
-(X509V3_EXT_D2I)d2i_ASN1_OCTET_STRING,
-(X509V3_EXT_I2D)i2d_ASN1_OCTET_STRING,
-(X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
-(X509V3_EXT_S2I)s2i_skey_id,
-NULL, NULL, NULL, NULL, NULL};
-
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
- ASN1_OCTET_STRING *oct)
-{
- return hex_to_string(oct->data, oct->length);
-}
-
-ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str)
-{
- ASN1_OCTET_STRING *oct;
- long length;
-
- if(!(oct = M_ASN1_OCTET_STRING_new())) {
- X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- if(!(oct->data = string_to_hex(str, &length))) {
- M_ASN1_OCTET_STRING_free(oct);
- return NULL;
- }
-
- oct->length = length;
-
- return oct;
-
-}
-
-static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str)
-{
- ASN1_OCTET_STRING *oct;
- ASN1_BIT_STRING *pk;
- unsigned char pkey_dig[EVP_MAX_MD_SIZE];
- EVP_MD_CTX md;
- unsigned int diglen;
-
- if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str);
-
- if(!(oct = M_ASN1_OCTET_STRING_new())) {
- X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- if(ctx && (ctx->flags == CTX_TEST)) return oct;
-
- if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) {
- X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY);
- goto err;
- }
-
- if(ctx->subject_req)
- pk = ctx->subject_req->req_info->pubkey->public_key;
- else pk = ctx->subject_cert->cert_info->key->public_key;
-
- if(!pk) {
- X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY);
- goto err;
- }
-
- EVP_DigestInit(&md, EVP_sha1());
- EVP_DigestUpdate(&md, pk->data, pk->length);
- EVP_DigestFinal(&md, pkey_dig, &diglen);
-
- if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
- X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- return oct;
-
- err:
- M_ASN1_OCTET_STRING_free(oct);
- return NULL;
-}
diff --git a/src/lib/libcrypto/x509v3/v3_sxnet.c b/src/lib/libcrypto/x509v3/v3_sxnet.c
deleted file mode 100644
index bfecacd336..0000000000
--- a/src/lib/libcrypto/x509v3/v3_sxnet.c
+++ /dev/null
@@ -1,340 +0,0 @@
-/* v3_sxnet.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509v3.h>
-
-/* Support for Thawte strong extranet extension */
-
-#define SXNET_TEST
-
-static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent);
-#ifdef SXNET_TEST
-static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *nval);
-#endif
-X509V3_EXT_METHOD v3_sxnet = {
-NID_sxnet, X509V3_EXT_MULTILINE,
-(X509V3_EXT_NEW)SXNET_new,
-(X509V3_EXT_FREE)SXNET_free,
-(X509V3_EXT_D2I)d2i_SXNET,
-(X509V3_EXT_I2D)i2d_SXNET,
-NULL, NULL,
-NULL,
-#ifdef SXNET_TEST
-(X509V3_EXT_V2I)sxnet_v2i,
-#else
-NULL,
-#endif
-(X509V3_EXT_I2R)sxnet_i2r,
-NULL,
-NULL
-};
-
-
-int i2d_SXNET(SXNET *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
-
- M_ASN1_I2D_finish();
-}
-
-SXNET *SXNET_new(void)
-{
- SXNET *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, SXNET);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->ids,sk_SXNETID_new_null);
- return (ret);
- M_ASN1_New_Error(ASN1_F_SXNET_NEW);
-}
-
-SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,SXNET *,SXNET_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
- M_ASN1_D2I_get_seq_type (SXNETID, ret->ids, d2i_SXNETID, SXNETID_free);
- M_ASN1_D2I_Finish(a, SXNET_free, ASN1_F_D2I_SXNET);
-}
-
-void SXNET_free(SXNET *a)
-{
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- sk_SXNETID_pop_free(a->ids, SXNETID_free);
- OPENSSL_free (a);
-}
-
-int i2d_SXNETID(SXNETID *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->zone, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len (a->user, i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->zone, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put (a->user, i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_finish();
-}
-
-SXNETID *SXNETID_new(void)
-{
- SXNETID *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, SXNETID);
- ret->zone = NULL;
- M_ASN1_New(ret->user,M_ASN1_OCTET_STRING_new);
- return (ret);
- M_ASN1_New_Error(ASN1_F_SXNETID_NEW);
-}
-
-SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,SXNETID *,SXNETID_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->zone, d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->user, d2i_ASN1_OCTET_STRING);
- M_ASN1_D2I_Finish(a, SXNETID_free, ASN1_F_D2I_SXNETID);
-}
-
-void SXNETID_free(SXNETID *a)
-{
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->zone);
- M_ASN1_OCTET_STRING_free(a->user);
- OPENSSL_free (a);
-}
-
-static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
- int indent)
-{
- long v;
- char *tmp;
- SXNETID *id;
- int i;
- v = ASN1_INTEGER_get(sx->version);
- BIO_printf(out, "%*sVersion: %d (0x%X)", indent, "", v + 1, v);
- for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
- id = sk_SXNETID_value(sx->ids, i);
- tmp = i2s_ASN1_INTEGER(NULL, id->zone);
- BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
- OPENSSL_free(tmp);
- M_ASN1_OCTET_STRING_print(out, id->user);
- }
- return 1;
-}
-
-#ifdef SXNET_TEST
-
-/* NBB: this is used for testing only. It should *not* be used for anything
- * else because it will just take static IDs from the configuration file and
- * they should really be separate values for each user.
- */
-
-
-static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *nval)
-{
- CONF_VALUE *cnf;
- SXNET *sx = NULL;
- int i;
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
- cnf = sk_CONF_VALUE_value(nval, i);
- if(!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
- return NULL;
- }
- return sx;
-}
-
-
-#endif
-
-/* Strong Extranet utility functions */
-
-/* Add an id given the zone as an ASCII number */
-
-int SXNET_add_id_asc(SXNET **psx, char *zone, char *user,
- int userlen)
-{
- ASN1_INTEGER *izone = NULL;
- if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
- X509V3err(X509V3_F_SXNET_ADD_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
- return 0;
- }
- return SXNET_add_id_INTEGER(psx, izone, user, userlen);
-}
-
-/* Add an id given the zone as an unsigned long */
-
-int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
- int userlen)
-{
- ASN1_INTEGER *izone = NULL;
- if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
- X509V3err(X509V3_F_SXNET_ADD_ID_ULONG,ERR_R_MALLOC_FAILURE);
- M_ASN1_INTEGER_free(izone);
- return 0;
- }
- return SXNET_add_id_INTEGER(psx, izone, user, userlen);
-
-}
-
-/* Add an id given the zone as an ASN1_INTEGER.
- * Note this version uses the passed integer and doesn't make a copy so don't
- * free it up afterwards.
- */
-
-int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user,
- int userlen)
-{
- SXNET *sx = NULL;
- SXNETID *id = NULL;
- if(!psx || !zone || !user) {
- X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_INVALID_NULL_ARGUMENT);
- return 0;
- }
- if(userlen == -1) userlen = strlen(user);
- if(userlen > 64) {
- X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_USER_TOO_LONG);
- return 0;
- }
- if(!*psx) {
- if(!(sx = SXNET_new())) goto err;
- if(!ASN1_INTEGER_set(sx->version, 0)) goto err;
- *psx = sx;
- } else sx = *psx;
- if(SXNET_get_id_INTEGER(sx, zone)) {
- X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_DUPLICATE_ZONE_ID);
- return 0;
- }
-
- if(!(id = SXNETID_new())) goto err;
- if(userlen == -1) userlen = strlen(user);
-
- if(!M_ASN1_OCTET_STRING_set(id->user, user, userlen)) goto err;
- if(!sk_SXNETID_push(sx->ids, id)) goto err;
- id->zone = zone;
- return 1;
-
- err:
- X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,ERR_R_MALLOC_FAILURE);
- SXNETID_free(id);
- SXNET_free(sx);
- *psx = NULL;
- return 0;
-}
-
-ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone)
-{
- ASN1_INTEGER *izone = NULL;
- ASN1_OCTET_STRING *oct;
- if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
- X509V3err(X509V3_F_SXNET_GET_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
- return NULL;
- }
- oct = SXNET_get_id_INTEGER(sx, izone);
- M_ASN1_INTEGER_free(izone);
- return oct;
-}
-
-ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
-{
- ASN1_INTEGER *izone = NULL;
- ASN1_OCTET_STRING *oct;
- if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
- X509V3err(X509V3_F_SXNET_GET_ID_ULONG,ERR_R_MALLOC_FAILURE);
- M_ASN1_INTEGER_free(izone);
- return NULL;
- }
- oct = SXNET_get_id_INTEGER(sx, izone);
- M_ASN1_INTEGER_free(izone);
- return oct;
-}
-
-ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone)
-{
- SXNETID *id;
- int i;
- for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
- id = sk_SXNETID_value(sx->ids, i);
- if(!M_ASN1_INTEGER_cmp(id->zone, zone)) return id->user;
- }
- return NULL;
-}
-
-IMPLEMENT_STACK_OF(SXNETID)
-IMPLEMENT_ASN1_SET_OF(SXNETID)
diff --git a/src/lib/libcrypto/x509v3/v3_utl.c b/src/lib/libcrypto/x509v3/v3_utl.c
deleted file mode 100644
index 619f161b58..0000000000
--- a/src/lib/libcrypto/x509v3/v3_utl.c
+++ /dev/null
@@ -1,516 +0,0 @@
-/* v3_utl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* X509 v3 extension utilities */
-
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static char *strip_spaces(char *name);
-static int sk_strcmp(const char * const *a, const char * const *b);
-static STACK *get_email(X509_NAME *name, STACK_OF(GENERAL_NAME) *gens);
-static void str_free(void *str);
-static int append_ia5(STACK **sk, ASN1_IA5STRING *email);
-
-/* Add a CONF_VALUE name value pair to stack */
-
-int X509V3_add_value(const char *name, const char *value,
- STACK_OF(CONF_VALUE) **extlist)
-{
- CONF_VALUE *vtmp = NULL;
- char *tname = NULL, *tvalue = NULL;
- if(name && !(tname = BUF_strdup(name))) goto err;
- if(value && !(tvalue = BUF_strdup(value))) goto err;;
- if(!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) goto err;
- if(!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) goto err;
- vtmp->section = NULL;
- vtmp->name = tname;
- vtmp->value = tvalue;
- if(!sk_CONF_VALUE_push(*extlist, vtmp)) goto err;
- return 1;
- err:
- X509V3err(X509V3_F_X509V3_ADD_VALUE,ERR_R_MALLOC_FAILURE);
- if(vtmp) OPENSSL_free(vtmp);
- if(tname) OPENSSL_free(tname);
- if(tvalue) OPENSSL_free(tvalue);
- return 0;
-}
-
-int X509V3_add_value_uchar(const char *name, const unsigned char *value,
- STACK_OF(CONF_VALUE) **extlist)
- {
- return X509V3_add_value(name,(const char *)value,extlist);
- }
-
-/* Free function for STACK_OF(CONF_VALUE) */
-
-void X509V3_conf_free(CONF_VALUE *conf)
-{
- if(!conf) return;
- if(conf->name) OPENSSL_free(conf->name);
- if(conf->value) OPENSSL_free(conf->value);
- if(conf->section) OPENSSL_free(conf->section);
- OPENSSL_free(conf);
-}
-
-int X509V3_add_value_bool(const char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist)
-{
- if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist);
- return X509V3_add_value(name, "FALSE", extlist);
-}
-
-int X509V3_add_value_bool_nf(char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist)
-{
- if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist);
- return 1;
-}
-
-
-char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
-{
- BIGNUM *bntmp = NULL;
- char *strtmp = NULL;
- if(!a) return NULL;
- if(!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
- !(strtmp = BN_bn2dec(bntmp)) )
- X509V3err(X509V3_F_I2S_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
- BN_free(bntmp);
- return strtmp;
-}
-
-char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
-{
- BIGNUM *bntmp = NULL;
- char *strtmp = NULL;
- if(!a) return NULL;
- if(!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
- !(strtmp = BN_bn2dec(bntmp)) )
- X509V3err(X509V3_F_I2S_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
- BN_free(bntmp);
- return strtmp;
-}
-
-ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
-{
- BIGNUM *bn = NULL;
- ASN1_INTEGER *aint;
- bn = BN_new();
- if(!value) {
- X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_INVALID_NULL_VALUE);
- return 0;
- }
- if(!BN_dec2bn(&bn, value)) {
- X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_DEC2BN_ERROR);
- return 0;
- }
-
- if(!(aint = BN_to_ASN1_INTEGER(bn, NULL))) {
- X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
- return 0;
- }
- BN_free(bn);
- return aint;
-}
-
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
- STACK_OF(CONF_VALUE) **extlist)
-{
- char *strtmp;
- int ret;
- if(!aint) return 1;
- if(!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) return 0;
- ret = X509V3_add_value(name, strtmp, extlist);
- OPENSSL_free(strtmp);
- return ret;
-}
-
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
-{
- char *btmp;
- if(!(btmp = value->value)) goto err;
- if(!strcmp(btmp, "TRUE") || !strcmp(btmp, "true")
- || !strcmp(btmp, "Y") || !strcmp(btmp, "y")
- || !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) {
- *asn1_bool = 0xff;
- return 1;
- } else if(!strcmp(btmp, "FALSE") || !strcmp(btmp, "false")
- || !strcmp(btmp, "N") || !strcmp(btmp, "n")
- || !strcmp(btmp, "NO") || !strcmp(btmp, "no")) {
- *asn1_bool = 0;
- return 1;
- }
- err:
- X509V3err(X509V3_F_X509V3_GET_VALUE_BOOL,X509V3_R_INVALID_BOOLEAN_STRING);
- X509V3_conf_err(value);
- return 0;
-}
-
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
-{
- ASN1_INTEGER *itmp;
- if(!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
- X509V3_conf_err(value);
- return 0;
- }
- *aint = itmp;
- return 1;
-}
-
-#define HDR_NAME 1
-#define HDR_VALUE 2
-
-/*#define DEBUG*/
-
-STACK_OF(CONF_VALUE) *X509V3_parse_list(char *line)
-{
- char *p, *q, c;
- char *ntmp, *vtmp;
- STACK_OF(CONF_VALUE) *values = NULL;
- char *linebuf;
- int state;
- /* We are going to modify the line so copy it first */
- linebuf = BUF_strdup(line);
- state = HDR_NAME;
- ntmp = NULL;
- /* Go through all characters */
- for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) {
-
- switch(state) {
- case HDR_NAME:
- if(c == ':') {
- state = HDR_VALUE;
- *p = 0;
- ntmp = strip_spaces(q);
- if(!ntmp) {
- X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
- goto err;
- }
- q = p + 1;
- } else if(c == ',') {
- *p = 0;
- ntmp = strip_spaces(q);
- q = p + 1;
-#ifdef DEBUG
- printf("%s\n", ntmp);
-#endif
- if(!ntmp) {
- X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
- goto err;
- }
- X509V3_add_value(ntmp, NULL, &values);
- }
- break ;
-
- case HDR_VALUE:
- if(c == ',') {
- state = HDR_NAME;
- *p = 0;
- vtmp = strip_spaces(q);
-#ifdef DEBUG
- printf("%s\n", ntmp);
-#endif
- if(!vtmp) {
- X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE);
- goto err;
- }
- X509V3_add_value(ntmp, vtmp, &values);
- ntmp = NULL;
- q = p + 1;
- }
-
- }
- }
-
- if(state == HDR_VALUE) {
- vtmp = strip_spaces(q);
-#ifdef DEBUG
- printf("%s=%s\n", ntmp, vtmp);
-#endif
- if(!vtmp) {
- X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE);
- goto err;
- }
- X509V3_add_value(ntmp, vtmp, &values);
- } else {
- ntmp = strip_spaces(q);
-#ifdef DEBUG
- printf("%s\n", ntmp);
-#endif
- if(!ntmp) {
- X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
- goto err;
- }
- X509V3_add_value(ntmp, NULL, &values);
- }
-OPENSSL_free(linebuf);
-return values;
-
-err:
-OPENSSL_free(linebuf);
-sk_CONF_VALUE_pop_free(values, X509V3_conf_free);
-return NULL;
-
-}
-
-/* Delete leading and trailing spaces from a string */
-static char *strip_spaces(char *name)
-{
- char *p, *q;
- /* Skip over leading spaces */
- p = name;
- while(*p && isspace((unsigned char)*p)) p++;
- if(!*p) return NULL;
- q = p + strlen(p) - 1;
- while((q != p) && isspace((unsigned char)*q)) q--;
- if(p != q) q[1] = 0;
- if(!*p) return NULL;
- return p;
-}
-
-/* hex string utilities */
-
-/* Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its
- * hex representation
- * @@@ (Contents of buffer are always kept in ASCII, also on EBCDIC machines)
- */
-
-char *hex_to_string(unsigned char *buffer, long len)
-{
- char *tmp, *q;
- unsigned char *p;
- int i;
- static char hexdig[] = "0123456789ABCDEF";
- if(!buffer || !len) return NULL;
- if(!(tmp = OPENSSL_malloc(len * 3 + 1))) {
- X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- q = tmp;
- for(i = 0, p = buffer; i < len; i++,p++) {
- *q++ = hexdig[(*p >> 4) & 0xf];
- *q++ = hexdig[*p & 0xf];
- *q++ = ':';
- }
- q[-1] = 0;
-#ifdef CHARSET_EBCDIC
- ebcdic2ascii(tmp, tmp, q - tmp - 1);
-#endif
-
- return tmp;
-}
-
-/* Give a string of hex digits convert to
- * a buffer
- */
-
-unsigned char *string_to_hex(char *str, long *len)
-{
- unsigned char *hexbuf, *q;
- unsigned char ch, cl, *p;
- if(!str) {
- X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_INVALID_NULL_ARGUMENT);
- return NULL;
- }
- if(!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) goto err;
- for(p = (unsigned char *)str, q = hexbuf; *p;) {
- ch = *p++;
-#ifdef CHARSET_EBCDIC
- ch = os_toebcdic[ch];
-#endif
- if(ch == ':') continue;
- cl = *p++;
-#ifdef CHARSET_EBCDIC
- cl = os_toebcdic[cl];
-#endif
- if(!cl) {
- X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ODD_NUMBER_OF_DIGITS);
- OPENSSL_free(hexbuf);
- return NULL;
- }
- if(isupper(ch)) ch = tolower(ch);
- if(isupper(cl)) cl = tolower(cl);
-
- if((ch >= '0') && (ch <= '9')) ch -= '0';
- else if ((ch >= 'a') && (ch <= 'f')) ch -= 'a' - 10;
- else goto badhex;
-
- if((cl >= '0') && (cl <= '9')) cl -= '0';
- else if ((cl >= 'a') && (cl <= 'f')) cl -= 'a' - 10;
- else goto badhex;
-
- *q++ = (ch << 4) | cl;
- }
-
- if(len) *len = q - hexbuf;
-
- return hexbuf;
-
- err:
- if(hexbuf) OPENSSL_free(hexbuf);
- X509V3err(X509V3_F_STRING_TO_HEX,ERR_R_MALLOC_FAILURE);
- return NULL;
-
- badhex:
- OPENSSL_free(hexbuf);
- X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ILLEGAL_HEX_DIGIT);
- return NULL;
-
-}
-
-/* V2I name comparison function: returns zero if 'name' matches
- * cmp or cmp.*
- */
-
-int name_cmp(const char *name, const char *cmp)
-{
- int len, ret;
- char c;
- len = strlen(cmp);
- if((ret = strncmp(name, cmp, len))) return ret;
- c = name[len];
- if(!c || (c=='.')) return 0;
- return 1;
-}
-
-static int sk_strcmp(const char * const *a, const char * const *b)
-{
- return strcmp(*a, *b);
-}
-
-STACK *X509_get1_email(X509 *x)
-{
- STACK_OF(GENERAL_NAME) *gens;
- STACK *ret;
- gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
- ret = get_email(X509_get_subject_name(x), gens);
- sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
- return ret;
-}
-
-STACK *X509_REQ_get1_email(X509_REQ *x)
-{
- STACK_OF(GENERAL_NAME) *gens;
- STACK_OF(X509_EXTENSION) *exts;
- STACK *ret;
- exts = X509_REQ_get_extensions(x);
- gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL);
- ret = get_email(X509_REQ_get_subject_name(x), gens);
- sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
- sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
- return ret;
-}
-
-
-static STACK *get_email(X509_NAME *name, STACK_OF(GENERAL_NAME) *gens)
-{
- STACK *ret = NULL;
- X509_NAME_ENTRY *ne;
- ASN1_IA5STRING *email;
- GENERAL_NAME *gen;
- int i;
- /* Now add any email address(es) to STACK */
- i = -1;
- /* First supplied X509_NAME */
- while((i = X509_NAME_get_index_by_NID(name,
- NID_pkcs9_emailAddress, i)) > 0) {
- ne = X509_NAME_get_entry(name, i);
- email = X509_NAME_ENTRY_get_data(ne);
- if(!append_ia5(&ret, email)) return NULL;
- }
- for(i = 0; i < sk_GENERAL_NAME_num(gens); i++)
- {
- gen = sk_GENERAL_NAME_value(gens, i);
- if(gen->type != GEN_EMAIL) continue;
- if(!append_ia5(&ret, gen->d.ia5)) return NULL;
- }
- return ret;
-}
-
-static void str_free(void *str)
-{
- OPENSSL_free(str);
-}
-
-static int append_ia5(STACK **sk, ASN1_IA5STRING *email)
-{
- char *emtmp;
- /* First some sanity checks */
- if(email->type != V_ASN1_IA5STRING) return 1;
- if(!email->data || !email->length) return 1;
- if(!*sk) *sk = sk_new(sk_strcmp);
- if(!*sk) return 0;
- /* Don't add duplicates */
- if(sk_find(*sk, (char *)email->data) != -1) return 1;
- emtmp = BUF_strdup((char *)email->data);
- if(!emtmp || !sk_push(*sk, emtmp)) {
- X509_email_free(*sk);
- *sk = NULL;
- return 0;
- }
- return 1;
-}
-
-void X509_email_free(STACK *sk)
-{
- sk_pop_free(sk, str_free);
-}
diff --git a/src/lib/libcrypto/x509v3/v3err.c b/src/lib/libcrypto/x509v3/v3err.c
deleted file mode 100644
index aa4a605dc4..0000000000
--- a/src/lib/libcrypto/x509v3/v3err.c
+++ /dev/null
@@ -1,176 +0,0 @@
-/* crypto/x509v3/v3err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA X509V3_str_functs[]=
- {
-{ERR_PACK(0,X509V3_F_COPY_EMAIL,0), "COPY_EMAIL"},
-{ERR_PACK(0,X509V3_F_COPY_ISSUER,0), "COPY_ISSUER"},
-{ERR_PACK(0,X509V3_F_DO_EXT_CONF,0), "DO_EXT_CONF"},
-{ERR_PACK(0,X509V3_F_DO_EXT_I2D,0), "DO_EXT_I2D"},
-{ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"},
-{ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0), "i2s_ASN1_ENUMERATED"},
-{ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0), "i2s_ASN1_INTEGER"},
-{ERR_PACK(0,X509V3_F_I2V_AUTHORITY_INFO_ACCESS,0), "I2V_AUTHORITY_INFO_ACCESS"},
-{ERR_PACK(0,X509V3_F_NOTICE_SECTION,0), "NOTICE_SECTION"},
-{ERR_PACK(0,X509V3_F_NREF_NOS,0), "NREF_NOS"},
-{ERR_PACK(0,X509V3_F_POLICY_SECTION,0), "POLICY_SECTION"},
-{ERR_PACK(0,X509V3_F_R2I_CERTPOL,0), "R2I_CERTPOL"},
-{ERR_PACK(0,X509V3_F_S2I_ASN1_IA5STRING,0), "S2I_ASN1_IA5STRING"},
-{ERR_PACK(0,X509V3_F_S2I_ASN1_INTEGER,0), "s2i_ASN1_INTEGER"},
-{ERR_PACK(0,X509V3_F_S2I_ASN1_OCTET_STRING,0), "s2i_ASN1_OCTET_STRING"},
-{ERR_PACK(0,X509V3_F_S2I_ASN1_SKEY_ID,0), "S2I_ASN1_SKEY_ID"},
-{ERR_PACK(0,X509V3_F_S2I_S2I_SKEY_ID,0), "S2I_S2I_SKEY_ID"},
-{ERR_PACK(0,X509V3_F_STRING_TO_HEX,0), "string_to_hex"},
-{ERR_PACK(0,X509V3_F_SXNET_ADD_ASC,0), "SXNET_ADD_ASC"},
-{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_INTEGER,0), "SXNET_add_id_INTEGER"},
-{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_ULONG,0), "SXNET_add_id_ulong"},
-{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ASC,0), "SXNET_get_id_asc"},
-{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ULONG,0), "SXNET_get_id_ulong"},
-{ERR_PACK(0,X509V3_F_V2I_ACCESS_DESCRIPTION,0), "V2I_ACCESS_DESCRIPTION"},
-{ERR_PACK(0,X509V3_F_V2I_ASN1_BIT_STRING,0), "V2I_ASN1_BIT_STRING"},
-{ERR_PACK(0,X509V3_F_V2I_AUTHORITY_KEYID,0), "V2I_AUTHORITY_KEYID"},
-{ERR_PACK(0,X509V3_F_V2I_BASIC_CONSTRAINTS,0), "V2I_BASIC_CONSTRAINTS"},
-{ERR_PACK(0,X509V3_F_V2I_CRLD,0), "V2I_CRLD"},
-{ERR_PACK(0,X509V3_F_V2I_EXT_KU,0), "V2I_EXT_KU"},
-{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAME,0), "v2i_GENERAL_NAME"},
-{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAMES,0), "v2i_GENERAL_NAMES"},
-{ERR_PACK(0,X509V3_F_V3_GENERIC_EXTENSION,0), "V3_GENERIC_EXTENSION"},
-{ERR_PACK(0,X509V3_F_X509V3_ADD_VALUE,0), "X509V3_add_value"},
-{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD,0), "X509V3_EXT_add"},
-{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0), "X509V3_EXT_add_alias"},
-{ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0), "X509V3_EXT_conf"},
-{ERR_PACK(0,X509V3_F_X509V3_EXT_I2D,0), "X509V3_EXT_i2d"},
-{ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0), "X509V3_get_value_bool"},
-{ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0), "X509V3_parse_list"},
-{ERR_PACK(0,X509V3_F_X509_PURPOSE_ADD,0), "X509_PURPOSE_add"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA X509V3_str_reasons[]=
- {
-{X509V3_R_BAD_IP_ADDRESS ,"bad ip address"},
-{X509V3_R_BAD_OBJECT ,"bad object"},
-{X509V3_R_BN_DEC2BN_ERROR ,"bn dec2bn error"},
-{X509V3_R_BN_TO_ASN1_INTEGER_ERROR ,"bn to asn1 integer error"},
-{X509V3_R_DUPLICATE_ZONE_ID ,"duplicate zone id"},
-{X509V3_R_ERROR_CONVERTING_ZONE ,"error converting zone"},
-{X509V3_R_ERROR_IN_EXTENSION ,"error in extension"},
-{X509V3_R_EXPECTED_A_SECTION_NAME ,"expected a section name"},
-{X509V3_R_EXTENSION_NAME_ERROR ,"extension name error"},
-{X509V3_R_EXTENSION_NOT_FOUND ,"extension not found"},
-{X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED,"extension setting not supported"},
-{X509V3_R_EXTENSION_VALUE_ERROR ,"extension value error"},
-{X509V3_R_ILLEGAL_HEX_DIGIT ,"illegal hex digit"},
-{X509V3_R_INVALID_BOOLEAN_STRING ,"invalid boolean string"},
-{X509V3_R_INVALID_EXTENSION_STRING ,"invalid extension string"},
-{X509V3_R_INVALID_NAME ,"invalid name"},
-{X509V3_R_INVALID_NULL_ARGUMENT ,"invalid null argument"},
-{X509V3_R_INVALID_NULL_NAME ,"invalid null name"},
-{X509V3_R_INVALID_NULL_VALUE ,"invalid null value"},
-{X509V3_R_INVALID_NUMBER ,"invalid number"},
-{X509V3_R_INVALID_NUMBERS ,"invalid numbers"},
-{X509V3_R_INVALID_OBJECT_IDENTIFIER ,"invalid object identifier"},
-{X509V3_R_INVALID_OPTION ,"invalid option"},
-{X509V3_R_INVALID_POLICY_IDENTIFIER ,"invalid policy identifier"},
-{X509V3_R_INVALID_SECTION ,"invalid section"},
-{X509V3_R_INVALID_SYNTAX ,"invalid syntax"},
-{X509V3_R_ISSUER_DECODE_ERROR ,"issuer decode error"},
-{X509V3_R_MISSING_VALUE ,"missing value"},
-{X509V3_R_NEED_ORGANIZATION_AND_NUMBERS ,"need organization and numbers"},
-{X509V3_R_NO_CONFIG_DATABASE ,"no config database"},
-{X509V3_R_NO_ISSUER_CERTIFICATE ,"no issuer certificate"},
-{X509V3_R_NO_ISSUER_DETAILS ,"no issuer details"},
-{X509V3_R_NO_POLICY_IDENTIFIER ,"no policy identifier"},
-{X509V3_R_NO_PUBLIC_KEY ,"no public key"},
-{X509V3_R_NO_SUBJECT_DETAILS ,"no subject details"},
-{X509V3_R_ODD_NUMBER_OF_DIGITS ,"odd number of digits"},
-{X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS ,"unable to get issuer details"},
-{X509V3_R_UNABLE_TO_GET_ISSUER_KEYID ,"unable to get issuer keyid"},
-{X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT ,"unknown bit string argument"},
-{X509V3_R_UNKNOWN_EXTENSION ,"unknown extension"},
-{X509V3_R_UNKNOWN_EXTENSION_NAME ,"unknown extension name"},
-{X509V3_R_UNKNOWN_OPTION ,"unknown option"},
-{X509V3_R_UNSUPPORTED_OPTION ,"unsupported option"},
-{X509V3_R_USER_TOO_LONG ,"user too long"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_X509V3_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_X509V3,X509V3_str_functs);
- ERR_load_strings(ERR_LIB_X509V3,X509V3_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libcrypto/x509v3/x509v3.h b/src/lib/libcrypto/x509v3/x509v3.h
deleted file mode 100644
index 0453b12d63..0000000000
--- a/src/lib/libcrypto/x509v3/x509v3.h
+++ /dev/null
@@ -1,653 +0,0 @@
-/* x509v3.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_X509V3_H
-#define HEADER_X509V3_H
-
-#include <openssl/bio.h>
-#include <openssl/x509.h>
-#include <openssl/conf.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Forward reference */
-struct v3_ext_method;
-struct v3_ext_ctx;
-
-/* Useful typedefs */
-
-typedef void * (*X509V3_EXT_NEW)(void);
-typedef void (*X509V3_EXT_FREE)(void *);
-typedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long);
-typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
-typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist);
-typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values);
-typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext);
-typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent);
-typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-
-/* V3 extension structure */
-
-struct v3_ext_method {
-int ext_nid;
-int ext_flags;
-X509V3_EXT_NEW ext_new;
-X509V3_EXT_FREE ext_free;
-X509V3_EXT_D2I d2i;
-X509V3_EXT_I2D i2d;
-
-/* The following pair is used for string extensions */
-X509V3_EXT_I2S i2s;
-X509V3_EXT_S2I s2i;
-
-/* The following pair is used for multi-valued extensions */
-X509V3_EXT_I2V i2v;
-X509V3_EXT_V2I v2i;
-
-/* The following are used for raw extensions */
-X509V3_EXT_I2R i2r;
-X509V3_EXT_R2I r2i;
-
-void *usr_data; /* Any extension specific data */
-};
-
-typedef struct X509V3_CONF_METHOD_st {
-char * (*get_string)(void *db, char *section, char *value);
-STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
-void (*free_string)(void *db, char * string);
-void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
-} X509V3_CONF_METHOD;
-
-/* Context specific info */
-struct v3_ext_ctx {
-#define CTX_TEST 0x1
-int flags;
-X509 *issuer_cert;
-X509 *subject_cert;
-X509_REQ *subject_req;
-X509_CRL *crl;
-X509V3_CONF_METHOD *db_meth;
-void *db;
-/* Maybe more here */
-};
-
-typedef struct v3_ext_method X509V3_EXT_METHOD;
-typedef struct v3_ext_ctx X509V3_CTX;
-
-DECLARE_STACK_OF(X509V3_EXT_METHOD)
-
-/* ext_flags values */
-#define X509V3_EXT_DYNAMIC 0x1
-#define X509V3_EXT_CTX_DEP 0x2
-#define X509V3_EXT_MULTILINE 0x4
-
-typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
-
-typedef struct BASIC_CONSTRAINTS_st {
-int ca;
-ASN1_INTEGER *pathlen;
-} BASIC_CONSTRAINTS;
-
-
-typedef struct PKEY_USAGE_PERIOD_st {
-ASN1_GENERALIZEDTIME *notBefore;
-ASN1_GENERALIZEDTIME *notAfter;
-} PKEY_USAGE_PERIOD;
-
-typedef struct otherName_st {
-ASN1_OBJECT *type_id;
-ASN1_TYPE *value;
-} OTHERNAME;
-
-typedef struct GENERAL_NAME_st {
-
-#define GEN_OTHERNAME (0|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_EMAIL (1|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_DNS (2|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_X400 (3|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_DIRNAME (4|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_EDIPARTY (5|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_URI (6|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_IPADD (7|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_RID (8|V_ASN1_CONTEXT_SPECIFIC)
-
-int type;
-union {
- char *ptr;
- ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */
- ASN1_OCTET_STRING *ip; /* iPAddress */
- X509_NAME *dirn; /* dirn */
- ASN1_OBJECT *rid; /* registeredID */
- OTHERNAME *otherName; /* otherName */
- ASN1_TYPE *other; /* ediPartyName, x400Address */
-} d;
-} GENERAL_NAME;
-
-typedef struct ACCESS_DESCRIPTION_st {
- ASN1_OBJECT *method;
- GENERAL_NAME *location;
-} ACCESS_DESCRIPTION;
-
-DECLARE_STACK_OF(GENERAL_NAME)
-DECLARE_ASN1_SET_OF(GENERAL_NAME)
-
-DECLARE_STACK_OF(ACCESS_DESCRIPTION)
-DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
-
-typedef struct DIST_POINT_NAME_st {
-/* NB: this is a CHOICE type and only one of these should be set */
-STACK_OF(GENERAL_NAME) *fullname;
-STACK_OF(X509_NAME_ENTRY) *relativename;
-} DIST_POINT_NAME;
-
-typedef struct DIST_POINT_st {
-DIST_POINT_NAME *distpoint;
-ASN1_BIT_STRING *reasons;
-STACK_OF(GENERAL_NAME) *CRLissuer;
-} DIST_POINT;
-
-DECLARE_STACK_OF(DIST_POINT)
-DECLARE_ASN1_SET_OF(DIST_POINT)
-
-typedef struct AUTHORITY_KEYID_st {
-ASN1_OCTET_STRING *keyid;
-STACK_OF(GENERAL_NAME) *issuer;
-ASN1_INTEGER *serial;
-} AUTHORITY_KEYID;
-
-/* Strong extranet structures */
-
-typedef struct SXNET_ID_st {
- ASN1_INTEGER *zone;
- ASN1_OCTET_STRING *user;
-} SXNETID;
-
-DECLARE_STACK_OF(SXNETID)
-DECLARE_ASN1_SET_OF(SXNETID)
-
-typedef struct SXNET_st {
- ASN1_INTEGER *version;
- STACK_OF(SXNETID) *ids;
-} SXNET;
-
-typedef struct NOTICEREF_st {
- ASN1_STRING *organization;
- STACK_OF(ASN1_INTEGER) *noticenos;
-} NOTICEREF;
-
-typedef struct USERNOTICE_st {
- NOTICEREF *noticeref;
- ASN1_STRING *exptext;
-} USERNOTICE;
-
-typedef struct POLICYQUALINFO_st {
- ASN1_OBJECT *pqualid;
- union {
- ASN1_IA5STRING *cpsuri;
- USERNOTICE *usernotice;
- ASN1_TYPE *other;
- } d;
-} POLICYQUALINFO;
-
-DECLARE_STACK_OF(POLICYQUALINFO)
-DECLARE_ASN1_SET_OF(POLICYQUALINFO)
-
-typedef struct POLICYINFO_st {
- ASN1_OBJECT *policyid;
- STACK_OF(POLICYQUALINFO) *qualifiers;
-} POLICYINFO;
-
-DECLARE_STACK_OF(POLICYINFO)
-DECLARE_ASN1_SET_OF(POLICYINFO)
-
-#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
-",name:", val->name, ",value:", val->value);
-
-#define X509V3_set_ctx_test(ctx) \
- X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
-#define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;
-
-#define EXT_BITSTRING(nid, table) { nid, 0, \
- (X509V3_EXT_NEW)ASN1_BIT_STRING_new, \
- (X509V3_EXT_FREE)ASN1_BIT_STRING_free, \
- (X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \
- (X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \
- NULL, NULL, \
- (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
- (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
- NULL, NULL, \
- (char *)table}
-
-#define EXT_IA5STRING(nid) { nid, 0, \
- (X509V3_EXT_NEW)ASN1_IA5STRING_new, \
- (X509V3_EXT_FREE)ASN1_IA5STRING_free, \
- (X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \
- (X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \
- (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
- (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
- NULL, NULL, NULL, NULL, \
- NULL}
-
-#define EXT_END { -1, 0, NULL, NULL, NULL, NULL, NULL, NULL, \
- NULL, NULL, NULL, NULL, \
- NULL}
-
-
-/* X509_PURPOSE stuff */
-
-#define EXFLAG_BCONS 0x1
-#define EXFLAG_KUSAGE 0x2
-#define EXFLAG_XKUSAGE 0x4
-#define EXFLAG_NSCERT 0x8
-
-#define EXFLAG_CA 0x10
-#define EXFLAG_SS 0x20
-#define EXFLAG_V1 0x40
-#define EXFLAG_INVALID 0x80
-#define EXFLAG_SET 0x100
-
-#define KU_DIGITAL_SIGNATURE 0x0080
-#define KU_NON_REPUDIATION 0x0040
-#define KU_KEY_ENCIPHERMENT 0x0020
-#define KU_DATA_ENCIPHERMENT 0x0010
-#define KU_KEY_AGREEMENT 0x0008
-#define KU_KEY_CERT_SIGN 0x0004
-#define KU_CRL_SIGN 0x0002
-#define KU_ENCIPHER_ONLY 0x0001
-#define KU_DECIPHER_ONLY 0x8000
-
-#define NS_SSL_CLIENT 0x80
-#define NS_SSL_SERVER 0x40
-#define NS_SMIME 0x20
-#define NS_OBJSIGN 0x10
-#define NS_SSL_CA 0x04
-#define NS_SMIME_CA 0x02
-#define NS_OBJSIGN_CA 0x01
-
-#define XKU_SSL_SERVER 0x1
-#define XKU_SSL_CLIENT 0x2
-#define XKU_SMIME 0x4
-#define XKU_CODE_SIGN 0x8
-#define XKU_SGC 0x10
-
-#define X509_PURPOSE_DYNAMIC 0x1
-#define X509_PURPOSE_DYNAMIC_NAME 0x2
-
-typedef struct x509_purpose_st {
- int purpose;
- int trust; /* Default trust ID */
- int flags;
- int (*check_purpose)(const struct x509_purpose_st *,
- const X509 *, int);
- char *name;
- char *sname;
- void *usr_data;
-} X509_PURPOSE;
-
-#define X509_PURPOSE_SSL_CLIENT 1
-#define X509_PURPOSE_SSL_SERVER 2
-#define X509_PURPOSE_NS_SSL_SERVER 3
-#define X509_PURPOSE_SMIME_SIGN 4
-#define X509_PURPOSE_SMIME_ENCRYPT 5
-#define X509_PURPOSE_CRL_SIGN 6
-#define X509_PURPOSE_ANY 7
-
-#define X509_PURPOSE_MIN 1
-#define X509_PURPOSE_MAX 7
-
-DECLARE_STACK_OF(X509_PURPOSE)
-
-void ERR_load_X509V3_strings(void);
-int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp);
-BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, unsigned char **pp, long length);
-BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void);
-void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a);
-
-int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp);
-GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp, long length);
-GENERAL_NAME *GENERAL_NAME_new(void);
-void GENERAL_NAME_free(GENERAL_NAME *a);
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
-
-int i2d_SXNET(SXNET *a, unsigned char **pp);
-SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length);
-SXNET *SXNET_new(void);
-void SXNET_free(SXNET *a);
-
-int i2d_SXNETID(SXNETID *a, unsigned char **pp);
-SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length);
-SXNETID *SXNETID_new(void);
-void SXNETID_free(SXNETID *a);
-
-int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen);
-int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen);
-int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user, int userlen);
-
-ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone);
-ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
-ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
-
-int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp);
-AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, long length);
-AUTHORITY_KEYID *AUTHORITY_KEYID_new(void);
-void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a);
-
-int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp);
-PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, unsigned char **pp, long length);
-PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void);
-void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a);
-
-STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new(void);
-void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a);
-STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a, unsigned char **pp, long length);
-int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp);
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
- STACK_OF(GENERAL_NAME) *gen, STACK_OF(CONF_VALUE) *extlist);
-STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp);
-OTHERNAME *OTHERNAME_new(void);
-OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length);
-void OTHERNAME_free(OTHERNAME *a);
-
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
-ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-
-int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp);
-STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
- unsigned char **pp, long length);
-void ext_ku_free(STACK_OF(ASN1_OBJECT) *a);
-STACK_OF(ASN1_OBJECT) *ext_ku_new(void);
-
-int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp);
-STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void);
-void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a);
-STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a, unsigned char **pp, long length);
-
-int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp);
-POLICYINFO *POLICYINFO_new(void);
-POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp, long length);
-void POLICYINFO_free(POLICYINFO *a);
-
-int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp);
-POLICYQUALINFO *POLICYQUALINFO_new(void);
-POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp,
- long length);
-void POLICYQUALINFO_free(POLICYQUALINFO *a);
-
-int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp);
-USERNOTICE *USERNOTICE_new(void);
-USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp, long length);
-void USERNOTICE_free(USERNOTICE *a);
-
-int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp);
-NOTICEREF *NOTICEREF_new(void);
-NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp, long length);
-void NOTICEREF_free(NOTICEREF *a);
-
-int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp);
-STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void);
-void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a);
-STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a,
- unsigned char **pp,long length);
-
-int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp);
-DIST_POINT *DIST_POINT_new(void);
-DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length);
-void DIST_POINT_free(DIST_POINT *a);
-
-int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp);
-DIST_POINT_NAME *DIST_POINT_NAME_new(void);
-void DIST_POINT_NAME_free(DIST_POINT_NAME *a);
-DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp,
- long length);
-
-int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp);
-ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void);
-void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a);
-ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp,
- long length);
-
-STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void);
-void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a);
-STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a,
- unsigned char **pp, long length);
-int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp);
-
-
-
-#ifdef HEADER_CONF_H
-GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf);
-void X509V3_conf_free(CONF_VALUE *val);
-X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value);
-X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value);
-int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert);
-int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
-int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
-int X509V3_add_value_bool_nf(char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist);
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
-#endif
-
-char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
-STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
-void X509V3_string_free(X509V3_CTX *ctx, char *str);
-void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
-void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
- X509_REQ *req, X509_CRL *crl, int flags);
-
-int X509V3_add_value(const char *name, const char *value,
- STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_uchar(const char *name, const unsigned char *value,
- STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_bool(const char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
- STACK_OF(CONF_VALUE) **extlist);
-char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
-ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
-char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
-char * i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
-int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
-int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
-int X509V3_EXT_add_alias(int nid_to, int nid_from);
-void X509V3_EXT_cleanup(void);
-
-X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
-X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
-int X509V3_add_standard_extensions(void);
-STACK_OF(CONF_VALUE) *X509V3_parse_list(char *line);
-void *X509V3_EXT_d2i(X509_EXTENSION *ext);
-void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
-
-X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
-
-char *hex_to_string(unsigned char *buffer, long len);
-unsigned char *string_to_hex(char *str, long *len);
-int name_cmp(const char *name, const char *cmp);
-
-void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
- int ml);
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
-int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
-
-int X509_check_purpose(X509 *x, int id, int ca);
-int X509_check_issued(X509 *issuer, X509 *subject);
-int X509_PURPOSE_get_count(void);
-X509_PURPOSE * X509_PURPOSE_get0(int idx);
-int X509_PURPOSE_get_by_sname(char *sname);
-int X509_PURPOSE_get_by_id(int id);
-int X509_PURPOSE_add(int id, int trust, int flags,
- int (*ck)(const X509_PURPOSE *, const X509 *, int),
- char *name, char *sname, void *arg);
-char *X509_PURPOSE_get0_name(X509_PURPOSE *xp);
-char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp);
-int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
-void X509_PURPOSE_cleanup(void);
-int X509_PURPOSE_get_id(X509_PURPOSE *);
-
-STACK *X509_get1_email(X509 *x);
-STACK *X509_REQ_get1_email(X509_REQ *x);
-void X509_email_free(STACK *sk);
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-/* Error codes for the X509V3 functions. */
-
-/* Function codes. */
-#define X509V3_F_COPY_EMAIL 122
-#define X509V3_F_COPY_ISSUER 123
-#define X509V3_F_DO_EXT_CONF 124
-#define X509V3_F_DO_EXT_I2D 135
-#define X509V3_F_HEX_TO_STRING 111
-#define X509V3_F_I2S_ASN1_ENUMERATED 121
-#define X509V3_F_I2S_ASN1_INTEGER 120
-#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138
-#define X509V3_F_NOTICE_SECTION 132
-#define X509V3_F_NREF_NOS 133
-#define X509V3_F_POLICY_SECTION 131
-#define X509V3_F_R2I_CERTPOL 130
-#define X509V3_F_S2I_ASN1_IA5STRING 100
-#define X509V3_F_S2I_ASN1_INTEGER 108
-#define X509V3_F_S2I_ASN1_OCTET_STRING 112
-#define X509V3_F_S2I_ASN1_SKEY_ID 114
-#define X509V3_F_S2I_S2I_SKEY_ID 115
-#define X509V3_F_STRING_TO_HEX 113
-#define X509V3_F_SXNET_ADD_ASC 125
-#define X509V3_F_SXNET_ADD_ID_INTEGER 126
-#define X509V3_F_SXNET_ADD_ID_ULONG 127
-#define X509V3_F_SXNET_GET_ID_ASC 128
-#define X509V3_F_SXNET_GET_ID_ULONG 129
-#define X509V3_F_V2I_ACCESS_DESCRIPTION 139
-#define X509V3_F_V2I_ASN1_BIT_STRING 101
-#define X509V3_F_V2I_AUTHORITY_KEYID 119
-#define X509V3_F_V2I_BASIC_CONSTRAINTS 102
-#define X509V3_F_V2I_CRLD 134
-#define X509V3_F_V2I_EXT_KU 103
-#define X509V3_F_V2I_GENERAL_NAME 117
-#define X509V3_F_V2I_GENERAL_NAMES 118
-#define X509V3_F_V3_GENERIC_EXTENSION 116
-#define X509V3_F_X509V3_ADD_VALUE 105
-#define X509V3_F_X509V3_EXT_ADD 104
-#define X509V3_F_X509V3_EXT_ADD_ALIAS 106
-#define X509V3_F_X509V3_EXT_CONF 107
-#define X509V3_F_X509V3_EXT_I2D 136
-#define X509V3_F_X509V3_GET_VALUE_BOOL 110
-#define X509V3_F_X509V3_PARSE_LIST 109
-#define X509V3_F_X509_PURPOSE_ADD 137
-
-/* Reason codes. */
-#define X509V3_R_BAD_IP_ADDRESS 118
-#define X509V3_R_BAD_OBJECT 119
-#define X509V3_R_BN_DEC2BN_ERROR 100
-#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
-#define X509V3_R_DUPLICATE_ZONE_ID 133
-#define X509V3_R_ERROR_CONVERTING_ZONE 131
-#define X509V3_R_ERROR_IN_EXTENSION 128
-#define X509V3_R_EXPECTED_A_SECTION_NAME 137
-#define X509V3_R_EXTENSION_NAME_ERROR 115
-#define X509V3_R_EXTENSION_NOT_FOUND 102
-#define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103
-#define X509V3_R_EXTENSION_VALUE_ERROR 116
-#define X509V3_R_ILLEGAL_HEX_DIGIT 113
-#define X509V3_R_INVALID_BOOLEAN_STRING 104
-#define X509V3_R_INVALID_EXTENSION_STRING 105
-#define X509V3_R_INVALID_NAME 106
-#define X509V3_R_INVALID_NULL_ARGUMENT 107
-#define X509V3_R_INVALID_NULL_NAME 108
-#define X509V3_R_INVALID_NULL_VALUE 109
-#define X509V3_R_INVALID_NUMBER 140
-#define X509V3_R_INVALID_NUMBERS 141
-#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
-#define X509V3_R_INVALID_OPTION 138
-#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
-#define X509V3_R_INVALID_SECTION 135
-#define X509V3_R_INVALID_SYNTAX 143
-#define X509V3_R_ISSUER_DECODE_ERROR 126
-#define X509V3_R_MISSING_VALUE 124
-#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142
-#define X509V3_R_NO_CONFIG_DATABASE 136
-#define X509V3_R_NO_ISSUER_CERTIFICATE 121
-#define X509V3_R_NO_ISSUER_DETAILS 127
-#define X509V3_R_NO_POLICY_IDENTIFIER 139
-#define X509V3_R_NO_PUBLIC_KEY 114
-#define X509V3_R_NO_SUBJECT_DETAILS 125
-#define X509V3_R_ODD_NUMBER_OF_DIGITS 112
-#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122
-#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123
-#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111
-#define X509V3_R_UNKNOWN_EXTENSION 129
-#define X509V3_R_UNKNOWN_EXTENSION_NAME 130
-#define X509V3_R_UNKNOWN_OPTION 120
-#define X509V3_R_UNSUPPORTED_OPTION 117
-#define X509V3_R_USER_TOO_LONG 132
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libssl/LICENSE b/src/lib/libssl/LICENSE
deleted file mode 100644
index 3fd259ac32..0000000000
--- a/src/lib/libssl/LICENSE
+++ /dev/null
@@ -1,127 +0,0 @@
-
- LICENSE ISSUES
- ==============
-
- The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
- the OpenSSL License and the original SSLeay license apply to the toolkit.
- See below for the actual license texts. Actually both licenses are BSD-style
- Open Source licenses. In case of any license issues related to OpenSSL
- please contact openssl-core@openssl.org.
-
- OpenSSL License
- ---------------
-
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
- Original SSLeay License
- -----------------------
-
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c
deleted file mode 100644
index d85555a7e6..0000000000
--- a/src/lib/libssl/bio_ssl.c
+++ /dev/null
@@ -1,586 +0,0 @@
-/* ssl/bio_ssl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <openssl/crypto.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-static int ssl_write(BIO *h, const char *buf, int num);
-static int ssl_read(BIO *h, char *buf, int size);
-static int ssl_puts(BIO *h, const char *str);
-static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int ssl_new(BIO *h);
-static int ssl_free(BIO *data);
-static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-typedef struct bio_ssl_st
- {
- SSL *ssl; /* The ssl handle :-) */
- /* re-negotiate every time the total number of bytes is this size */
- int num_renegotiates;
- unsigned long renegotiate_count;
- unsigned long byte_count;
- unsigned long renegotiate_timeout;
- unsigned long last_time;
- } BIO_SSL;
-
-static BIO_METHOD methods_sslp=
- {
- BIO_TYPE_SSL,"ssl",
- ssl_write,
- ssl_read,
- ssl_puts,
- NULL, /* ssl_gets, */
- ssl_ctrl,
- ssl_new,
- ssl_free,
- ssl_callback_ctrl,
- };
-
-BIO_METHOD *BIO_f_ssl(void)
- {
- return(&methods_sslp);
- }
-
-static int ssl_new(BIO *bi)
- {
- BIO_SSL *bs;
-
- bs=(BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL));
- if (bs == NULL)
- {
- BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- memset(bs,0,sizeof(BIO_SSL));
- bi->init=0;
- bi->ptr=(char *)bs;
- bi->flags=0;
- return(1);
- }
-
-static int ssl_free(BIO *a)
- {
- BIO_SSL *bs;
-
- if (a == NULL) return(0);
- bs=(BIO_SSL *)a->ptr;
- if (bs->ssl != NULL) SSL_shutdown(bs->ssl);
- if (a->shutdown)
- {
- if (a->init && (bs->ssl != NULL))
- SSL_free(bs->ssl);
- a->init=0;
- a->flags=0;
- }
- if (a->ptr != NULL)
- OPENSSL_free(a->ptr);
- return(1);
- }
-
-static int ssl_read(BIO *b, char *out, int outl)
- {
- int ret=1;
- BIO_SSL *sb;
- SSL *ssl;
- int retry_reason=0;
- int r=0;
-
- if (out == NULL) return(0);
- sb=(BIO_SSL *)b->ptr;
- ssl=sb->ssl;
-
- BIO_clear_retry_flags(b);
-
-#if 0
- if (!SSL_is_init_finished(ssl))
- {
-/* ret=SSL_do_handshake(ssl); */
- if (ret > 0)
- {
-
- outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
- ret= -1;
- goto end;
- }
- }
-#endif
-/* if (ret > 0) */
- ret=SSL_read(ssl,out,outl);
-
- switch (SSL_get_error(ssl,ret))
- {
- case SSL_ERROR_NONE:
- if (ret <= 0) break;
- if (sb->renegotiate_count > 0)
- {
- sb->byte_count+=ret;
- if (sb->byte_count > sb->renegotiate_count)
- {
- sb->byte_count=0;
- sb->num_renegotiates++;
- SSL_renegotiate(ssl);
- r=1;
- }
- }
- if ((sb->renegotiate_timeout > 0) && (!r))
- {
- unsigned long tm;
-
- tm=(unsigned long)time(NULL);
- if (tm > sb->last_time+sb->renegotiate_timeout)
- {
- sb->last_time=tm;
- sb->num_renegotiates++;
- SSL_renegotiate(ssl);
- }
- }
-
- break;
- case SSL_ERROR_WANT_READ:
- BIO_set_retry_read(b);
- break;
- case SSL_ERROR_WANT_WRITE:
- BIO_set_retry_write(b);
- break;
- case SSL_ERROR_WANT_X509_LOOKUP:
- BIO_set_retry_special(b);
- retry_reason=BIO_RR_SSL_X509_LOOKUP;
- break;
- case SSL_ERROR_WANT_CONNECT:
- BIO_set_retry_special(b);
- retry_reason=BIO_RR_CONNECT;
- break;
- case SSL_ERROR_SYSCALL:
- case SSL_ERROR_SSL:
- case SSL_ERROR_ZERO_RETURN:
- default:
- break;
- }
-
- b->retry_reason=retry_reason;
- return(ret);
- }
-
-static int ssl_write(BIO *b, const char *out, int outl)
- {
- int ret,r=0;
- int retry_reason=0;
- SSL *ssl;
- BIO_SSL *bs;
-
- if (out == NULL) return(0);
- bs=(BIO_SSL *)b->ptr;
- ssl=bs->ssl;
-
- BIO_clear_retry_flags(b);
-
-/* ret=SSL_do_handshake(ssl);
- if (ret > 0) */
- ret=SSL_write(ssl,out,outl);
-
- switch (SSL_get_error(ssl,ret))
- {
- case SSL_ERROR_NONE:
- if (ret <= 0) break;
- if (bs->renegotiate_count > 0)
- {
- bs->byte_count+=ret;
- if (bs->byte_count > bs->renegotiate_count)
- {
- bs->byte_count=0;
- bs->num_renegotiates++;
- SSL_renegotiate(ssl);
- r=1;
- }
- }
- if ((bs->renegotiate_timeout > 0) && (!r))
- {
- unsigned long tm;
-
- tm=(unsigned long)time(NULL);
- if (tm > bs->last_time+bs->renegotiate_timeout)
- {
- bs->last_time=tm;
- bs->num_renegotiates++;
- SSL_renegotiate(ssl);
- }
- }
- break;
- case SSL_ERROR_WANT_WRITE:
- BIO_set_retry_write(b);
- break;
- case SSL_ERROR_WANT_READ:
- BIO_set_retry_read(b);
- break;
- case SSL_ERROR_WANT_X509_LOOKUP:
- BIO_set_retry_special(b);
- retry_reason=BIO_RR_SSL_X509_LOOKUP;
- break;
- case SSL_ERROR_WANT_CONNECT:
- BIO_set_retry_special(b);
- retry_reason=BIO_RR_CONNECT;
- case SSL_ERROR_SYSCALL:
- case SSL_ERROR_SSL:
- default:
- break;
- }
-
- b->retry_reason=retry_reason;
- return(ret);
- }
-
-static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- SSL **sslp,*ssl;
- BIO_SSL *bs;
- BIO *dbio,*bio;
- long ret=1;
-
- bs=(BIO_SSL *)b->ptr;
- ssl=bs->ssl;
- if ((ssl == NULL) && (cmd != BIO_C_SET_SSL))
- return(0);
- switch (cmd)
- {
- case BIO_CTRL_RESET:
- SSL_shutdown(ssl);
-
- if (ssl->handshake_func == ssl->method->ssl_connect)
- SSL_set_connect_state(ssl);
- else if (ssl->handshake_func == ssl->method->ssl_accept)
- SSL_set_accept_state(ssl);
-
- SSL_clear(ssl);
-
- if (b->next_bio != NULL)
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- else if (ssl->rbio != NULL)
- ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
- else
- ret=1;
- break;
- case BIO_CTRL_INFO:
- ret=0;
- break;
- case BIO_C_SSL_MODE:
- if (num) /* client mode */
- SSL_set_connect_state(ssl);
- else
- SSL_set_accept_state(ssl);
- break;
- case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:
- ret=bs->renegotiate_timeout;
- if (num < 60) num=5;
- bs->renegotiate_timeout=(unsigned long)num;
- bs->last_time=(unsigned long)time(NULL);
- break;
- case BIO_C_SET_SSL_RENEGOTIATE_BYTES:
- ret=bs->renegotiate_count;
- if ((long)num >=512)
- bs->renegotiate_count=(unsigned long)num;
- break;
- case BIO_C_GET_SSL_NUM_RENEGOTIATES:
- ret=bs->num_renegotiates;
- break;
- case BIO_C_SET_SSL:
- if (ssl != NULL)
- ssl_free(b);
- b->shutdown=(int)num;
- ssl=(SSL *)ptr;
- ((BIO_SSL *)b->ptr)->ssl=ssl;
- bio=SSL_get_rbio(ssl);
- if (bio != NULL)
- {
- if (b->next_bio != NULL)
- BIO_push(bio,b->next_bio);
- b->next_bio=bio;
- CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO);
- }
- b->init=1;
- break;
- case BIO_C_GET_SSL:
- if (ptr != NULL)
- {
- sslp=(SSL **)ptr;
- *sslp=ssl;
- }
- else
- ret=0;
- break;
- case BIO_CTRL_GET_CLOSE:
- ret=b->shutdown;
- break;
- case BIO_CTRL_SET_CLOSE:
- b->shutdown=(int)num;
- break;
- case BIO_CTRL_WPENDING:
- ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
- break;
- case BIO_CTRL_PENDING:
- ret=SSL_pending(ssl);
- if (ret == 0)
- ret=BIO_pending(ssl->rbio);
- break;
- case BIO_CTRL_FLUSH:
- BIO_clear_retry_flags(b);
- ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
- BIO_copy_next_retry(b);
- break;
- case BIO_CTRL_PUSH:
- if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio))
- {
- SSL_set_bio(ssl,b->next_bio,b->next_bio);
- CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
- }
- break;
- case BIO_CTRL_POP:
- /* ugly bit of a hack */
- if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
- {
- BIO_free_all(ssl->wbio);
- }
- ssl->wbio=NULL;
- ssl->rbio=NULL;
- break;
- case BIO_C_DO_STATE_MACHINE:
- BIO_clear_retry_flags(b);
-
- b->retry_reason=0;
- ret=(int)SSL_do_handshake(ssl);
-
- switch (SSL_get_error(ssl,(int)ret))
- {
- case SSL_ERROR_WANT_READ:
- BIO_set_flags(b,
- BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
- break;
- case SSL_ERROR_WANT_WRITE:
- BIO_set_flags(b,
- BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
- break;
- case SSL_ERROR_WANT_CONNECT:
- BIO_set_flags(b,
- BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
- b->retry_reason=b->next_bio->retry_reason;
- break;
- default:
- break;
- }
- break;
- case BIO_CTRL_DUP:
- dbio=(BIO *)ptr;
- if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
- SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
- ((BIO_SSL *)dbio->ptr)->ssl=SSL_dup(ssl);
- ((BIO_SSL *)dbio->ptr)->renegotiate_count=
- ((BIO_SSL *)b->ptr)->renegotiate_count;
- ((BIO_SSL *)dbio->ptr)->byte_count=
- ((BIO_SSL *)b->ptr)->byte_count;
- ((BIO_SSL *)dbio->ptr)->renegotiate_timeout=
- ((BIO_SSL *)b->ptr)->renegotiate_timeout;
- ((BIO_SSL *)dbio->ptr)->last_time=
- ((BIO_SSL *)b->ptr)->last_time;
- ret=(((BIO_SSL *)dbio->ptr)->ssl != NULL);
- break;
- case BIO_C_GET_FD:
- ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
- break;
- case BIO_CTRL_SET_CALLBACK:
- {
-#if 0 /* FIXME: Should this be used? -- Richard Levitte */
- BIOerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- ret = -1;
-#else
- ret=0;
-#endif
- }
- break;
- case BIO_CTRL_GET_CALLBACK:
- {
- void (**fptr)();
-
- fptr=(void (**)())ptr;
- *fptr=SSL_get_info_callback(ssl);
- }
- break;
- default:
- ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
- break;
- }
- return(ret);
- }
-
-static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
- {
- SSL *ssl;
- BIO_SSL *bs;
- long ret=1;
-
- bs=(BIO_SSL *)b->ptr;
- ssl=bs->ssl;
- switch (cmd)
- {
- case BIO_CTRL_SET_CALLBACK:
- {
- SSL_set_info_callback(ssl,fp);
- }
- break;
- default:
- ret=BIO_callback_ctrl(ssl->rbio,cmd,fp);
- break;
- }
- return(ret);
- }
-
-static int ssl_puts(BIO *bp, const char *str)
- {
- int n,ret;
-
- n=strlen(str);
- ret=BIO_write(bp,str,n);
- return(ret);
- }
-
-BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
- {
- BIO *ret=NULL,*buf=NULL,*ssl=NULL;
-
- if ((buf=BIO_new(BIO_f_buffer())) == NULL)
- return(NULL);
- if ((ssl=BIO_new_ssl_connect(ctx)) == NULL)
- goto err;
- if ((ret=BIO_push(buf,ssl)) == NULL)
- goto err;
- return(ret);
-err:
- if (buf != NULL) BIO_free(buf);
- if (ssl != NULL) BIO_free(ssl);
- return(NULL);
- }
-
-BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
- {
- BIO *ret=NULL,*con=NULL,*ssl=NULL;
-
- if ((con=BIO_new(BIO_s_connect())) == NULL)
- return(NULL);
- if ((ssl=BIO_new_ssl(ctx,1)) == NULL)
- goto err;
- if ((ret=BIO_push(ssl,con)) == NULL)
- goto err;
- return(ret);
-err:
- if (con != NULL) BIO_free(con);
- if (ret != NULL) BIO_free(ret);
- return(NULL);
- }
-
-BIO *BIO_new_ssl(SSL_CTX *ctx, int client)
- {
- BIO *ret;
- SSL *ssl;
-
- if ((ret=BIO_new(BIO_f_ssl())) == NULL)
- return(NULL);
- if ((ssl=SSL_new(ctx)) == NULL)
- {
- BIO_free(ret);
- return(NULL);
- }
- if (client)
- SSL_set_connect_state(ssl);
- else
- SSL_set_accept_state(ssl);
-
- BIO_set_ssl(ret,ssl,BIO_CLOSE);
- return(ret);
- }
-
-int BIO_ssl_copy_session_id(BIO *t, BIO *f)
- {
- t=BIO_find_type(t,BIO_TYPE_SSL);
- f=BIO_find_type(f,BIO_TYPE_SSL);
- if ((t == NULL) || (f == NULL))
- return(0);
- if ( (((BIO_SSL *)t->ptr)->ssl == NULL) ||
- (((BIO_SSL *)f->ptr)->ssl == NULL))
- return(0);
- SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,((BIO_SSL *)f->ptr)->ssl);
- return(1);
- }
-
-void BIO_ssl_shutdown(BIO *b)
- {
- SSL *s;
-
- while (b != NULL)
- {
- if (b->method->type == BIO_TYPE_SSL)
- {
- s=((BIO_SSL *)b->ptr)->ssl;
- SSL_shutdown(s);
- break;
- }
- b=b->next_bio;
- }
- }
diff --git a/src/lib/libssl/doc/openssl.cnf b/src/lib/libssl/doc/openssl.cnf
deleted file mode 100644
index dbe8cbefe0..0000000000
--- a/src/lib/libssl/doc/openssl.cnf
+++ /dev/null
@@ -1,244 +0,0 @@
-#
-# OpenSSL example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME = .
-RANDFILE = $ENV::HOME/.rnd
-
-# Extra OBJECT IDENTIFIER info:
-#oid_file = $ENV::HOME/.oid
-oid_section = new_oids
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions =
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca = CA_default # The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir = ./demoCA # Where everything is kept
-certs = $dir/certs # Where the issued certs are kept
-crl_dir = $dir/crl # Where the issued crl are kept
-database = $dir/index.txt # database index file.
-new_certs_dir = $dir/newcerts # default place for new certs.
-
-certificate = $dir/cacert.pem # The CA certificate
-serial = $dir/serial # The current serial number
-crl = $dir/crl.pem # The current CRL
-private_key = $dir/private/cakey.pem# The private key
-RANDFILE = $dir/private/.rand # private random number file
-
-x509_extensions = usr_cert # The extentions to add to the cert
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions = crl_ext
-
-default_days = 365 # how long to certify for
-default_crl_days= 30 # how long before next CRL
-default_md = md5 # which md to use.
-preserve = no # keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy = policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName = match
-stateOrProvinceName = match
-organizationName = match
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-
-####################################################################
-[ req ]
-default_bits = 1024
-default_keyfile = privkey.pem
-distinguished_name = req_distinguished_name
-attributes = req_attributes
-x509_extensions = v3_ca # The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options.
-# default: PrintableString, T61String, BMPString.
-# pkix : PrintableString, BMPString.
-# utf8only: only UTF8Strings.
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
-# so use this option with caution!
-string_mask = nombstr
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName = Country Name (2 letter code)
-countryName_default = AU
-countryName_min = 2
-countryName_max = 2
-
-stateOrProvinceName = State or Province Name (full name)
-stateOrProvinceName_default = Some-State
-
-localityName = Locality Name (eg, city)
-
-0.organizationName = Organization Name (eg, company)
-0.organizationName_default = Internet Widgits Pty Ltd
-
-# we can do this but it is not needed normally :-)
-#1.organizationName = Second Organization Name (eg, company)
-#1.organizationName_default = World Wide Web Pty Ltd
-
-organizationalUnitName = Organizational Unit Name (eg, section)
-#organizationalUnitName_default =
-
-commonName = Common Name (eg, YOUR name)
-commonName_max = 64
-
-emailAddress = Email Address
-emailAddress_max = 40
-
-# SET-ex3 = SET extension number 3
-
-[ req_attributes ]
-challengePassword = A challenge password
-challengePassword_min = 4
-challengePassword_max = 20
-
-unstructuredName = An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType = server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment = "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
diff --git a/src/lib/libssl/doc/openssl.txt b/src/lib/libssl/doc/openssl.txt
deleted file mode 100644
index 5da519e7e4..0000000000
--- a/src/lib/libssl/doc/openssl.txt
+++ /dev/null
@@ -1,1235 +0,0 @@
-
-This is some preliminary documentation for OpenSSL.
-
-Contents:
-
- OpenSSL X509V3 extension configuration
- X509V3 Extension code: programmers guide
- PKCS#12 Library
-
-
-==============================================================================
- OpenSSL X509V3 extension configuration
-==============================================================================
-
-OpenSSL X509V3 extension configuration: preliminary documentation.
-
-INTRODUCTION.
-
-For OpenSSL 0.9.2 the extension code has be considerably enhanced. It is now
-possible to add and print out common X509 V3 certificate and CRL extensions.
-
-BEGINNERS NOTE
-
-For most simple applications you don't need to know too much about extensions:
-the default openssl.cnf values will usually do sensible things.
-
-If you want to know more you can initially quickly look through the sections
-describing how the standard OpenSSL utilities display and add extensions and
-then the list of supported extensions.
-
-For more technical information about the meaning of extensions see:
-
-http://www.imc.org/ietf-pkix/
-http://home.netscape.com/eng/security/certs.html
-
-PRINTING EXTENSIONS.
-
-Extension values are automatically printed out for supported extensions.
-
-openssl x509 -in cert.pem -text
-openssl crl -in crl.pem -text
-
-will give information in the extension printout, for example:
-
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:TRUE
- X509v3 Subject Key Identifier:
- 73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15
- X509v3 Authority Key Identifier:
- keyid:73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15, DirName:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/Email=email@1.address/Email=email@2.address, serial:00
- X509v3 Key Usage:
- Certificate Sign, CRL Sign
- X509v3 Subject Alternative Name:
- email:email@1.address, email:email@2.address
-
-CONFIGURATION FILES.
-
-The OpenSSL utilities 'ca' and 'req' can now have extension sections listing
-which certificate extensions to include. In each case a line:
-
-x509_extensions = extension_section
-
-indicates which section contains the extensions. In the case of 'req' the
-extension section is used when the -x509 option is present to create a
-self signed root certificate.
-
-The 'x509' utility also supports extensions when it signs a certificate.
-The -extfile option is used to set the configuration file containing the
-extensions. In this case a line with:
-
-extensions = extension_section
-
-in the nameless (default) section is used. If no such line is included then
-it uses the default section.
-
-You can also add extensions to CRLs: a line
-
-crl_extensions = crl_extension_section
-
-will include extensions when the -gencrl option is used with the 'ca' utility.
-You can add any extension to a CRL but of the supported extensions only
-issuerAltName and authorityKeyIdentifier make any real sense. Note: these are
-CRL extensions NOT CRL *entry* extensions which cannot currently be generated.
-CRL entry extensions can be displayed.
-
-NB. At this time Netscape Communicator rejects V2 CRLs: to get an old V1 CRL
-you should not include a crl_extensions line in the configuration file.
-
-As with all configuration files you can use the inbuilt environment expansion
-to allow the values to be passed in the environment. Therefore if you have
-several extension sections used for different purposes you can have a line:
-
-x509_extensions = $ENV::ENV_EXT
-
-and set the ENV_EXT environment variable before calling the relevant utility.
-
-EXTENSION SYNTAX.
-
-Extensions have the basic form:
-
-extension_name=[critical,] extension_options
-
-the use of the critical option makes the extension critical. Extreme caution
-should be made when using the critical flag. If an extension is marked
-as critical then any client that does not understand the extension should
-reject it as invalid. Some broken software will reject certificates which
-have *any* critical extensions (these violates PKIX but we have to live
-with it).
-
-There are three main types of extension: string extensions, multi-valued
-extensions, and raw extensions.
-
-String extensions simply have a string which contains either the value itself
-or how it is obtained.
-
-For example:
-
-nsComment="This is a Comment"
-
-Multi-valued extensions have a short form and a long form. The short form
-is a list of names and values:
-
-basicConstraints=critical,CA:true,pathlen:1
-
-The long form allows the values to be placed in a separate section:
-
-basicConstraints=critical,@bs_section
-
-[bs_section]
-
-CA=true
-pathlen=1
-
-Both forms are equivalent. However it should be noted that in some cases the
-same name can appear multiple times, for example,
-
-subjectAltName=email:steve@here,email:steve@there
-
-in this case an equivalent long form is:
-
-subjectAltName=@alt_section
-
-[alt_section]
-
-email.1=steve@here
-email.2=steve@there
-
-This is because the configuration file code cannot handle the same name
-occurring twice in the same section.
-
-The syntax of raw extensions is governed by the extension code: it can
-for example contain data in multiple sections. The correct syntax to
-use is defined by the extension code itself: check out the certificate
-policies extension for an example.
-
-In addition it is also possible to use the word DER to include arbitrary
-data in any extension.
-
-1.2.3.4=critical,DER:01:02:03:04
-1.2.3.4=DER:01020304
-
-The value following DER is a hex dump of the DER encoding of the extension
-Any extension can be placed in this form to override the default behaviour.
-For example:
-
-basicConstraints=critical,DER:00:01:02:03
-
-WARNING: DER should be used with caution. It is possible to create totally
-invalid extensions unless care is taken.
-
-CURRENTLY SUPPORTED EXTENSIONS.
-
-If you aren't sure about extensions then they can be largely ignored: its only
-when you want to do things like restrict certificate usage when you need to
-worry about them.
-
-The only extension that a beginner might want to look at is Basic Constraints.
-If in addition you want to try Netscape object signing the you should also
-look at Netscape Certificate Type.
-
-Literal String extensions.
-
-In each case the 'value' of the extension is placed directly in the
-extension. Currently supported extensions in this category are: nsBaseUrl,
-nsRevocationUrl, nsCaRevocationUrl, nsRenewalUrl, nsCaPolicyUrl,
-nsSslServerName and nsComment.
-
-For example:
-
-nsComment="This is a test comment"
-
-Bit Strings.
-
-Bit string extensions just consist of a list of supported bits, currently
-two extensions are in this category: PKIX keyUsage and the Netscape specific
-nsCertType.
-
-nsCertType (netscape certificate type) takes the flags: client, server, email,
-objsign, reserved, sslCA, emailCA, objCA.
-
-keyUsage (PKIX key usage) takes the flags: digitalSignature, nonRepudiation,
-keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign,
-encipherOnly, decipherOnly.
-
-For example:
-
-nsCertType=server
-
-keyUsage=digitalSignature, nonRepudiation
-
-Hints on Netscape Certificate Type.
-
-Other than Basic Constraints this is the only extension a beginner might
-want to use, if you want to try Netscape object signing, otherwise it can
-be ignored.
-
-If you want a certificate that can be used just for object signing then:
-
-nsCertType=objsign
-
-will do the job. If you want to use it as a normal end user and server
-certificate as well then
-
-nsCertType=objsign,email,server
-
-is more appropriate. You cannot use a self signed certificate for object
-signing (well Netscape signtool can but it cheats!) so you need to create
-a CA certificate and sign an end user certificate with it.
-
-Side note: If you want to conform to the Netscape specifications then you
-should really also set:
-
-nsCertType=objCA
-
-in the *CA* certificate for just an object signing CA and
-
-nsCertType=objCA,emailCA,sslCA
-
-for everything. Current Netscape software doesn't enforce this so it can
-be omitted.
-
-Basic Constraints.
-
-This is generally the only extension you need to worry about for simple
-applications. If you want your certificate to be usable as a CA certificate
-(in addition to an end user certificate) then you set this to:
-
-basicConstraints=CA:TRUE
-
-if you want to be certain the certificate cannot be used as a CA then do:
-
-basicConstraints=CA:FALSE
-
-The rest of this section describes more advanced usage.
-
-Basic constraints is a multi-valued extension that supports a CA and an
-optional pathlen option. The CA option takes the values true and false and
-pathlen takes an integer. Note if the CA option is false the pathlen option
-should be omitted.
-
-The pathlen parameter indicates the maximum number of CAs that can appear
-below this one in a chain. So if you have a CA with a pathlen of zero it can
-only be used to sign end user certificates and not further CAs. This all
-assumes that the software correctly interprets this extension of course.
-
-Examples:
-
-basicConstraints=CA:TRUE
-basicConstraints=critical,CA:TRUE, pathlen:0
-
-NOTE: for a CA to be considered valid it must have the CA option set to
-TRUE. An end user certificate MUST NOT have the CA value set to true.
-According to PKIX recommendations it should exclude the extension entirely,
-however some software may require CA set to FALSE for end entity certificates.
-
-Extended Key Usage.
-
-This extensions consists of a list of usages.
-
-These can either be object short names of the dotted numerical form of OIDs.
-While any OID can be used only certain values make sense. In particular the
-following PKIX, NS and MS values are meaningful:
-
-Value Meaning
------ -------
-serverAuth SSL/TLS Web Server Authentication.
-clientAuth SSL/TLS Web Client Authentication.
-codeSigning Code signing.
-emailProtection E-mail Protection (S/MIME).
-timeStamping Trusted Timestamping
-msCodeInd Microsoft Individual Code Signing (authenticode)
-msCodeCom Microsoft Commercial Code Signing (authenticode)
-msCTLSign Microsoft Trust List Signing
-msSGC Microsoft Server Gated Crypto
-msEFS Microsoft Encrypted File System
-nsSGC Netscape Server Gated Crypto
-
-For example, under IE5 a CA can be used for any purpose: by including a list
-of the above usages the CA can be restricted to only authorised uses.
-
-Note: software packages may place additional interpretations on certificate
-use, in particular some usages may only work for selected CAs. Don't for example
-expect just including msSGC or nsSGC will automatically mean that a certificate
-can be used for SGC ("step up" encryption) otherwise anyone could use it.
-
-Examples:
-
-extendedKeyUsage=critical,codeSigning,1.2.3.4
-extendedKeyUsage=nsSGC,msSGC
-
-Subject Key Identifier.
-
-This is really a string extension and can take two possible values. Either
-a hex string giving details of the extension value to include or the word
-'hash' which then automatically follow PKIX guidelines in selecting and
-appropriate key identifier. The use of the hex string is strongly discouraged.
-
-Example: subjectKeyIdentifier=hash
-
-Authority Key Identifier.
-
-The authority key identifier extension permits two options. keyid and issuer:
-both can take the optional value "always".
-
-If the keyid option is present an attempt is made to copy the subject key
-identifier from the parent certificate. If the value "always" is present
-then an error is returned if the option fails.
-
-The issuer option copies the issuer and serial number from the issuer
-certificate. Normally this will only be done if the keyid option fails or
-is not included: the "always" flag will always include the value.
-
-Subject Alternative Name.
-
-The subject alternative name extension allows various literal values to be
-included in the configuration file. These include "email" (an email address)
-"URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a
-registered ID: OBJECT IDENTIFIER) and IP (and IP address).
-
-Also the email option include a special 'copy' value. This will automatically
-include and email addresses contained in the certificate subject name in
-the extension.
-
-Examples:
-
-subjectAltName=email:copy,email:my@other.address,URL:http://my.url.here/
-subjectAltName=email:my@other.address,RID:1.2.3.4
-
-Issuer Alternative Name.
-
-The issuer alternative name option supports all the literal options of
-subject alternative name. It does *not* support the email:copy option because
-that would not make sense. It does support an additional issuer:copy option
-that will copy all the subject alternative name values from the issuer
-certificate (if possible).
-
-Example:
-
-issuserAltName = issuer:copy
-
-Authority Info Access.
-
-The authority information access extension gives details about how to access
-certain information relating to the CA. Its syntax is accessOID;location
-where 'location' has the same syntax as subject alternative name (except
-that email:copy is not supported). accessOID can be any valid OID but only
-certain values are meaningful for example OCSP and caIssuers. OCSP gives the
-location of an OCSP responder: this is used by Netscape PSM and other software.
-
-Example:
-
-authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
-authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
-
-CRL distribution points.
-
-This is a multi-valued extension that supports all the literal options of
-subject alternative name. Of the few software packages that currently interpret
-this extension most only interpret the URI option.
-
-Currently each option will set a new DistributionPoint with the fullName
-field set to the given value.
-
-Other fields like cRLissuer and reasons cannot currently be set or displayed:
-at this time no examples were available that used these fields.
-
-If you see this extension with <UNSUPPORTED> when you attempt to print it out
-or it doesn't appear to display correctly then let me know, including the
-certificate (mail me at steve@openssl.org) .
-
-Examples:
-
-crlDistributionPoints=URI:http://www.myhost.com/myca.crl
-crlDistributionPoints=URI:http://www.my.com/my.crl,URI:http://www.oth.com/my.crl
-
-Certificate Policies.
-
-This is a RAW extension. It attempts to display the contents of this extension:
-unfortunately this extension is often improperly encoded.
-
-The certificate policies extension will rarely be used in practice: few
-software packages interpret it correctly or at all. IE5 does partially
-support this extension: but it needs the 'ia5org' option because it will
-only correctly support a broken encoding. Of the options below only the
-policy OID, explicitText and CPS options are displayed with IE5.
-
-All the fields of this extension can be set by using the appropriate syntax.
-
-If you follow the PKIX recommendations of not including any qualifiers and just
-using only one OID then you just include the value of that OID. Multiple OIDs
-can be set separated by commas, for example:
-
-certificatePolicies= 1.2.4.5, 1.1.3.4
-
-If you wish to include qualifiers then the policy OID and qualifiers need to
-be specified in a separate section: this is done by using the @section syntax
-instead of a literal OID value.
-
-The section referred to must include the policy OID using the name
-policyIdentifier, cPSuri qualifiers can be included using the syntax:
-
-CPS.nnn=value
-
-userNotice qualifiers can be set using the syntax:
-
-userNotice.nnn=@notice
-
-The value of the userNotice qualifier is specified in the relevant section.
-This section can include explicitText, organization and noticeNumbers
-options. explicitText and organization are text strings, noticeNumbers is a
-comma separated list of numbers. The organization and noticeNumbers options
-(if included) must BOTH be present. If you use the userNotice option with IE5
-then you need the 'ia5org' option at the top level to modify the encoding:
-otherwise it will not be interpreted properly.
-
-Example:
-
-certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect
-
-[polsect]
-
-policyIdentifier = 1.3.5.8
-CPS.1="http://my.host.name/"
-CPS.2="http://my.your.name/"
-userNotice.1=@notice
-
-[notice]
-
-explicitText="Explicit Text Here"
-organization="Organisation Name"
-noticeNumbers=1,2,3,4
-
-TECHNICAL NOTE: the ia5org option changes the type of the 'organization' field,
-according to PKIX it should be of type DisplayText but Verisign uses an
-IA5STRING and IE5 needs this too.
-
-Display only extensions.
-
-Some extensions are only partially supported and currently are only displayed
-but cannot be set. These include private key usage period, CRL number, and
-CRL reason.
-
-==============================================================================
- X509V3 Extension code: programmers guide
-==============================================================================
-
-The purpose of the extension code is twofold. It allows an extension to be
-created from a string or structure describing its contents and it prints out an
-extension in a human or machine readable form.
-
-1. Initialisation and cleanup.
-
-No special initialisation is needed before calling the extension functions.
-You used to have to call X509V3_add_standard_extensions(); but this is no longer
-required and this function no longer does anything.
-
-void X509V3_EXT_cleanup(void);
-
-This function should be called to cleanup the extension code if any custom
-extensions have been added. If no custom extensions have been added then this
-call does nothing. After this call all custom extension code is freed up but
-you can still use the standard extensions.
-
-2. Printing and parsing extensions.
-
-The simplest way to print out extensions is via the standard X509 printing
-routines: if you use the standard X509_print() function, the supported
-extensions will be printed out automatically.
-
-The following functions allow finer control over extension display:
-
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
-int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
-
-These two functions print out an individual extension to a BIO or FILE pointer.
-Currently the flag argument is unused and should be set to 0. The 'indent'
-argument is the number of spaces to indent each line.
-
-void *X509V3_EXT_d2i(X509_EXTENSION *ext);
-
-This function parses an extension and returns its internal structure. The
-precise structure you get back depends on the extension being parsed. If the
-extension if basicConstraints you will get back a pointer to a
-BASIC_CONSTRAINTS structure. Check out the source in crypto/x509v3 for more
-details about the structures returned. The returned structure should be freed
-after use using the relevant free function, BASIC_CONSTRAINTS_free() for
-example.
-
-void * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
-void * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
-void * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
-void * X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
-
-These functions combine the operations of searching for extensions and
-parsing them. They search a certificate, a CRL a CRL entry or a stack
-of extensions respectively for extension whose NID is 'nid' and return
-the parsed result of NULL if an error occurred. For example:
-
-BASIC_CONSTRAINTS *bs;
-bs = X509_get_ext_d2i(cert, NID_basic_constraints, NULL, NULL);
-
-This will search for the basicConstraints extension and either return
-it value or NULL. NULL can mean either the extension was not found, it
-occurred more than once or it could not be parsed.
-
-If 'idx' is NULL then an extension is only parsed if it occurs precisely
-once. This is standard behaviour because extensions normally cannot occur
-more than once. If however more than one extension of the same type can
-occur it can be used to parse successive extensions for example:
-
-int i;
-void *ext;
-
-i = -1;
-for(;;) {
- ext = X509_get_ext_d2i(x, nid, crit, &idx);
- if(ext == NULL) break;
- /* Do something with ext */
-}
-
-If 'crit' is not NULL and the extension was found then the int it points to
-is set to 1 for critical extensions and 0 for non critical. Therefore if the
-function returns NULL but 'crit' is set to 0 or 1 then the extension was
-found but it could not be parsed.
-
-The int pointed to by crit will be set to -1 if the extension was not found
-and -2 if the extension occurred more than once (this will only happen if
-idx is NULL). In both cases the function will return NULL.
-
-3. Generating extensions.
-
-An extension will typically be generated from a configuration file, or some
-other kind of configuration database.
-
-int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
- X509 *cert);
-int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
- X509_CRL *crl);
-
-These functions add all the extensions in the given section to the given
-certificate or CRL. They will normally be called just before the certificate
-or CRL is due to be signed. Both return 0 on error on non zero for success.
-
-In each case 'conf' is the LHASH pointer of the configuration file to use
-and 'section' is the section containing the extension details.
-
-See the 'context functions' section for a description of the ctx parameter.
-
-
-X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
- char *value);
-
-This function returns an extension based on a name and value pair, if the
-pair will not need to access other sections in a config file (or there is no
-config file) then the 'conf' parameter can be set to NULL.
-
-X509_EXTENSION *X509V3_EXT_conf_nid(char *conf, X509V3_CTX *ctx, int nid,
- char *value);
-
-This function creates an extension in the same way as X509V3_EXT_conf() but
-takes the NID of the extension rather than its name.
-
-For example to produce basicConstraints with the CA flag and a path length of
-10:
-
-x = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,"CA:TRUE,pathlen:10");
-
-
-X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
-
-This function sets up an extension from its internal structure. The ext_nid
-parameter is the NID of the extension and 'crit' is the critical flag.
-
-4. Context functions.
-
-The following functions set and manipulate an extension context structure.
-The purpose of the extension context is to allow the extension code to
-access various structures relating to the "environment" of the certificate:
-for example the issuers certificate or the certificate request.
-
-void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
- X509_REQ *req, X509_CRL *crl, int flags);
-
-This function sets up an X509V3_CTX structure with details of the certificate
-environment: specifically the issuers certificate, the subject certificate,
-the certificate request and the CRL: if these are not relevant or not
-available then they can be set to NULL. The 'flags' parameter should be set
-to zero.
-
-X509V3_set_ctx_test(ctx)
-
-This macro is used to set the 'ctx' structure to a 'test' value: this is to
-allow the syntax of an extension (or configuration file) to be tested.
-
-X509V3_set_ctx_nodb(ctx)
-
-This macro is used when no configuration database is present.
-
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
-
-This function is used to set the configuration database when it is an LHASH
-structure: typically a configuration file.
-
-The following functions are used to access a configuration database: they
-should only be used in RAW extensions.
-
-char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
-
-This function returns the value of the parameter "name" in "section", or NULL
-if there has been an error.
-
-void X509V3_string_free(X509V3_CTX *ctx, char *str);
-
-This function frees up the string returned by the above function.
-
-STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
-
-This function returns a whole section as a STACK_OF(CONF_VALUE) .
-
-void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
-
-This function frees up the STACK returned by the above function.
-
-Note: it is possible to use the extension code with a custom configuration
-database. To do this the "db_meth" element of the X509V3_CTX structure should
-be set to an X509V3_CTX_METHOD structure. This structure contains the following
-function pointers:
-
-char * (*get_string)(void *db, char *section, char *value);
-STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
-void (*free_string)(void *db, char * string);
-void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
-
-these will be called and passed the 'db' element in the X509V3_CTX structure
-to access the database. If a given function is not implemented or not required
-it can be set to NULL.
-
-5. String helper functions.
-
-There are several "i2s" and "s2i" functions that convert structures to and
-from ASCII strings. In all the "i2s" cases the returned string should be
-freed using Free() after use. Since some of these are part of other extension
-code they may take a 'method' parameter. Unless otherwise stated it can be
-safely set to NULL.
-
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct);
-
-This returns a hex string from an ASN1_OCTET_STRING.
-
-char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
-char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
-
-These return a string decimal representations of an ASN1_INTEGER and an
-ASN1_ENUMERATED type, respectively.
-
-ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str);
-
-This converts an ASCII hex string to an ASN1_OCTET_STRING.
-
-ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
-
-This converts a decimal ASCII string into an ASN1_INTEGER.
-
-6. Multi valued extension helper functions.
-
-The following functions can be used to manipulate STACKs of CONF_VALUE
-structures, as used by multi valued extensions.
-
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
-
-This function expects a boolean value in 'value' and sets 'asn1_bool' to
-it. That is it sets it to 0 for FALSE or 0xff for TRUE. The following
-strings are acceptable: "TRUE", "true", "Y", "y", "YES", "yes", "FALSE"
-"false", "N", "n", "NO" or "no".
-
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
-
-This accepts a decimal integer of arbitrary length and sets an ASN1_INTEGER.
-
-int X509V3_add_value(const char *name, const char *value,
- STACK_OF(CONF_VALUE) **extlist);
-
-This simply adds a string name and value pair.
-
-int X509V3_add_value_uchar(const char *name, const unsigned char *value,
- STACK_OF(CONF_VALUE) **extlist);
-
-The same as above but for an unsigned character value.
-
-int X509V3_add_value_bool(const char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist);
-
-This adds either "TRUE" or "FALSE" depending on the value of 'asn1_bool'
-
-int X509V3_add_value_bool_nf(char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist);
-
-This is the same as above except it adds nothing if asn1_bool is FALSE.
-
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
- STACK_OF(CONF_VALUE) **extlist);
-
-This function adds the value of the ASN1_INTEGER in decimal form.
-
-7. Other helper functions.
-
-<to be added>
-
-ADDING CUSTOM EXTENSIONS.
-
-Currently there are three types of supported extensions.
-
-String extensions are simple strings where the value is placed directly in the
-extensions, and the string returned is printed out.
-
-Multi value extensions are passed a STACK_OF(CONF_VALUE) name and value pairs
-or return a STACK_OF(CONF_VALUE).
-
-Raw extensions are just passed a BIO or a value and it is the extensions
-responsibility to handle all the necessary printing.
-
-There are two ways to add an extension. One is simply as an alias to an already
-existing extension. An alias is an extension that is identical in ASN1 structure
-to an existing extension but has a different OBJECT IDENTIFIER. This can be
-done by calling:
-
-int X509V3_EXT_add_alias(int nid_to, int nid_from);
-
-'nid_to' is the new extension NID and 'nid_from' is the already existing
-extension NID.
-
-Alternatively an extension can be written from scratch. This involves writing
-the ASN1 code to encode and decode the extension and functions to print out and
-generate the extension from strings. The relevant functions are then placed in
-a X509V3_EXT_METHOD structure and int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
-called.
-
-The X509V3_EXT_METHOD structure is described below.
-
-strut {
-int ext_nid;
-int ext_flags;
-X509V3_EXT_NEW ext_new;
-X509V3_EXT_FREE ext_free;
-X509V3_EXT_D2I d2i;
-X509V3_EXT_I2D i2d;
-X509V3_EXT_I2S i2s;
-X509V3_EXT_S2I s2i;
-X509V3_EXT_I2V i2v;
-X509V3_EXT_V2I v2i;
-X509V3_EXT_R2I r2i;
-X509V3_EXT_I2R i2r;
-
-void *usr_data;
-};
-
-The elements have the following meanings.
-
-ext_nid is the NID of the object identifier of the extension.
-
-ext_flags is set of flags. Currently the only external flag is
- X509V3_EXT_MULTILINE which means a multi valued extensions
- should be printed on separate lines.
-
-usr_data is an extension specific pointer to any relevant data. This
- allows extensions to share identical code but have different
- uses. An example of this is the bit string extension which uses
- usr_data to contain a list of the bit names.
-
-All the remaining elements are function pointers.
-
-ext_new is a pointer to a function that allocates memory for the
- extension ASN1 structure: for example ASN1_OBJECT_new().
-
-ext_free is a pointer to a function that free up memory of the extension
- ASN1 structure: for example ASN1_OBJECT_free().
-
-d2i is the standard ASN1 function that converts a DER buffer into
- the internal ASN1 structure: for example d2i_ASN1_IA5STRING().
-
-i2d is the standard ASN1 function that converts the internal
- structure into the DER representation: for example
- i2d_ASN1_IA5STRING().
-
-The remaining functions are depend on the type of extension. One i2X and
-one X2i should be set and the rest set to NULL. The types set do not need
-to match up, for example the extension could be set using the multi valued
-v2i function and printed out using the raw i2r.
-
-All functions have the X509V3_EXT_METHOD passed to them in the 'method'
-parameter and an X509V3_CTX structure. Extension code can then access the
-parent structure via the 'method' parameter to for example make use of the value
-of usr_data. If the code needs to use detail relating to the request it can
-use the 'ctx' parameter.
-
-A note should be given here about the 'flags' member of the 'ctx' parameter.
-If it has the value CTX_TEST then the configuration syntax is being checked
-and no actual certificate or CRL exists. Therefore any attempt in the config
-file to access such information should silently succeed. If the syntax is OK
-then it should simply return a (possibly bogus) extension, otherwise it
-should return NULL.
-
-char *i2s(struct v3_ext_method *method, void *ext);
-
-This function takes the internal structure in the ext parameter and returns
-a Malloc'ed string representing its value.
-
-void * s2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-
-This function takes the string representation in the ext parameter and returns
-an allocated internal structure: ext_free() will be used on this internal
-structure after use.
-
-i2v and v2i handle a STACK_OF(CONF_VALUE):
-
-typedef struct
-{
- char *section;
- char *name;
- char *value;
-} CONF_VALUE;
-
-Only the name and value members are currently used.
-
-STACK_OF(CONF_VALUE) * i2v(struct v3_ext_method *method, void *ext);
-
-This function is passed the internal structure in the ext parameter and
-returns a STACK of CONF_VALUE structures. The values of name, value,
-section and the structure itself will be freed up with Free after use.
-Several helper functions are available to add values to this STACK.
-
-void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx,
- STACK_OF(CONF_VALUE) *values);
-
-This function takes a STACK_OF(CONF_VALUE) structures and should set the
-values of the external structure. This typically uses the name element to
-determine which structure element to set and the value element to determine
-what to set it to. Several helper functions are available for this
-purpose (see above).
-
-int i2r(struct v3_ext_method *method, void *ext, BIO *out, int indent);
-
-This function is passed the internal extension structure in the ext parameter
-and sends out a human readable version of the extension to out. The 'indent'
-parameter should be noted to determine the necessary amount of indentation
-needed on the output.
-
-void * r2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-
-This is just passed the string representation of the extension. It is intended
-to be used for more elaborate extensions where the standard single and multi
-valued options are insufficient. They can use the 'ctx' parameter to parse the
-configuration database themselves. See the context functions section for details
-of how to do this.
-
-Note: although this type takes the same parameters as the "r2s" function there
-is a subtle difference. Whereas an "r2i" function can access a configuration
-database an "s2i" function MUST NOT. This is so the internal code can safely
-assume that an "s2i" function will work without a configuration database.
-
-==============================================================================
- PKCS#12 Library
-==============================================================================
-
-This section describes the internal PKCS#12 support. There are very few
-differences between the old external library and the new internal code at
-present. This may well change because the external library will not be updated
-much in future.
-
-This version now includes a couple of high level PKCS#12 functions which
-generally "do the right thing" and should make it much easier to handle PKCS#12
-structures.
-
-HIGH LEVEL FUNCTIONS.
-
-For most applications you only need concern yourself with the high level
-functions. They can parse and generate simple PKCS#12 files as produced by
-Netscape and MSIE or indeed any compliant PKCS#12 file containing a single
-private key and certificate pair.
-
-1. Initialisation and cleanup.
-
-No special initialisation is needed for the internal PKCS#12 library: the
-standard SSLeay_add_all_algorithms() is sufficient. If you do not wish to
-add all algorithms (you should at least add SHA1 though) then you can manually
-initialise the PKCS#12 library with:
-
-PKCS12_PBE_add();
-
-The memory allocated by the PKCS#12 library is freed up when EVP_cleanup() is
-called or it can be directly freed with:
-
-EVP_PBE_cleanup();
-
-after this call (or EVP_cleanup() ) no more PKCS#12 library functions should
-be called.
-
-2. I/O functions.
-
-i2d_PKCS12_bio(bp, p12)
-
-This writes out a PKCS12 structure to a BIO.
-
-i2d_PKCS12_fp(fp, p12)
-
-This is the same but for a FILE pointer.
-
-d2i_PKCS12_bio(bp, p12)
-
-This reads in a PKCS12 structure from a BIO.
-
-d2i_PKCS12_fp(fp, p12)
-
-This is the same but for a FILE pointer.
-
-3. High level functions.
-
-3.1 Parsing with PKCS12_parse().
-
-int PKCS12_parse(PKCS12 *p12, char *pass, EVP_PKEY **pkey, X509 **cert,
- STACK **ca);
-
-This function takes a PKCS12 structure and a password (ASCII, null terminated)
-and returns the private key, the corresponding certificate and any CA
-certificates. If any of these is not required it can be passed as a NULL.
-The 'ca' parameter should be either NULL, a pointer to NULL or a valid STACK
-structure. Typically to read in a PKCS#12 file you might do:
-
-p12 = d2i_PKCS12_fp(fp, NULL);
-PKCS12_parse(p12, password, &pkey, &cert, NULL); /* CAs not wanted */
-PKCS12_free(p12);
-
-3.2 PKCS#12 creation with PKCS12_create().
-
-PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
- STACK *ca, int nid_key, int nid_cert, int iter,
- int mac_iter, int keytype);
-
-This function will create a PKCS12 structure from a given password, name,
-private key, certificate and optional STACK of CA certificates. The remaining
-5 parameters can be set to 0 and sensible defaults will be used.
-
-The parameters nid_key and nid_cert are the key and certificate encryption
-algorithms, iter is the encryption iteration count, mac_iter is the MAC
-iteration count and keytype is the type of private key. If you really want
-to know what these last 5 parameters do then read the low level section.
-
-Typically to create a PKCS#12 file the following could be used:
-
-p12 = PKCS12_create(pass, "My Certificate", pkey, cert, NULL, 0,0,0,0,0);
-i2d_PKCS12_fp(fp, p12);
-PKCS12_free(p12);
-
-3.3 Changing a PKCS#12 structure password.
-
-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
-
-This changes the password of an already existing PKCS#12 structure. oldpass
-is the old password and newpass is the new one. An error occurs if the old
-password is incorrect.
-
-LOW LEVEL FUNCTIONS.
-
-In some cases the high level functions do not provide the necessary
-functionality. For example if you want to generate or parse more complex
-PKCS#12 files. The sample pkcs12 application uses the low level functions
-to display details about the internal structure of a PKCS#12 file.
-
-Introduction.
-
-This is a brief description of how a PKCS#12 file is represented internally:
-some knowledge of PKCS#12 is assumed.
-
-A PKCS#12 object contains several levels.
-
-At the lowest level is a PKCS12_SAFEBAG. This can contain a certificate, a
-CRL, a private key, encrypted or unencrypted, a set of safebags (so the
-structure can be nested) or other secrets (not documented at present).
-A safebag can optionally have attributes, currently these are: a unicode
-friendlyName (a Unicode string) or a localKeyID (a string of bytes).
-
-At the next level is an authSafe which is a set of safebags collected into
-a PKCS#7 ContentInfo. This can be just plain data, or encrypted itself.
-
-At the top level is the PKCS12 structure itself which contains a set of
-authSafes in an embedded PKCS#7 Contentinfo of type data. In addition it
-contains a MAC which is a kind of password protected digest to preserve
-integrity (so any unencrypted stuff below can't be tampered with).
-
-The reason for these levels is so various objects can be encrypted in various
-ways. For example you might want to encrypt a set of private keys with
-triple-DES and then include the related certificates either unencrypted or
-with lower encryption. Yes it's the dreaded crypto laws at work again which
-allow strong encryption on private keys and only weak encryption on other
-stuff.
-
-To build one of these things you turn all certificates and keys into safebags
-(with optional attributes). You collect the safebags into (one or more) STACKS
-and convert these into authsafes (encrypted or unencrypted). The authsafes
-are collected into a STACK and added to a PKCS12 structure. Finally a MAC
-inserted.
-
-Pulling one apart is basically the reverse process. The MAC is verified against
-the given password. The authsafes are extracted and each authsafe split into
-a set of safebags (possibly involving decryption). Finally the safebags are
-decomposed into the original keys and certificates and the attributes used to
-match up private key and certificate pairs.
-
-Anyway here are the functions that do the dirty work.
-
-1. Construction functions.
-
-1.1 Safebag functions.
-
-M_PKCS12_x5092certbag(x509)
-
-This macro takes an X509 structure and returns a certificate bag. The
-X509 structure can be freed up after calling this function.
-
-M_PKCS12_x509crl2certbag(crl)
-
-As above but for a CRL.
-
-PKCS8_PRIV_KEY_INFO *PKEY2PKCS8(EVP_PKEY *pkey)
-
-Take a private key and convert it into a PKCS#8 PrivateKeyInfo structure.
-Works for both RSA and DSA private keys. NB since the PKCS#8 PrivateKeyInfo
-structure contains a private key data in plain text form it should be free'd
-up as soon as it has been encrypted for security reasons (freeing up the
-structure zeros out the sensitive data). This can be done with
-PKCS8_PRIV_KEY_INFO_free().
-
-PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
-
-This sets the key type when a key is imported into MSIE or Outlook 98. Two
-values are currently supported: KEY_EX and KEY_SIG. KEY_EX is an exchange type
-key that can also be used for signing but its size is limited in the export
-versions of MS software to 512 bits, it is also the default. KEY_SIG is a
-signing only key but the keysize is unlimited (well 16K is supposed to work).
-If you are using the domestic version of MSIE then you can ignore this because
-KEY_EX is not limited and can be used for both.
-
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
-
-Convert a PKCS8 private key structure into a keybag. This routine embeds the
-p8 structure in the keybag so p8 should not be freed up or used after it is
-called. The p8 structure will be freed up when the safebag is freed.
-
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8)
-
-Convert a PKCS#8 structure into a shrouded key bag (encrypted). p8 is not
-embedded and can be freed up after use.
-
-int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
-int PKCS12_add_friendlyname(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
-
-Add a local key id or a friendlyname to a safebag.
-
-1.2 Authsafe functions.
-
-PKCS7 *PKCS12_pack_p7data(STACK *sk)
-Take a stack of safebags and convert them into an unencrypted authsafe. The
-stack of safebags can be freed up after calling this function.
-
-PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, STACK *bags);
-
-As above but encrypted.
-
-1.3 PKCS12 functions.
-
-PKCS12 *PKCS12_init(int mode)
-
-Initialise a PKCS12 structure (currently mode should be NID_pkcs7_data).
-
-M_PKCS12_pack_authsafes(p12, safes)
-
-This macro takes a STACK of authsafes and adds them to a PKCS#12 structure.
-
-int PKCS12_set_mac(PKCS12 *p12, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, EVP_MD *md_type);
-
-Add a MAC to a PKCS12 structure. If EVP_MD is NULL use SHA-1, the spec suggests
-that SHA-1 should be used.
-
-2. Extraction Functions.
-
-2.1 Safebags.
-
-M_PKCS12_bag_type(bag)
-
-Return the type of "bag". Returns one of the following
-
-NID_keyBag
-NID_pkcs8ShroudedKeyBag 7
-NID_certBag 8
-NID_crlBag 9
-NID_secretBag 10
-NID_safeContentsBag 11
-
-M_PKCS12_cert_bag_type(bag)
-
-Returns type of certificate bag, following are understood.
-
-NID_x509Certificate 14
-NID_sdsiCertificate 15
-
-M_PKCS12_crl_bag_type(bag)
-
-Returns crl bag type, currently only NID_crlBag is recognised.
-
-M_PKCS12_certbag2x509(bag)
-
-This macro extracts an X509 certificate from a certificate bag.
-
-M_PKCS12_certbag2x509crl(bag)
-
-As above but for a CRL.
-
-EVP_PKEY * PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
-
-Extract a private key from a PKCS8 private key info structure.
-
-M_PKCS12_decrypt_skey(bag, pass, passlen)
-
-Decrypt a shrouded key bag and return a PKCS8 private key info structure.
-Works with both RSA and DSA keys
-
-char *PKCS12_get_friendlyname(bag)
-
-Returns the friendlyName of a bag if present or NULL if none. The returned
-string is a null terminated ASCII string allocated with Malloc(). It should
-thus be freed up with Free() after use.
-
-2.2 AuthSafe functions.
-
-M_PKCS12_unpack_p7data(p7)
-
-Extract a STACK of safe bags from a PKCS#7 data ContentInfo.
-
-#define M_PKCS12_unpack_p7encdata(p7, pass, passlen)
-
-As above but for an encrypted content info.
-
-2.3 PKCS12 functions.
-
-M_PKCS12_unpack_authsafes(p12)
-
-Extract a STACK of authsafes from a PKCS12 structure.
-
-M_PKCS12_mac_present(p12)
-
-Check to see if a MAC is present.
-
-int PKCS12_verify_mac(PKCS12 *p12, unsigned char *pass, int passlen)
-
-Verify a MAC on a PKCS12 structure. Returns an error if MAC not present.
-
-
-Notes.
-
-1. All the function return 0 or NULL on error.
-2. Encryption based functions take a common set of parameters. These are
-described below.
-
-pass, passlen
-ASCII password and length. The password on the MAC is called the "integrity
-password" the encryption password is called the "privacy password" in the
-PKCS#12 documentation. The passwords do not have to be the same. If -1 is
-passed for the length it is worked out by the function itself (currently
-this is sometimes done whatever is passed as the length but that may change).
-
-salt, saltlen
-A 'salt' if salt is NULL a random salt is used. If saltlen is also zero a
-default length is used.
-
-iter
-Iteration count. This is a measure of how many times an internal function is
-called to encrypt the data. The larger this value is the longer it takes, it
-makes dictionary attacks on passwords harder. NOTE: Some implementations do
-not support an iteration count on the MAC. If the password for the MAC and
-encryption is the same then there is no point in having a high iteration
-count for encryption if the MAC has no count. The MAC could be attacked
-and the password used for the main decryption.
-
-pbe_nid
-This is the NID of the password based encryption method used. The following are
-supported.
-NID_pbe_WithSHA1And128BitRC4
-NID_pbe_WithSHA1And40BitRC4
-NID_pbe_WithSHA1And3_Key_TripleDES_CBC
-NID_pbe_WithSHA1And2_Key_TripleDES_CBC
-NID_pbe_WithSHA1And128BitRC2_CBC
-NID_pbe_WithSHA1And40BitRC2_CBC
-
-Which you use depends on the implementation you are exporting to. "Export
-grade" (i.e. cryptographically challenged) products cannot support all
-algorithms. Typically you may be able to use any encryption on shrouded key
-bags but they must then be placed in an unencrypted authsafe. Other authsafes
-may only support 40bit encryption. Of course if you are using SSLeay
-throughout you can strongly encrypt everything and have high iteration counts
-on everything.
-
-3. For decryption routines only the password and length are needed.
-
-4. Unlike the external version the nid's of objects are the values of the
-constants: that is NID_certBag is the real nid, therefore there is no
-PKCS12_obj_offset() function. Note the object constants are not the same as
-those of the external version. If you use these constants then you will need
-to recompile your code.
-
-5. With the exception of PKCS12_MAKE_KEYBAG(), after calling any function or
-macro of the form PKCS12_MAKE_SOMETHING(other) the "other" structure can be
-reused or freed up safely.
-
diff --git a/src/lib/libssl/doc/standards.txt b/src/lib/libssl/doc/standards.txt
deleted file mode 100644
index 61ccc5d7e0..0000000000
--- a/src/lib/libssl/doc/standards.txt
+++ /dev/null
@@ -1,121 +0,0 @@
-Standards related to OpenSSL
-============================
-
-[Please, this is currently a draft. I made a first try at finding
- documents that describe parts of what OpenSSL implements. There are
- big gaps, and I've most certainly done something wrong. Please
- correct whatever is... Also, this note should be removed when this
- file is reaching a somewhat correct state. -- Richard Levitte]
-
-
-All pointers in here will be either URL's or blobs of text borrowed
-from miscellaneous indexes, like rfc-index.txt (index of RFCs),
-1id-index.txt (index of Internet drafts) and the like.
-
-To find the latest possible RFCs, it's recommended to either browse
-ftp://ftp.isi.edu/in-notes/ or go to http://www.rfc-editor.org/ and
-use the search mechanism found there.
-To find the latest possible Internet drafts, it's recommended to
-browse ftp://ftp.isi.edu/internet-drafts/.
-To find the latest possible PKCS, it's recommended to browse
-http://www.rsasecurity.com/rsalabs/pkcs/.
-
-
-Implemented:
-------------
-
-These are documents that describe things that are implemented in OpenSSL.
-
-1319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992.
- (Format: TXT=25661 bytes) (Status: INFORMATIONAL)
-
-1320 The MD4 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
- TXT=32407 bytes) (Status: INFORMATIONAL)
-
-1321 The MD5 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
- TXT=35222 bytes) (Status: INFORMATIONAL)
-
-2246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999.
- (Format: TXT=170401 bytes) (Status: PROPOSED STANDARD)
-
-2268 A Description of the RC2(r) Encryption Algorithm. R. Rivest.
- January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL)
-
-2314 PKCS 10: Certification Request Syntax Version 1.5. B. Kaliski.
- March 1998. (Format: TXT=15814 bytes) (Status: INFORMATIONAL)
-
-2315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski.
- March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL)
-
-2437 PKCS #1: RSA Cryptography Specifications Version 2.0. B. Kaliski,
- J. Staddon. October 1998. (Format: TXT=73529 bytes) (Obsoletes
- RFC2313) (Status: INFORMATIONAL)
-
-2459 Internet X.509 Public Key Infrastructure Certificate and CRL
- Profile. R. Housley, W. Ford, W. Polk, D. Solo. January 1999.
- (Format: TXT=278438 bytes) (Status: PROPOSED STANDARD)
-
-PKCS#8: Private-Key Information Syntax Standard
-
-PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
-
-
-Related:
---------
-
-These are documents that are close to OpenSSL, for example the
-STARTTLS documents.
-
-1421 Privacy Enhancement for Internet Electronic Mail: Part I: Message
- Encryption and Authentication Procedures. J. Linn. February 1993.
- (Format: TXT=103894 bytes) (Obsoletes RFC1113) (Status: PROPOSED
- STANDARD)
-
-1422 Privacy Enhancement for Internet Electronic Mail: Part II:
- Certificate-Based Key Management. S. Kent. February 1993. (Format:
- TXT=86085 bytes) (Obsoletes RFC1114) (Status: PROPOSED STANDARD)
-
-1423 Privacy Enhancement for Internet Electronic Mail: Part III:
- Algorithms, Modes, and Identifiers. D. Balenson. February 1993.
- (Format: TXT=33277 bytes) (Obsoletes RFC1115) (Status: PROPOSED
- STANDARD)
-
-1424 Privacy Enhancement for Internet Electronic Mail: Part IV: Key
- Certification and Related Services. B. Kaliski. February 1993.
- (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD)
-
-2487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman.
- January 1999. (Format: TXT=15120 bytes) (Status: PROPOSED STANDARD)
-
-2585 Internet X.509 Public Key Infrastructure Operational Protocols:
- FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813
- bytes) (Status: PROPOSED STANDARD)
-
-2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999.
- (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD)
-
-2712 Addition of Kerberos Cipher Suites to Transport Layer Security
- (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes)
- (Status: PROPOSED STANDARD)
-
-2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May
- 2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED
- STANDARD)
-
-2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes)
- (Status: INFORMATIONAL)
-
- "Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>
-
-
-To be implemented:
-------------------
-
-These are documents that describe things that are planed to be
-implemented in the hopefully short future.
-
-2560 X.509 Internet Public Key Infrastructure Online Certificate
- Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin,
- C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED
- STANDARD)
-
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
deleted file mode 100644
index 5050a13ef2..0000000000
--- a/src/lib/libssl/s23_clnt.c
+++ /dev/null
@@ -1,475 +0,0 @@
-/* ssl/s23_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include "ssl_locl.h"
-
-static SSL_METHOD *ssl23_get_client_method(int ver);
-static int ssl23_client_hello(SSL *s);
-static int ssl23_get_server_hello(SSL *s);
-static SSL_METHOD *ssl23_get_client_method(int ver)
- {
-#ifndef NO_SSL2
- if (ver == SSL2_VERSION)
- return(SSLv2_client_method());
-#endif
- if (ver == SSL3_VERSION)
- return(SSLv3_client_method());
- else if (ver == TLS1_VERSION)
- return(TLSv1_client_method());
- else
- return(NULL);
- }
-
-SSL_METHOD *SSLv23_client_method(void)
- {
- static int init=1;
- static SSL_METHOD SSLv23_client_data;
-
- if (init)
- {
- memcpy((char *)&SSLv23_client_data,
- (char *)sslv23_base_method(),sizeof(SSL_METHOD));
- SSLv23_client_data.ssl_connect=ssl23_connect;
- SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
- init=0;
- }
- return(&SSLv23_client_data);
- }
-
-int ssl23_connect(SSL *s)
- {
- BUF_MEM *buf;
- unsigned long Time=time(NULL);
- void (*cb)()=NULL;
- int ret= -1;
- int new_state,state;
-
- RAND_add(&Time,sizeof(Time),0);
- ERR_clear_error();
- clear_sys_error();
-
- if (s->info_callback != NULL)
- cb=s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb=s->ctx->info_callback;
-
- if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
- s->in_handshake++;
-
- for (;;)
- {
- state=s->state;
-
- switch(s->state)
- {
- case SSL_ST_BEFORE:
- case SSL_ST_CONNECT:
- case SSL_ST_BEFORE|SSL_ST_CONNECT:
- case SSL_ST_OK|SSL_ST_CONNECT:
-
- if (s->session != NULL)
- {
- SSLerr(SSL_F_SSL23_CONNECT,SSL_R_SSL23_DOING_SESSION_ID_REUSE);
- ret= -1;
- goto end;
- }
- s->server=0;
- if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
-
- /* s->version=TLS1_VERSION; */
- s->type=SSL_ST_CONNECT;
-
- if (s->init_buf == NULL)
- {
- if ((buf=BUF_MEM_new()) == NULL)
- {
- ret= -1;
- goto end;
- }
- if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
- {
- ret= -1;
- goto end;
- }
- s->init_buf=buf;
- }
-
- if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
-
- ssl3_init_finished_mac(s);
-
- s->state=SSL23_ST_CW_CLNT_HELLO_A;
- s->ctx->stats.sess_connect++;
- s->init_num=0;
- break;
-
- case SSL23_ST_CW_CLNT_HELLO_A:
- case SSL23_ST_CW_CLNT_HELLO_B:
-
- s->shutdown=0;
- ret=ssl23_client_hello(s);
- if (ret <= 0) goto end;
- s->state=SSL23_ST_CR_SRVR_HELLO_A;
- s->init_num=0;
-
- break;
-
- case SSL23_ST_CR_SRVR_HELLO_A:
- case SSL23_ST_CR_SRVR_HELLO_B:
- ret=ssl23_get_server_hello(s);
- if (ret >= 0) cb=NULL;
- goto end;
- /* break; */
-
- default:
- SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE);
- ret= -1;
- goto end;
- /* break; */
- }
-
- if (s->debug) { (void)BIO_flush(s->wbio); }
-
- if ((cb != NULL) && (s->state != state))
- {
- new_state=s->state;
- s->state=state;
- cb(s,SSL_CB_CONNECT_LOOP,1);
- s->state=new_state;
- }
- }
-end:
- s->in_handshake--;
- if (cb != NULL)
- cb(s,SSL_CB_CONNECT_EXIT,ret);
- return(ret);
- }
-
-
-static int ssl23_client_hello(SSL *s)
- {
- unsigned char *buf;
- unsigned char *p,*d;
- int i,ch_len;
-
- buf=(unsigned char *)s->init_buf->data;
- if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
- {
-#if 0
- /* don't reuse session-id's */
- if (!ssl_get_new_session(s,0))
- {
- return(-1);
- }
-#endif
-
- p=s->s3->client_random;
- RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE);
-
- /* Do the message type and length last */
- d= &(buf[2]);
- p=d+9;
-
- *(d++)=SSL2_MT_CLIENT_HELLO;
- if (!(s->options & SSL_OP_NO_TLSv1))
- {
- *(d++)=TLS1_VERSION_MAJOR;
- *(d++)=TLS1_VERSION_MINOR;
- s->client_version=TLS1_VERSION;
- }
- else if (!(s->options & SSL_OP_NO_SSLv3))
- {
- *(d++)=SSL3_VERSION_MAJOR;
- *(d++)=SSL3_VERSION_MINOR;
- s->client_version=SSL3_VERSION;
- }
- else if (!(s->options & SSL_OP_NO_SSLv2))
- {
- *(d++)=SSL2_VERSION_MAJOR;
- *(d++)=SSL2_VERSION_MINOR;
- s->client_version=SSL2_VERSION;
- }
- else
- {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE);
- return(-1);
- }
-
- /* Ciphers supported */
- i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
- if (i == 0)
- {
- /* no ciphers */
- SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
- return(-1);
- }
- s2n(i,d);
- p+=i;
-
- /* put in the session-id, zero since there is no
- * reuse. */
-#if 0
- s->session->session_id_length=0;
-#endif
- s2n(0,d);
-
- if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
- ch_len=SSL2_CHALLENGE_LENGTH;
- else
- ch_len=SSL2_MAX_CHALLENGE_LENGTH;
-
- /* write out sslv2 challenge */
- if (SSL3_RANDOM_SIZE < ch_len)
- i=SSL3_RANDOM_SIZE;
- else
- i=ch_len;
- s2n(i,d);
- memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
- RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
- memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
- p+=i;
-
- i= p- &(buf[2]);
- buf[0]=((i>>8)&0xff)|0x80;
- buf[1]=(i&0xff);
-
- s->state=SSL23_ST_CW_CLNT_HELLO_B;
- /* number of bytes to write */
- s->init_num=i+2;
- s->init_off=0;
-
- ssl3_finish_mac(s,&(buf[2]),i);
- }
-
- /* SSL3_ST_CW_CLNT_HELLO_B */
- return(ssl23_write_bytes(s));
- }
-
-static int ssl23_get_server_hello(SSL *s)
- {
- char buf[8];
- unsigned char *p;
- int i;
- int n;
-
- n=ssl23_read_bytes(s,7);
-
- if (n != 7) return(n);
- p=s->packet;
-
- memcpy(buf,p,n);
-
- if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
- (p[5] == 0x00) && (p[6] == 0x02))
- {
-#ifdef NO_SSL2
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
- goto err;
-#else
- /* we are talking sslv2 */
- /* we need to clean up the SSLv3 setup and put in the
- * sslv2 stuff. */
- int ch_len;
-
- if (s->options & SSL_OP_NO_SSLv2)
- {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
- goto err;
- }
- if (s->s2 == NULL)
- {
- if (!ssl2_new(s))
- goto err;
- }
- else
- ssl2_clear(s);
-
- if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
- ch_len=SSL2_CHALLENGE_LENGTH;
- else
- ch_len=SSL2_MAX_CHALLENGE_LENGTH;
-
- /* write out sslv2 challenge */
- i=(SSL3_RANDOM_SIZE < ch_len)
- ?SSL3_RANDOM_SIZE:ch_len;
- s->s2->challenge_length=i;
- memcpy(s->s2->challenge,
- &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
-
- if (s->s3 != NULL) ssl3_free(s);
-
- if (!BUF_MEM_grow(s->init_buf,
- SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
- {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
- goto err;
- }
-
- s->state=SSL2_ST_GET_SERVER_HELLO_A;
- if (!(s->client_version == SSL2_VERSION))
- /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
- s->s2->ssl2_rollback=1;
-
- /* setup the 5 bytes we have read so we get them from
- * the sslv2 buffer */
- s->rstate=SSL_ST_READ_HEADER;
- s->packet_length=n;
- s->packet= &(s->s2->rbuf[0]);
- memcpy(s->packet,buf,n);
- s->s2->rbuf_left=n;
- s->s2->rbuf_offs=0;
-
- /* we have already written one */
- s->s2->write_sequence=1;
-
- s->method=SSLv2_client_method();
- s->handshake_func=s->method->ssl_connect;
-#endif
- }
- else if ((p[0] == SSL3_RT_HANDSHAKE) &&
- (p[1] == SSL3_VERSION_MAJOR) &&
- ((p[2] == SSL3_VERSION_MINOR) ||
- (p[2] == TLS1_VERSION_MINOR)) &&
- (p[5] == SSL3_MT_SERVER_HELLO))
- {
- /* we have sslv3 or tls1 */
-
- if (!ssl_init_wbio_buffer(s,1)) goto err;
-
- /* we are in this state */
- s->state=SSL3_ST_CR_SRVR_HELLO_A;
-
- /* put the 5 bytes we have read into the input buffer
- * for SSLv3 */
- s->rstate=SSL_ST_READ_HEADER;
- s->packet_length=n;
- s->packet= &(s->s3->rbuf.buf[0]);
- memcpy(s->packet,buf,n);
- s->s3->rbuf.left=n;
- s->s3->rbuf.offset=0;
-
- if ((p[2] == SSL3_VERSION_MINOR) &&
- !(s->options & SSL_OP_NO_SSLv3))
- {
- s->version=SSL3_VERSION;
- s->method=SSLv3_client_method();
- }
- else if ((p[2] == TLS1_VERSION_MINOR) &&
- !(s->options & SSL_OP_NO_TLSv1))
- {
- s->version=TLS1_VERSION;
- s->method=TLSv1_client_method();
- }
- else
- {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
- goto err;
- }
-
- s->handshake_func=s->method->ssl_connect;
- }
- else if ((p[0] == SSL3_RT_ALERT) &&
- (p[1] == SSL3_VERSION_MAJOR) &&
- ((p[2] == SSL3_VERSION_MINOR) ||
- (p[2] == TLS1_VERSION_MINOR)) &&
- (p[3] == 0) &&
- (p[4] == 2))
- {
- void (*cb)()=NULL;
- int j;
-
- /* An alert */
- if (s->info_callback != NULL)
- cb=s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb=s->ctx->info_callback;
-
- i=p[5];
- if (cb != NULL)
- {
- j=(i<<8)|p[6];
- cb(s,SSL_CB_READ_ALERT,j);
- }
-
- s->rwstate=SSL_NOTHING;
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]);
- goto err;
- }
- else
- {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL);
- goto err;
- }
- s->init_num=0;
-
- /* Since, if we are sending a ssl23 client hello, we are not
- * reusing a session-id */
- if (!ssl_get_new_session(s,0))
- goto err;
-
- s->first_packet=1;
- return(SSL_connect(s));
-err:
- return(-1);
- }
-
diff --git a/src/lib/libssl/s23_lib.c b/src/lib/libssl/s23_lib.c
deleted file mode 100644
index ad2d8dadf7..0000000000
--- a/src/lib/libssl/s23_lib.c
+++ /dev/null
@@ -1,236 +0,0 @@
-/* ssl/s23_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-static int ssl23_num_ciphers(void );
-static SSL_CIPHER *ssl23_get_cipher(unsigned int u);
-static int ssl23_read(SSL *s, void *buf, int len);
-static int ssl23_peek(SSL *s, void *buf, int len);
-static int ssl23_write(SSL *s, const void *buf, int len);
-static long ssl23_default_timeout(void );
-static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
-const char *SSL23_version_str="SSLv2/3 compatibility" OPENSSL_VERSION_PTEXT;
-
-static SSL_METHOD SSLv23_data= {
- TLS1_VERSION,
- tls1_new,
- tls1_clear,
- tls1_free,
- ssl_undefined_function,
- ssl_undefined_function,
- ssl23_read,
- ssl23_peek,
- ssl23_write,
- ssl_undefined_function,
- ssl_undefined_function,
- ssl_ok,
- ssl3_ctrl,
- ssl3_ctx_ctrl,
- ssl23_get_cipher_by_char,
- ssl23_put_cipher_by_char,
- ssl_undefined_function,
- ssl23_num_ciphers,
- ssl23_get_cipher,
- ssl_bad_method,
- ssl23_default_timeout,
- &ssl3_undef_enc_method,
- ssl_undefined_function,
- ssl3_callback_ctrl,
- ssl3_ctx_callback_ctrl,
- };
-
-static long ssl23_default_timeout(void)
- {
- return(300);
- }
-
-SSL_METHOD *sslv23_base_method(void)
- {
- return(&SSLv23_data);
- }
-
-static int ssl23_num_ciphers(void)
- {
- return(ssl3_num_ciphers()
-#ifndef NO_SSL2
- + ssl2_num_ciphers()
-#endif
- );
- }
-
-static SSL_CIPHER *ssl23_get_cipher(unsigned int u)
- {
- unsigned int uu=ssl3_num_ciphers();
-
- if (u < uu)
- return(ssl3_get_cipher(u));
- else
-#ifndef NO_SSL2
- return(ssl2_get_cipher(u-uu));
-#else
- return(NULL);
-#endif
- }
-
-/* This function needs to check if the ciphers required are actually
- * available */
-static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
- {
- SSL_CIPHER c,*cp;
- unsigned long id;
- int n;
-
- n=ssl3_num_ciphers();
- id=0x03000000|((unsigned long)p[0]<<16L)|
- ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
- c.id=id;
- cp=ssl3_get_cipher_by_char(p);
-#ifndef NO_SSL2
- if (cp == NULL)
- cp=ssl2_get_cipher_by_char(p);
-#endif
- return(cp);
- }
-
-static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
- {
- long l;
-
- /* We can write SSLv2 and SSLv3 ciphers */
- if (p != NULL)
- {
- l=c->id;
- p[0]=((unsigned char)(l>>16L))&0xFF;
- p[1]=((unsigned char)(l>> 8L))&0xFF;
- p[2]=((unsigned char)(l ))&0xFF;
- }
- return(3);
- }
-
-static int ssl23_read(SSL *s, void *buf, int len)
- {
- int n;
-
- clear_sys_error();
- if (SSL_in_init(s) && (!s->in_handshake))
- {
- n=s->handshake_func(s);
- if (n < 0) return(n);
- if (n == 0)
- {
- SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE);
- return(-1);
- }
- return(SSL_read(s,buf,len));
- }
- else
- {
- ssl_undefined_function(s);
- return(-1);
- }
- }
-
-static int ssl23_peek(SSL *s, void *buf, int len)
- {
- int n;
-
- clear_sys_error();
- if (SSL_in_init(s) && (!s->in_handshake))
- {
- n=s->handshake_func(s);
- if (n < 0) return(n);
- if (n == 0)
- {
- SSLerr(SSL_F_SSL23_PEEK,SSL_R_SSL_HANDSHAKE_FAILURE);
- return(-1);
- }
- return(SSL_peek(s,buf,len));
- }
- else
- {
- ssl_undefined_function(s);
- return(-1);
- }
- }
-
-static int ssl23_write(SSL *s, const void *buf, int len)
- {
- int n;
-
- clear_sys_error();
- if (SSL_in_init(s) && (!s->in_handshake))
- {
- n=s->handshake_func(s);
- if (n < 0) return(n);
- if (n == 0)
- {
- SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE);
- return(-1);
- }
- return(SSL_write(s,buf,len));
- }
- else
- {
- ssl_undefined_function(s);
- return(-1);
- }
- }
diff --git a/src/lib/libssl/s23_pkt.c b/src/lib/libssl/s23_pkt.c
deleted file mode 100644
index f45e1ce3d8..0000000000
--- a/src/lib/libssl/s23_pkt.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* ssl/s23_pkt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include <openssl/evp.h>
-#include <openssl/buffer.h>
-#include "ssl_locl.h"
-
-int ssl23_write_bytes(SSL *s)
- {
- int i,num,tot;
- char *buf;
-
- buf=s->init_buf->data;
- tot=s->init_off;
- num=s->init_num;
- for (;;)
- {
- s->rwstate=SSL_WRITING;
- i=BIO_write(s->wbio,&(buf[tot]),num);
- if (i <= 0)
- {
- s->init_off=tot;
- s->init_num=num;
- return(i);
- }
- s->rwstate=SSL_NOTHING;
- if (i == num) return(tot+i);
-
- num-=i;
- tot+=i;
- }
- }
-
-/* return regularly only when we have read (at least) 'n' bytes */
-int ssl23_read_bytes(SSL *s, int n)
- {
- unsigned char *p;
- int j;
-
- if (s->packet_length < (unsigned int)n)
- {
- p=s->packet;
-
- for (;;)
- {
- s->rwstate=SSL_READING;
- j=BIO_read(s->rbio,(char *)&(p[s->packet_length]),
- n-s->packet_length);
- if (j <= 0)
- return(j);
- s->rwstate=SSL_NOTHING;
- s->packet_length+=j;
- if (s->packet_length >= (unsigned int)n)
- return(s->packet_length);
- }
- }
- return(n);
- }
-
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
deleted file mode 100644
index 050618235f..0000000000
--- a/src/lib/libssl/s23_srvr.c
+++ /dev/null
@@ -1,576 +0,0 @@
-/* ssl/s23_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include "ssl_locl.h"
-
-static SSL_METHOD *ssl23_get_server_method(int ver);
-int ssl23_get_client_hello(SSL *s);
-static SSL_METHOD *ssl23_get_server_method(int ver)
- {
-#ifndef NO_SSL2
- if (ver == SSL2_VERSION)
- return(SSLv2_server_method());
-#endif
- if (ver == SSL3_VERSION)
- return(SSLv3_server_method());
- else if (ver == TLS1_VERSION)
- return(TLSv1_server_method());
- else
- return(NULL);
- }
-
-SSL_METHOD *SSLv23_server_method(void)
- {
- static int init=1;
- static SSL_METHOD SSLv23_server_data;
-
- if (init)
- {
- memcpy((char *)&SSLv23_server_data,
- (char *)sslv23_base_method(),sizeof(SSL_METHOD));
- SSLv23_server_data.ssl_accept=ssl23_accept;
- SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
- init=0;
- }
- return(&SSLv23_server_data);
- }
-
-int ssl23_accept(SSL *s)
- {
- BUF_MEM *buf;
- unsigned long Time=time(NULL);
- void (*cb)()=NULL;
- int ret= -1;
- int new_state,state;
-
- RAND_add(&Time,sizeof(Time),0);
- ERR_clear_error();
- clear_sys_error();
-
- if (s->info_callback != NULL)
- cb=s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb=s->ctx->info_callback;
-
- if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
- s->in_handshake++;
-
- for (;;)
- {
- state=s->state;
-
- switch(s->state)
- {
- case SSL_ST_BEFORE:
- case SSL_ST_ACCEPT:
- case SSL_ST_BEFORE|SSL_ST_ACCEPT:
- case SSL_ST_OK|SSL_ST_ACCEPT:
-
- s->server=1;
- if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
-
- /* s->version=SSL3_VERSION; */
- s->type=SSL_ST_ACCEPT;
-
- if (s->init_buf == NULL)
- {
- if ((buf=BUF_MEM_new()) == NULL)
- {
- ret= -1;
- goto end;
- }
- if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
- {
- ret= -1;
- goto end;
- }
- s->init_buf=buf;
- }
-
- ssl3_init_finished_mac(s);
-
- s->state=SSL23_ST_SR_CLNT_HELLO_A;
- s->ctx->stats.sess_accept++;
- s->init_num=0;
- break;
-
- case SSL23_ST_SR_CLNT_HELLO_A:
- case SSL23_ST_SR_CLNT_HELLO_B:
-
- s->shutdown=0;
- ret=ssl23_get_client_hello(s);
- if (ret >= 0) cb=NULL;
- goto end;
- /* break; */
-
- default:
- SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE);
- ret= -1;
- goto end;
- /* break; */
- }
-
- if ((cb != NULL) && (s->state != state))
- {
- new_state=s->state;
- s->state=state;
- cb(s,SSL_CB_ACCEPT_LOOP,1);
- s->state=new_state;
- }
- }
-end:
- if (cb != NULL)
- cb(s,SSL_CB_ACCEPT_EXIT,ret);
- s->in_handshake--;
- return(ret);
- }
-
-
-int ssl23_get_client_hello(SSL *s)
- {
- char buf_space[11]; /* Request this many bytes in initial read.
- * We can detect SSL 3.0/TLS 1.0 Client Hellos
- * ('type == 3') correctly only when the following
- * is in a single record, which is not guaranteed by
- * the protocol specification:
- * Byte Content
- * 0 type \
- * 1/2 version > record header
- * 3/4 length /
- * 5 msg_type \
- * 6-8 length > Client Hello message
- * 9/10 client_version /
- */
- char *buf= &(buf_space[0]);
- unsigned char *p,*d,*dd;
- unsigned int i;
- unsigned int csl,sil,cl;
- int n=0,j;
- int type=0;
- int v[2];
-#ifndef NO_RSA
- int use_sslv2_strong=0;
-#endif
-
- if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
- {
- /* read the initial header */
- v[0]=v[1]=0;
-
- if (!ssl3_setup_buffers(s)) goto err;
-
- n=ssl23_read_bytes(s, sizeof buf_space);
- if (n != sizeof buf_space) return(n); /* n == -1 || n == 0 */
-
- p=s->packet;
-
- memcpy(buf,p,n);
-
- if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO))
- {
- /*
- * SSLv2 header
- */
- if ((p[3] == 0x00) && (p[4] == 0x02))
- {
- v[0]=p[3]; v[1]=p[4];
- /* SSLv2 */
- if (!(s->options & SSL_OP_NO_SSLv2))
- type=1;
- }
- else if (p[3] == SSL3_VERSION_MAJOR)
- {
- v[0]=p[3]; v[1]=p[4];
- /* SSLv3/TLSv1 */
- if (p[4] >= TLS1_VERSION_MINOR)
- {
- if (!(s->options & SSL_OP_NO_TLSv1))
- {
- s->version=TLS1_VERSION;
- /* type=2; */ /* done later to survive restarts */
- s->state=SSL23_ST_SR_CLNT_HELLO_B;
- }
- else if (!(s->options & SSL_OP_NO_SSLv3))
- {
- s->version=SSL3_VERSION;
- /* type=2; */
- s->state=SSL23_ST_SR_CLNT_HELLO_B;
- }
- else if (!(s->options & SSL_OP_NO_SSLv2))
- {
- type=1;
- }
- }
- else if (!(s->options & SSL_OP_NO_SSLv3))
- {
- s->version=SSL3_VERSION;
- /* type=2; */
- s->state=SSL23_ST_SR_CLNT_HELLO_B;
- }
- else if (!(s->options & SSL_OP_NO_SSLv2))
- type=1;
-
- if (s->options & SSL_OP_NON_EXPORT_FIRST)
- /* Not only utterly confusing, but broken
- * ('fractured programming'?) -- the details
- * of this block nearly make it work
- * as intended in this environment, but on one
- * of the fine points (w.r.t. restarts) it fails.
- * The obvious fix would be even more devastating
- * to program structure; if you want the functionality,
- * throw this away and implement it in a way
- * that makes sense */
- {
-#if 0
- STACK_OF(SSL_CIPHER) *sk;
- SSL_CIPHER *c;
- int ne2,ne3;
-
- j=((p[0]&0x7f)<<8)|p[1];
- if (j > (1024*4))
- {
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
- goto err;
- }
-
- n=ssl23_read_bytes(s,j+2);
- if (n <= 0) return(n);
- p=s->packet;
-
- if ((buf=OPENSSL_malloc(n)) == NULL)
- {
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- memcpy(buf,p,n);
-
- p+=5;
- n2s(p,csl);
- p+=4;
-
- sk=ssl_bytes_to_cipher_list(
- s,p,csl,NULL);
- if (sk != NULL)
- {
- ne2=ne3=0;
- for (j=0; j<sk_SSL_CIPHER_num(sk); j++)
- {
- c=sk_SSL_CIPHER_value(sk,j);
- if (!SSL_C_IS_EXPORT(c))
- {
- if ((c->id>>24L) == 2L)
- ne2=1;
- else
- ne3=1;
- }
- }
- if (ne2 && !ne3)
- {
- type=1;
- use_sslv2_strong=1;
- goto next_bit;
- }
- }
-#else
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_OPTION);
- goto err;
-#endif
- }
- }
- }
- else if ((p[0] == SSL3_RT_HANDSHAKE) &&
- (p[1] == SSL3_VERSION_MAJOR) &&
- (p[5] == SSL3_MT_CLIENT_HELLO) &&
- ((p[3] == 0 && p[4] < 5 /* silly record length? */)
- || (p[9] == p[1])))
- {
- /*
- * SSLv3 or tls1 header
- */
-
- v[0]=p[1]; /* major version (= SSL3_VERSION_MAJOR) */
- /* We must look at client_version inside the Client Hello message
- * to get the correct minor version.
- * However if we have only a pathologically small fragment of the
- * Client Hello message, this would be difficult, we'd have
- * to read at least one additional record to find out.
- * This doesn't usually happen in real life, so we just complain
- * for now.
- */
- if (p[3] == 0 && p[4] < 6)
- {
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL);
- goto err;
- }
- v[1]=p[10]; /* minor version according to client_version */
- if (v[1] >= TLS1_VERSION_MINOR)
- {
- if (!(s->options & SSL_OP_NO_TLSv1))
- {
- s->version=TLS1_VERSION;
- type=3;
- }
- else if (!(s->options & SSL_OP_NO_SSLv3))
- {
- s->version=SSL3_VERSION;
- type=3;
- }
- }
- else if (!(s->options & SSL_OP_NO_SSLv3))
- {
- s->version=SSL3_VERSION;
- type=3;
- }
- }
- else if ((strncmp("GET ", (char *)p,4) == 0) ||
- (strncmp("POST ",(char *)p,5) == 0) ||
- (strncmp("HEAD ",(char *)p,5) == 0) ||
- (strncmp("PUT ", (char *)p,4) == 0))
- {
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST);
- goto err;
- }
- else if (strncmp("CONNECT",(char *)p,7) == 0)
- {
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST);
- goto err;
- }
- }
-
- if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
- {
- /* we have SSLv3/TLSv1 in an SSLv2 header
- * (other cases skip this state) */
-
- type=2;
- p=s->packet;
- v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
- v[1] = p[4];
-
- n=((p[0]&0x7f)<<8)|p[1];
- if (n > (1024*4))
- {
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
- goto err;
- }
-
- j=ssl23_read_bytes(s,n+2);
- if (j <= 0) return(j);
-
- ssl3_finish_mac(s,&(s->packet[2]),s->packet_length-2);
-
- p=s->packet;
- p+=5;
- n2s(p,csl);
- n2s(p,sil);
- n2s(p,cl);
- d=(unsigned char *)s->init_buf->data;
- if ((csl+sil+cl+11) != s->packet_length)
- {
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);
- goto err;
- }
-
- *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
- *(d++) = v[1];
-
- /* lets populate the random area */
- /* get the challenge_length */
- i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl;
- memset(d,0,SSL3_RANDOM_SIZE);
- memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i);
- d+=SSL3_RANDOM_SIZE;
-
- /* no session-id reuse */
- *(d++)=0;
-
- /* ciphers */
- j=0;
- dd=d;
- d+=2;
- for (i=0; i<csl; i+=3)
- {
- if (p[i] != 0) continue;
- *(d++)=p[i+1];
- *(d++)=p[i+2];
- j+=2;
- }
- s2n(j,dd);
-
- /* COMPRESSION */
- *(d++)=1;
- *(d++)=0;
-
- i=(d-(unsigned char *)s->init_buf->data);
-
- /* get the data reused from the init_buf */
- s->s3->tmp.reuse_message=1;
- s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO;
- s->s3->tmp.message_size=i;
- }
-
- /* imaginary new state (for program structure): */
- /* s->state = SSL23_SR_CLNT_HELLO_C */
-
- if (type == 1)
- {
-#ifdef NO_SSL2
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
- goto err;
-#else
- /* we are talking sslv2 */
- /* we need to clean up the SSLv3/TLSv1 setup and put in the
- * sslv2 stuff. */
-
- if (s->s2 == NULL)
- {
- if (!ssl2_new(s))
- goto err;
- }
- else
- ssl2_clear(s);
-
- if (s->s3 != NULL) ssl3_free(s);
-
- if (!BUF_MEM_grow(s->init_buf,
- SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
- {
- goto err;
- }
-
- s->state=SSL2_ST_GET_CLIENT_HELLO_A;
- if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
- use_sslv2_strong ||
- (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
- s->s2->ssl2_rollback=0;
- else
- /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
- * (SSL 3.0 draft/RFC 2246, App. E.2) */
- s->s2->ssl2_rollback=1;
-
- /* setup the n bytes we have read so we get them from
- * the sslv2 buffer */
- s->rstate=SSL_ST_READ_HEADER;
- s->packet_length=n;
- s->packet= &(s->s2->rbuf[0]);
- memcpy(s->packet,buf,n);
- s->s2->rbuf_left=n;
- s->s2->rbuf_offs=0;
-
- s->method=SSLv2_server_method();
- s->handshake_func=s->method->ssl_accept;
-#endif
- }
-
- if ((type == 2) || (type == 3))
- {
- /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */
-
- if (!ssl_init_wbio_buffer(s,1)) goto err;
-
- /* we are in this state */
- s->state=SSL3_ST_SR_CLNT_HELLO_A;
-
- if (type == 3)
- {
- /* put the 'n' bytes we have read into the input buffer
- * for SSLv3 */
- s->rstate=SSL_ST_READ_HEADER;
- s->packet_length=n;
- s->packet= &(s->s3->rbuf.buf[0]);
- memcpy(s->packet,buf,n);
- s->s3->rbuf.left=n;
- s->s3->rbuf.offset=0;
- }
- else
- {
- s->packet_length=0;
- s->s3->rbuf.left=0;
- s->s3->rbuf.offset=0;
- }
-
- if (s->version == TLS1_VERSION)
- s->method = TLSv1_server_method();
- else
- s->method = SSLv3_server_method();
-#if 0 /* ssl3_get_client_hello does this */
- s->client_version=(v[0]<<8)|v[1];
-#endif
- s->handshake_func=s->method->ssl_accept;
- }
-
- if ((type < 1) || (type > 3))
- {
- /* bad, very bad */
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL);
- goto err;
- }
- s->init_num=0;
-
- if (buf != buf_space) OPENSSL_free(buf);
- s->first_packet=1;
- return(SSL_accept(s));
-err:
- if (buf != buf_space) OPENSSL_free(buf);
- return(-1);
- }
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
deleted file mode 100644
index 10d8d3b15a..0000000000
--- a/src/lib/libssl/s3_both.c
+++ /dev/null
@@ -1,588 +0,0 @@
-/* ssl/s3_both.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <stdio.h>
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include "ssl_locl.h"
-
-/* send s->init_buf in records of type 'type' */
-int ssl3_do_write(SSL *s, int type)
- {
- int ret;
-
- ret=ssl3_write_bytes(s,type,&s->init_buf->data[s->init_off],
- s->init_num);
- if (ret < 0) return(-1);
- if (type == SSL3_RT_HANDSHAKE)
- /* should not be done for 'Hello Request's, but in that case
- * we'll ignore the result anyway */
- ssl3_finish_mac(s,(unsigned char *)&s->init_buf->data[s->init_off],ret);
-
- if (ret == s->init_num)
- return(1);
- s->init_off+=ret;
- s->init_num-=ret;
- return(0);
- }
-
-int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
- {
- unsigned char *p,*d;
- int i;
- unsigned long l;
-
- if (s->state == a)
- {
- d=(unsigned char *)s->init_buf->data;
- p= &(d[4]);
-
- i=s->method->ssl3_enc->final_finish_mac(s,
- &(s->s3->finish_dgst1),
- &(s->s3->finish_dgst2),
- sender,slen,s->s3->tmp.finish_md);
- s->s3->tmp.finish_md_len = i;
- memcpy(p, s->s3->tmp.finish_md, i);
- p+=i;
- l=i;
-
-#ifdef WIN16
- /* MSVC 1.5 does not clear the top bytes of the word unless
- * I do this.
- */
- l&=0xffff;
-#endif
-
- *(d++)=SSL3_MT_FINISHED;
- l2n3(l,d);
- s->init_num=(int)l+4;
- s->init_off=0;
-
- s->state=b;
- }
-
- /* SSL3_ST_SEND_xxxxxx_HELLO_B */
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
- }
-
-int ssl3_get_finished(SSL *s, int a, int b)
- {
- int al,i,ok;
- long n;
- unsigned char *p;
-
- /* the mac has already been generated when we received the
- * change cipher spec message and is in s->s3->tmp.peer_finish_md
- */
-
- n=ssl3_get_message(s,
- a,
- b,
- SSL3_MT_FINISHED,
- 64, /* should actually be 36+4 :-) */
- &ok);
-
- if (!ok) return((int)n);
-
- /* If this occurs, we have missed a message */
- if (!s->s3->change_cipher_spec)
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_GOT_A_FIN_BEFORE_A_CCS);
- goto f_err;
- }
- s->s3->change_cipher_spec=0;
-
- p = (unsigned char *)s->init_buf->data;
- i = s->s3->tmp.peer_finish_md_len;
-
- if (i != n)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_BAD_DIGEST_LENGTH);
- goto f_err;
- }
-
- if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
- {
- al=SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
- goto f_err;
- }
-
- return(1);
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
- return(0);
- }
-
-/* for these 2 messages, we need to
- * ssl->enc_read_ctx re-init
- * ssl->s3->read_sequence zero
- * ssl->s3->read_mac_secret re-init
- * ssl->session->read_sym_enc assign
- * ssl->session->read_compression assign
- * ssl->session->read_hash assign
- */
-int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
- {
- unsigned char *p;
-
- if (s->state == a)
- {
- p=(unsigned char *)s->init_buf->data;
- *p=SSL3_MT_CCS;
- s->init_num=1;
- s->init_off=0;
-
- s->state=b;
- }
-
- /* SSL3_ST_CW_CHANGE_B */
- return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
- }
-
-unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
- {
- unsigned char *p;
- int n,i;
- unsigned long l=7;
- BUF_MEM *buf;
- X509_STORE_CTX xs_ctx;
- X509_OBJECT obj;
-
- /* TLSv1 sends a chain with nothing in it, instead of an alert */
- buf=s->init_buf;
- if (!BUF_MEM_grow(buf,(int)(10)))
- {
- SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
- return(0);
- }
- if (x != NULL)
- {
- X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL);
-
- for (;;)
- {
- n=i2d_X509(x,NULL);
- if (!BUF_MEM_grow(buf,(int)(n+l+3)))
- {
- SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
- return(0);
- }
- p=(unsigned char *)&(buf->data[l]);
- l2n3(n,p);
- i2d_X509(x,&p);
- l+=n+3;
- if (X509_NAME_cmp(X509_get_subject_name(x),
- X509_get_issuer_name(x)) == 0) break;
-
- i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
- X509_get_issuer_name(x),&obj);
- if (i <= 0) break;
- x=obj.data.x509;
- /* Count is one too high since the X509_STORE_get uped the
- * ref count */
- X509_free(x);
- }
-
- X509_STORE_CTX_cleanup(&xs_ctx);
- }
-
- /* Thawte special :-) */
- if (s->ctx->extra_certs != NULL)
- for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
- {
- x=sk_X509_value(s->ctx->extra_certs,i);
- n=i2d_X509(x,NULL);
- if (!BUF_MEM_grow(buf,(int)(n+l+3)))
- {
- SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
- return(0);
- }
- p=(unsigned char *)&(buf->data[l]);
- l2n3(n,p);
- i2d_X509(x,&p);
- l+=n+3;
- }
-
- l-=7;
- p=(unsigned char *)&(buf->data[4]);
- l2n3(l,p);
- l+=3;
- p=(unsigned char *)&(buf->data[0]);
- *(p++)=SSL3_MT_CERTIFICATE;
- l2n3(l,p);
- l+=4;
- return(l);
- }
-
-/* Obtain handshake message of message type 'mt' (any if mt == -1),
- * maximum acceptable body length 'max'.
- * The first four bytes (msg_type and length) are read in state 'st1',
- * the body is read in state 'stn'.
- */
-long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
- {
- unsigned char *p;
- unsigned long l;
- long n;
- int i,al;
-
- if (s->s3->tmp.reuse_message)
- {
- s->s3->tmp.reuse_message=0;
- if ((mt >= 0) && (s->s3->tmp.message_type != mt))
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
- *ok=1;
- return((int)s->s3->tmp.message_size);
- }
-
- p=(unsigned char *)s->init_buf->data;
-
- if (s->state == st1) /* s->init_num < 4 */
- {
- int skip_message;
-
- do
- {
- while (s->init_num < 4)
- {
- i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],
- 4 - s->init_num, 0);
- if (i <= 0)
- {
- s->rwstate=SSL_READING;
- *ok = 0;
- return i;
- }
- s->init_num+=i;
- }
-
- skip_message = 0;
- if (!s->server)
- if (p[0] == SSL3_MT_HELLO_REQUEST)
- /* The server may always send 'Hello Request' messages --
- * we are doing a handshake anyway now, so ignore them
- * if their format is correct. Does not count for
- * 'Finished' MAC. */
- if (p[1] == 0 && p[2] == 0 &&p[3] == 0)
- skip_message = 1;
- }
- while (skip_message);
-
- /* s->init_num == 4 */
-
- if ((mt >= 0) && (*p != mt))
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
- if ((mt < 0) && (*p == SSL3_MT_CLIENT_HELLO) &&
- (st1 == SSL3_ST_SR_CERT_A) &&
- (stn == SSL3_ST_SR_CERT_B))
- {
- /* At this point we have got an MS SGC second client
- * hello (maybe we should always allow the client to
- * start a new handshake?). We need to restart the mac.
- * Don't increment {num,total}_renegotiations because
- * we have not completed the handshake. */
- ssl3_init_finished_mac(s);
- }
-
- ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, 4);
-
- s->s3->tmp.message_type= *(p++);
-
- n2l3(p,l);
- if (l > (unsigned long)max)
- {
- al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
- goto f_err;
- }
- if (l && !BUF_MEM_grow(s->init_buf,(int)l))
- {
- SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
- goto err;
- }
- s->s3->tmp.message_size=l;
- s->state=stn;
-
- s->init_num=0;
- }
-
- /* next state (stn) */
- p=(unsigned char *)s->init_buf->data;
- n=s->s3->tmp.message_size;
- while (n > 0)
- {
- i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0);
- if (i <= 0)
- {
- s->rwstate=SSL_READING;
- *ok = 0;
- return i;
- }
- s->init_num += i;
- n -= i;
- }
- ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num);
- *ok=1;
- return s->init_num;
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
-err:
- *ok=0;
- return(-1);
- }
-
-int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
- {
- EVP_PKEY *pk;
- int ret= -1,i,j;
-
- if (pkey == NULL)
- pk=X509_get_pubkey(x);
- else
- pk=pkey;
- if (pk == NULL) goto err;
-
- i=pk->type;
- if (i == EVP_PKEY_RSA)
- {
- ret=SSL_PKEY_RSA_ENC;
- if (x != NULL)
- {
- j=X509_get_ext_count(x);
- /* check to see if this is a signing only certificate */
- /* EAY EAY EAY EAY */
- }
- }
- else if (i == EVP_PKEY_DSA)
- {
- ret=SSL_PKEY_DSA_SIGN;
- }
- else if (i == EVP_PKEY_DH)
- {
- /* if we just have a key, we needs to be guess */
-
- if (x == NULL)
- ret=SSL_PKEY_DH_DSA;
- else
- {
- j=X509_get_signature_type(x);
- if (j == EVP_PKEY_RSA)
- ret=SSL_PKEY_DH_RSA;
- else if (j== EVP_PKEY_DSA)
- ret=SSL_PKEY_DH_DSA;
- else ret= -1;
- }
- }
- else
- ret= -1;
-
-err:
- if(!pkey) EVP_PKEY_free(pk);
- return(ret);
- }
-
-int ssl_verify_alarm_type(long type)
- {
- int al;
-
- switch(type)
- {
- case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
- case X509_V_ERR_UNABLE_TO_GET_CRL:
- al=SSL_AD_UNKNOWN_CA;
- break;
- case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
- case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
- case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
- case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
- case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
- case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
- case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
- case X509_V_ERR_CERT_NOT_YET_VALID:
- case X509_V_ERR_CRL_NOT_YET_VALID:
- al=SSL_AD_BAD_CERTIFICATE;
- break;
- case X509_V_ERR_CERT_SIGNATURE_FAILURE:
- case X509_V_ERR_CRL_SIGNATURE_FAILURE:
- al=SSL_AD_DECRYPT_ERROR;
- break;
- case X509_V_ERR_CERT_HAS_EXPIRED:
- case X509_V_ERR_CRL_HAS_EXPIRED:
- al=SSL_AD_CERTIFICATE_EXPIRED;
- break;
- case X509_V_ERR_CERT_REVOKED:
- al=SSL_AD_CERTIFICATE_REVOKED;
- break;
- case X509_V_ERR_OUT_OF_MEM:
- al=SSL_AD_INTERNAL_ERROR;
- break;
- case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
- case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
- case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
- case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
- case X509_V_ERR_CERT_CHAIN_TOO_LONG:
- al=SSL_AD_UNKNOWN_CA;
- break;
- case X509_V_ERR_APPLICATION_VERIFICATION:
- al=SSL_AD_HANDSHAKE_FAILURE;
- break;
- default:
- al=SSL_AD_CERTIFICATE_UNKNOWN;
- break;
- }
- return(al);
- }
-
-int ssl3_setup_buffers(SSL *s)
- {
- unsigned char *p;
- unsigned int extra;
-
- if (s->s3->rbuf.buf == NULL)
- {
- if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
- extra=SSL3_RT_MAX_EXTRA;
- else
- extra=0;
- if ((p=OPENSSL_malloc(SSL3_RT_MAX_PACKET_SIZE+extra))
- == NULL)
- goto err;
- s->s3->rbuf.buf=p;
- }
-
- if (s->s3->wbuf.buf == NULL)
- {
- if ((p=OPENSSL_malloc(SSL3_RT_MAX_PACKET_SIZE))
- == NULL)
- goto err;
- s->s3->wbuf.buf=p;
- }
- s->packet= &(s->s3->rbuf.buf[0]);
- return(1);
-err:
- SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE);
- return(0);
- }
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
deleted file mode 100644
index eec45cfa48..0000000000
--- a/src/lib/libssl/s3_clnt.c
+++ /dev/null
@@ -1,1741 +0,0 @@
-/* ssl/s3_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/md5.h>
-#include <openssl/sha.h>
-#include <openssl/evp.h>
-#include "ssl_locl.h"
-
-static SSL_METHOD *ssl3_get_client_method(int ver);
-static int ssl3_client_hello(SSL *s);
-static int ssl3_get_server_hello(SSL *s);
-static int ssl3_get_certificate_request(SSL *s);
-static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
-static int ssl3_get_server_done(SSL *s);
-static int ssl3_send_client_verify(SSL *s);
-static int ssl3_send_client_certificate(SSL *s);
-static int ssl3_send_client_key_exchange(SSL *s);
-static int ssl3_get_key_exchange(SSL *s);
-static int ssl3_get_server_certificate(SSL *s);
-static int ssl3_check_cert_and_algorithm(SSL *s);
-static SSL_METHOD *ssl3_get_client_method(int ver)
- {
- if (ver == SSL3_VERSION)
- return(SSLv3_client_method());
- else
- return(NULL);
- }
-
-SSL_METHOD *SSLv3_client_method(void)
- {
- static int init=1;
- static SSL_METHOD SSLv3_client_data;
-
- if (init)
- {
- init=0;
- memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
- sizeof(SSL_METHOD));
- SSLv3_client_data.ssl_connect=ssl3_connect;
- SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
- }
- return(&SSLv3_client_data);
- }
-
-int ssl3_connect(SSL *s)
- {
- BUF_MEM *buf;
- unsigned long Time=time(NULL),l;
- long num1;
- void (*cb)()=NULL;
- int ret= -1;
- int new_state,state,skip=0;;
-
- RAND_add(&Time,sizeof(Time),0);
- ERR_clear_error();
- clear_sys_error();
-
- if (s->info_callback != NULL)
- cb=s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb=s->ctx->info_callback;
-
- if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
- s->in_handshake++;
-
- for (;;)
- {
- state=s->state;
-
- switch(s->state)
- {
- case SSL_ST_RENEGOTIATE:
- s->new_session=1;
- s->state=SSL_ST_CONNECT;
- s->ctx->stats.sess_connect_renegotiate++;
- /* break */
- case SSL_ST_BEFORE:
- case SSL_ST_CONNECT:
- case SSL_ST_BEFORE|SSL_ST_CONNECT:
- case SSL_ST_OK|SSL_ST_CONNECT:
-
- s->server=0;
- if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
-
- if ((s->version & 0xff00 ) != 0x0300)
- {
- SSLerr(SSL_F_SSL3_CONNECT, SSL_R_INTERNAL_ERROR);
- ret = -1;
- goto end;
- }
-
- /* s->version=SSL3_VERSION; */
- s->type=SSL_ST_CONNECT;
-
- if (s->init_buf == NULL)
- {
- if ((buf=BUF_MEM_new()) == NULL)
- {
- ret= -1;
- goto end;
- }
- if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
- {
- ret= -1;
- goto end;
- }
- s->init_buf=buf;
- }
-
- if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
-
- /* setup buffing BIO */
- if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
-
- /* don't push the buffering BIO quite yet */
-
- ssl3_init_finished_mac(s);
-
- s->state=SSL3_ST_CW_CLNT_HELLO_A;
- s->ctx->stats.sess_connect++;
- s->init_num=0;
- break;
-
- case SSL3_ST_CW_CLNT_HELLO_A:
- case SSL3_ST_CW_CLNT_HELLO_B:
-
- s->shutdown=0;
- ret=ssl3_client_hello(s);
- if (ret <= 0) goto end;
- s->state=SSL3_ST_CR_SRVR_HELLO_A;
- s->init_num=0;
-
- /* turn on buffering for the next lot of output */
- if (s->bbio != s->wbio)
- s->wbio=BIO_push(s->bbio,s->wbio);
-
- break;
-
- case SSL3_ST_CR_SRVR_HELLO_A:
- case SSL3_ST_CR_SRVR_HELLO_B:
- ret=ssl3_get_server_hello(s);
- if (ret <= 0) goto end;
- if (s->hit)
- s->state=SSL3_ST_CR_FINISHED_A;
- else
- s->state=SSL3_ST_CR_CERT_A;
- s->init_num=0;
- break;
-
- case SSL3_ST_CR_CERT_A:
- case SSL3_ST_CR_CERT_B:
- /* Check if it is anon DH */
- if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
- {
- ret=ssl3_get_server_certificate(s);
- if (ret <= 0) goto end;
- }
- else
- skip=1;
- s->state=SSL3_ST_CR_KEY_EXCH_A;
- s->init_num=0;
- break;
-
- case SSL3_ST_CR_KEY_EXCH_A:
- case SSL3_ST_CR_KEY_EXCH_B:
- ret=ssl3_get_key_exchange(s);
- if (ret <= 0) goto end;
- s->state=SSL3_ST_CR_CERT_REQ_A;
- s->init_num=0;
-
- /* at this point we check that we have the
- * required stuff from the server */
- if (!ssl3_check_cert_and_algorithm(s))
- {
- ret= -1;
- goto end;
- }
- break;
-
- case SSL3_ST_CR_CERT_REQ_A:
- case SSL3_ST_CR_CERT_REQ_B:
- ret=ssl3_get_certificate_request(s);
- if (ret <= 0) goto end;
- s->state=SSL3_ST_CR_SRVR_DONE_A;
- s->init_num=0;
- break;
-
- case SSL3_ST_CR_SRVR_DONE_A:
- case SSL3_ST_CR_SRVR_DONE_B:
- ret=ssl3_get_server_done(s);
- if (ret <= 0) goto end;
- if (s->s3->tmp.cert_req)
- s->state=SSL3_ST_CW_CERT_A;
- else
- s->state=SSL3_ST_CW_KEY_EXCH_A;
- s->init_num=0;
-
- break;
-
- case SSL3_ST_CW_CERT_A:
- case SSL3_ST_CW_CERT_B:
- case SSL3_ST_CW_CERT_C:
- case SSL3_ST_CW_CERT_D:
- ret=ssl3_send_client_certificate(s);
- if (ret <= 0) goto end;
- s->state=SSL3_ST_CW_KEY_EXCH_A;
- s->init_num=0;
- break;
-
- case SSL3_ST_CW_KEY_EXCH_A:
- case SSL3_ST_CW_KEY_EXCH_B:
- ret=ssl3_send_client_key_exchange(s);
- if (ret <= 0) goto end;
- l=s->s3->tmp.new_cipher->algorithms;
- /* EAY EAY EAY need to check for DH fix cert
- * sent back */
- /* For TLS, cert_req is set to 2, so a cert chain
- * of nothing is sent, but no verify packet is sent */
- if (s->s3->tmp.cert_req == 1)
- {
- s->state=SSL3_ST_CW_CERT_VRFY_A;
- }
- else
- {
- s->state=SSL3_ST_CW_CHANGE_A;
- s->s3->change_cipher_spec=0;
- }
-
- s->init_num=0;
- break;
-
- case SSL3_ST_CW_CERT_VRFY_A:
- case SSL3_ST_CW_CERT_VRFY_B:
- ret=ssl3_send_client_verify(s);
- if (ret <= 0) goto end;
- s->state=SSL3_ST_CW_CHANGE_A;
- s->init_num=0;
- s->s3->change_cipher_spec=0;
- break;
-
- case SSL3_ST_CW_CHANGE_A:
- case SSL3_ST_CW_CHANGE_B:
- ret=ssl3_send_change_cipher_spec(s,
- SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
- if (ret <= 0) goto end;
- s->state=SSL3_ST_CW_FINISHED_A;
- s->init_num=0;
-
- s->session->cipher=s->s3->tmp.new_cipher;
- if (s->s3->tmp.new_compression == NULL)
- s->session->compress_meth=0;
- else
- s->session->compress_meth=
- s->s3->tmp.new_compression->id;
- if (!s->method->ssl3_enc->setup_key_block(s))
- {
- ret= -1;
- goto end;
- }
-
- if (!s->method->ssl3_enc->change_cipher_state(s,
- SSL3_CHANGE_CIPHER_CLIENT_WRITE))
- {
- ret= -1;
- goto end;
- }
-
- break;
-
- case SSL3_ST_CW_FINISHED_A:
- case SSL3_ST_CW_FINISHED_B:
- ret=ssl3_send_finished(s,
- SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
- s->method->ssl3_enc->client_finished_label,
- s->method->ssl3_enc->client_finished_label_len);
- if (ret <= 0) goto end;
- s->state=SSL3_ST_CW_FLUSH;
-
- /* clear flags */
- s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
- if (s->hit)
- {
- s->s3->tmp.next_state=SSL_ST_OK;
- if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
- {
- s->state=SSL_ST_OK;
- s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
- s->s3->delay_buf_pop_ret=0;
- }
- }
- else
- {
- s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
- }
- s->init_num=0;
- break;
-
- case SSL3_ST_CR_FINISHED_A:
- case SSL3_ST_CR_FINISHED_B:
-
- ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
- SSL3_ST_CR_FINISHED_B);
- if (ret <= 0) goto end;
-
- if (s->hit)
- s->state=SSL3_ST_CW_CHANGE_A;
- else
- s->state=SSL_ST_OK;
- s->init_num=0;
- break;
-
- case SSL3_ST_CW_FLUSH:
- /* number of bytes to be flushed */
- num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
- if (num1 > 0)
- {
- s->rwstate=SSL_WRITING;
- num1=BIO_flush(s->wbio);
- if (num1 <= 0) { ret= -1; goto end; }
- s->rwstate=SSL_NOTHING;
- }
-
- s->state=s->s3->tmp.next_state;
- break;
-
- case SSL_ST_OK:
- /* clean a few things up */
- ssl3_cleanup_key_block(s);
-
- if (s->init_buf != NULL)
- {
- BUF_MEM_free(s->init_buf);
- s->init_buf=NULL;
- }
-
- /* If we are not 'joining' the last two packets,
- * remove the buffering now */
- if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
- ssl_free_wbio_buffer(s);
- /* else do it later in ssl3_write */
-
- s->init_num=0;
- s->new_session=0;
-
- ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
- if (s->hit) s->ctx->stats.sess_hit++;
-
- ret=1;
- /* s->server=0; */
- s->handshake_func=ssl3_connect;
- s->ctx->stats.sess_connect_good++;
-
- if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
-
- goto end;
- /* break; */
-
- default:
- SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE);
- ret= -1;
- goto end;
- /* break; */
- }
-
- /* did we do anything */
- if (!s->s3->tmp.reuse_message && !skip)
- {
- if (s->debug)
- {
- if ((ret=BIO_flush(s->wbio)) <= 0)
- goto end;
- }
-
- if ((cb != NULL) && (s->state != state))
- {
- new_state=s->state;
- s->state=state;
- cb(s,SSL_CB_CONNECT_LOOP,1);
- s->state=new_state;
- }
- }
- skip=0;
- }
-end:
- if (cb != NULL)
- cb(s,SSL_CB_CONNECT_EXIT,ret);
- s->in_handshake--;
- return(ret);
- }
-
-
-static int ssl3_client_hello(SSL *s)
- {
- unsigned char *buf;
- unsigned char *p,*d;
- int i,j;
- unsigned long Time,l;
- SSL_COMP *comp;
-
- buf=(unsigned char *)s->init_buf->data;
- if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
- {
- if ((s->session == NULL) ||
- (s->session->ssl_version != s->version) ||
- (s->session->not_resumable))
- {
- if (!ssl_get_new_session(s,0))
- goto err;
- }
- /* else use the pre-loaded session */
-
- p=s->s3->client_random;
- Time=time(NULL); /* Time */
- l2n(Time,p);
- RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
-
- /* Do the message type and length last */
- d=p= &(buf[4]);
-
- *(p++)=s->version>>8;
- *(p++)=s->version&0xff;
- s->client_version=s->version;
-
- /* Random stuff */
- memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
- p+=SSL3_RANDOM_SIZE;
-
- /* Session ID */
- if (s->new_session)
- i=0;
- else
- i=s->session->session_id_length;
- *(p++)=i;
- if (i != 0)
- {
- memcpy(p,s->session->session_id,i);
- p+=i;
- }
-
- /* Ciphers supported */
- i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]));
- if (i == 0)
- {
- SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
- goto err;
- }
- s2n(i,p);
- p+=i;
-
- /* COMPRESSION */
- if (s->ctx->comp_methods == NULL)
- j=0;
- else
- j=sk_SSL_COMP_num(s->ctx->comp_methods);
- *(p++)=1+j;
- for (i=0; i<j; i++)
- {
- comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
- *(p++)=comp->id;
- }
- *(p++)=0; /* Add the NULL method */
-
- l=(p-d);
- d=buf;
- *(d++)=SSL3_MT_CLIENT_HELLO;
- l2n3(l,d);
-
- s->state=SSL3_ST_CW_CLNT_HELLO_B;
- /* number of bytes to write */
- s->init_num=p-buf;
- s->init_off=0;
- }
-
- /* SSL3_ST_CW_CLNT_HELLO_B */
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-err:
- return(-1);
- }
-
-static int ssl3_get_server_hello(SSL *s)
- {
- STACK_OF(SSL_CIPHER) *sk;
- SSL_CIPHER *c;
- unsigned char *p,*d;
- int i,al,ok;
- unsigned int j;
- long n;
- SSL_COMP *comp;
-
- n=ssl3_get_message(s,
- SSL3_ST_CR_SRVR_HELLO_A,
- SSL3_ST_CR_SRVR_HELLO_B,
- SSL3_MT_SERVER_HELLO,
- 300, /* ?? */
- &ok);
-
- if (!ok) return((int)n);
- d=p=(unsigned char *)s->init_buf->data;
-
- if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff)))
- {
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION);
- s->version=(s->version&0xff00)|p[1];
- al=SSL_AD_PROTOCOL_VERSION;
- goto f_err;
- }
- p+=2;
-
- /* load the server hello data */
- /* load the server random */
- memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE);
- p+=SSL3_RANDOM_SIZE;
-
- /* get the session-id */
- j= *(p++);
-
- if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))
- {
- /* SSLref returns 16 :-( */
- if (j < SSL2_SSL_SESSION_ID_LENGTH)
- {
- al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
- goto f_err;
- }
- }
- if (j != 0 && j == s->session->session_id_length
- && memcmp(p,s->session->session_id,j) == 0)
- {
- if(s->sid_ctx_length != s->session->sid_ctx_length
- || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length))
- {
- al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
- goto f_err;
- }
- s->hit=1;
- }
- else /* a miss or crap from the other end */
- {
- /* If we were trying for session-id reuse, make a new
- * SSL_SESSION so we don't stuff up other people */
- s->hit=0;
- if (s->session->session_id_length > 0)
- {
- if (!ssl_get_new_session(s,0))
- {
- al=SSL_AD_INTERNAL_ERROR;
- goto f_err;
- }
- }
- s->session->session_id_length=j;
- memcpy(s->session->session_id,p,j); /* j could be 0 */
- }
- p+=j;
- c=ssl_get_cipher_by_char(s,p);
- if (c == NULL)
- {
- /* unknown cipher */
- al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
- goto f_err;
- }
- p+=ssl_put_cipher_by_char(s,NULL,NULL);
-
- sk=ssl_get_ciphers_by_id(s);
- i=sk_SSL_CIPHER_find(sk,c);
- if (i < 0)
- {
- /* we did not say we would use this cipher */
- al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
- goto f_err;
- }
-
- if (s->hit && (s->session->cipher != c))
- {
- if (!(s->options &
- SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
- {
- al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
- goto f_err;
- }
- }
- s->s3->tmp.new_cipher=c;
-
- /* lets get the compression algorithm */
- /* COMPRESSION */
- j= *(p++);
- if (j == 0)
- comp=NULL;
- else
- comp=ssl3_comp_find(s->ctx->comp_methods,j);
-
- if ((j != 0) && (comp == NULL))
- {
- al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
- goto f_err;
- }
- else
- {
- s->s3->tmp.new_compression=comp;
- }
-
- if (p != (d+n))
- {
- /* wrong packet length */
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH);
- goto err;
- }
-
- return(1);
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
-err:
- return(-1);
- }
-
-static int ssl3_get_server_certificate(SSL *s)
- {
- int al,i,ok,ret= -1;
- unsigned long n,nc,llen,l;
- X509 *x=NULL;
- unsigned char *p,*d,*q;
- STACK_OF(X509) *sk=NULL;
- SESS_CERT *sc;
- EVP_PKEY *pkey=NULL;
-
- n=ssl3_get_message(s,
- SSL3_ST_CR_CERT_A,
- SSL3_ST_CR_CERT_B,
- -1,
-#if defined(MSDOS) && !defined(WIN32)
- 1024*30, /* 30k max cert list :-) */
-#else
- 1024*100, /* 100k max cert list :-) */
-#endif
- &ok);
-
- if (!ok) return((int)n);
-
- if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE)
- {
- s->s3->tmp.reuse_message=1;
- return(1);
- }
-
- if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE);
- goto f_err;
- }
- d=p=(unsigned char *)s->init_buf->data;
-
- if ((sk=sk_X509_new_null()) == NULL)
- {
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- n2l3(p,llen);
- if (llen+3 != n)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- for (nc=0; nc<llen; )
- {
- n2l3(p,l);
- if ((l+nc+3) > llen)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
- goto f_err;
- }
-
- q=p;
- x=d2i_X509(NULL,&q,l);
- if (x == NULL)
- {
- al=SSL_AD_BAD_CERTIFICATE;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB);
- goto f_err;
- }
- if (q != (p+l))
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
- goto f_err;
- }
- if (!sk_X509_push(sk,x))
- {
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- x=NULL;
- nc+=l+3;
- p=q;
- }
-
- i=ssl_verify_cert_chain(s,sk);
- if ((s->verify_mode != SSL_VERIFY_NONE) && (!i))
- {
- al=ssl_verify_alarm_type(s->verify_result);
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
- goto f_err;
- }
- ERR_clear_error(); /* but we keep s->verify_result */
-
- sc=ssl_sess_cert_new();
- if (sc == NULL) goto err;
-
- if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert);
- s->session->sess_cert=sc;
-
- sc->cert_chain=sk;
- /* Inconsistency alert: cert_chain does include the peer's
- * certificate, which we don't include in s3_srvr.c */
- x=sk_X509_value(sk,0);
- sk=NULL;
-
- pkey=X509_get_pubkey(x);
-
- if ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey))
- {
- x=NULL;
- al=SSL3_AL_FATAL;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
- goto f_err;
- }
-
- i=ssl_cert_type(x,pkey);
- if (i < 0)
- {
- x=NULL;
- al=SSL3_AL_FATAL;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
- goto f_err;
- }
-
- sc->peer_cert_type=i;
- CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
- if (sc->peer_pkeys[i].x509 != NULL) /* Why would this ever happen?
- * We just created sc a couple of
- * lines ago. */
- X509_free(sc->peer_pkeys[i].x509);
- sc->peer_pkeys[i].x509=x;
- sc->peer_key= &(sc->peer_pkeys[i]);
-
- if (s->session->peer != NULL)
- X509_free(s->session->peer);
- CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
- s->session->peer=x;
- s->session->verify_result = s->verify_result;
-
- x=NULL;
- ret=1;
-
- if (0)
- {
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
- }
-err:
- EVP_PKEY_free(pkey);
- X509_free(x);
- sk_X509_pop_free(sk,X509_free);
- return(ret);
- }
-
-static int ssl3_get_key_exchange(SSL *s)
- {
-#ifndef NO_RSA
- unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2];
-#endif
- EVP_MD_CTX md_ctx;
- unsigned char *param,*p;
- int al,i,j,param_len,ok;
- long n,alg;
- EVP_PKEY *pkey=NULL;
-#ifndef NO_RSA
- RSA *rsa=NULL;
-#endif
-#ifndef NO_DH
- DH *dh=NULL;
-#endif
-
- n=ssl3_get_message(s,
- SSL3_ST_CR_KEY_EXCH_A,
- SSL3_ST_CR_KEY_EXCH_B,
- -1,
- 1024*8, /* ?? */
- &ok);
-
- if (!ok) return((int)n);
-
- if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE)
- {
- s->s3->tmp.reuse_message=1;
- return(1);
- }
-
- param=p=(unsigned char *)s->init_buf->data;
-
- if (s->session->sess_cert != NULL)
- {
-#ifndef NO_RSA
- if (s->session->sess_cert->peer_rsa_tmp != NULL)
- {
- RSA_free(s->session->sess_cert->peer_rsa_tmp);
- s->session->sess_cert->peer_rsa_tmp=NULL;
- }
-#endif
-#ifndef NO_DH
- if (s->session->sess_cert->peer_dh_tmp)
- {
- DH_free(s->session->sess_cert->peer_dh_tmp);
- s->session->sess_cert->peer_dh_tmp=NULL;
- }
-#endif
- }
- else
- {
- s->session->sess_cert=ssl_sess_cert_new();
- }
-
- param_len=0;
- alg=s->s3->tmp.new_cipher->algorithms;
-
-#ifndef NO_RSA
- if (alg & SSL_kRSA)
- {
- if ((rsa=RSA_new()) == NULL)
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- n2s(p,i);
- param_len=i+2;
- if (param_len > n)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH);
- goto f_err;
- }
- if (!(rsa->n=BN_bin2bn(p,i,rsa->n)))
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
- goto err;
- }
- p+=i;
-
- n2s(p,i);
- param_len+=i+2;
- if (param_len > n)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH);
- goto f_err;
- }
- if (!(rsa->e=BN_bin2bn(p,i,rsa->e)))
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
- goto err;
- }
- p+=i;
- n-=param_len;
-
- /* this should be because we are using an export cipher */
- if (alg & SSL_aRSA)
- pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
- else
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
- goto err;
- }
- s->session->sess_cert->peer_rsa_tmp=rsa;
- rsa=NULL;
- }
-#else /* NO_RSA */
- if (0)
- ;
-#endif
-#ifndef NO_DH
- else if (alg & SSL_kEDH)
- {
- if ((dh=DH_new()) == NULL)
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB);
- goto err;
- }
- n2s(p,i);
- param_len=i+2;
- if (param_len > n)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH);
- goto f_err;
- }
- if (!(dh->p=BN_bin2bn(p,i,NULL)))
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
- goto err;
- }
- p+=i;
-
- n2s(p,i);
- param_len+=i+2;
- if (param_len > n)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH);
- goto f_err;
- }
- if (!(dh->g=BN_bin2bn(p,i,NULL)))
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
- goto err;
- }
- p+=i;
-
- n2s(p,i);
- param_len+=i+2;
- if (param_len > n)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH);
- goto f_err;
- }
- if (!(dh->pub_key=BN_bin2bn(p,i,NULL)))
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
- goto err;
- }
- p+=i;
- n-=param_len;
-
-#ifndef NO_RSA
- if (alg & SSL_aRSA)
- pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
-#else
- if (0)
- ;
-#endif
-#ifndef NO_DSA
- else if (alg & SSL_aDSS)
- pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
-#endif
- /* else anonymous DH, so no certificate or pkey. */
-
- s->session->sess_cert->peer_dh_tmp=dh;
- dh=NULL;
- }
- else if ((alg & SSL_kDHr) || (alg & SSL_kDHd))
- {
- al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
- goto f_err;
- }
-#endif /* !NO_DH */
- if (alg & SSL_aFZA)
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
- goto f_err;
- }
-
-
- /* p points to the next byte, there are 'n' bytes left */
-
-
- /* if it was signed, check the signature */
- if (pkey != NULL)
- {
- n2s(p,i);
- n-=2;
- j=EVP_PKEY_size(pkey);
-
- if ((i != n) || (n > j) || (n <= 0))
- {
- /* wrong packet length */
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH);
- goto f_err;
- }
-
-#ifndef NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
- {
- int num;
-
- j=0;
- q=md_buf;
- for (num=2; num > 0; num--)
- {
- EVP_DigestInit(&md_ctx,(num == 2)
- ?s->ctx->md5:s->ctx->sha1);
- EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
- EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
- EVP_DigestUpdate(&md_ctx,param,param_len);
- EVP_DigestFinal(&md_ctx,q,(unsigned int *)&i);
- q+=i;
- j+=i;
- }
- i=RSA_verify(NID_md5_sha1, md_buf, j, p, n,
- pkey->pkey.rsa);
- if (i < 0)
- {
- al=SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
- goto f_err;
- }
- if (i == 0)
- {
- /* bad signature */
- al=SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
- goto f_err;
- }
- }
- else
-#endif
-#ifndef NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- {
- /* lets do DSS */
- EVP_VerifyInit(&md_ctx,EVP_dss1());
- EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
- EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
- EVP_VerifyUpdate(&md_ctx,param,param_len);
- if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey))
- {
- /* bad signature */
- al=SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
- goto f_err;
- }
- }
- else
-#endif
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
- goto err;
- }
- }
- else
- {
- /* still data left over */
- if (!(alg & SSL_aNULL))
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
- goto err;
- }
- if (n != 0)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE);
- goto f_err;
- }
- }
- EVP_PKEY_free(pkey);
- return(1);
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
-err:
- EVP_PKEY_free(pkey);
-#ifndef NO_RSA
- if (rsa != NULL)
- RSA_free(rsa);
-#endif
-#ifndef NO_DH
- if (dh != NULL)
- DH_free(dh);
-#endif
- return(-1);
- }
-
-static int ssl3_get_certificate_request(SSL *s)
- {
- int ok,ret=0;
- unsigned long n,nc,l;
- unsigned int llen,ctype_num,i;
- X509_NAME *xn=NULL;
- unsigned char *p,*d,*q;
- STACK_OF(X509_NAME) *ca_sk=NULL;
-
- n=ssl3_get_message(s,
- SSL3_ST_CR_CERT_REQ_A,
- SSL3_ST_CR_CERT_REQ_B,
- -1,
-#if defined(MSDOS) && !defined(WIN32)
- 1024*30, /* 30k max cert list :-) */
-#else
- 1024*100, /* 100k max cert list :-) */
-#endif
- &ok);
-
- if (!ok) return((int)n);
-
- s->s3->tmp.cert_req=0;
-
- if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)
- {
- s->s3->tmp.reuse_message=1;
- return(1);
- }
-
- if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST)
- {
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE);
- goto err;
- }
-
- /* TLS does not like anon-DH with client cert */
- if (s->version > SSL3_VERSION)
- {
- l=s->s3->tmp.new_cipher->algorithms;
- if (l & SSL_aNULL)
- {
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
- goto err;
- }
- }
-
- d=p=(unsigned char *)s->init_buf->data;
-
- if ((ca_sk=sk_X509_NAME_new(ca_dn_cmp)) == NULL)
- {
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* get the certificate types */
- ctype_num= *(p++);
- if (ctype_num > SSL3_CT_NUMBER)
- ctype_num=SSL3_CT_NUMBER;
- for (i=0; i<ctype_num; i++)
- s->s3->tmp.ctype[i]= p[i];
- p+=ctype_num;
-
- /* get the CA RDNs */
- n2s(p,llen);
-#if 0
-{
-FILE *out;
-out=fopen("/tmp/vsign.der","w");
-fwrite(p,1,llen,out);
-fclose(out);
-}
-#endif
-
- if ((llen+ctype_num+2+1) != n)
- {
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH);
- goto err;
- }
-
- for (nc=0; nc<llen; )
- {
- n2s(p,l);
- if ((l+nc+2) > llen)
- {
- if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
- goto cont; /* netscape bugs */
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG);
- goto err;
- }
-
- q=p;
-
- if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL)
- {
- /* If netscape tolerance is on, ignore errors */
- if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
- goto cont;
- else
- {
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB);
- goto err;
- }
- }
-
- if (q != (p+l))
- {
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH);
- goto err;
- }
- if (!sk_X509_NAME_push(ca_sk,xn))
- {
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- p+=l;
- nc+=l+2;
- }
-
- if (0)
- {
-cont:
- ERR_clear_error();
- }
-
- /* we should setup a certificate to return.... */
- s->s3->tmp.cert_req=1;
- s->s3->tmp.ctype_num=ctype_num;
- if (s->s3->tmp.ca_names != NULL)
- sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
- s->s3->tmp.ca_names=ca_sk;
- ca_sk=NULL;
-
- ret=1;
-err:
- if (ca_sk != NULL) sk_X509_NAME_pop_free(ca_sk,X509_NAME_free);
- return(ret);
- }
-
-static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
- {
- return(X509_NAME_cmp(*a,*b));
- }
-
-static int ssl3_get_server_done(SSL *s)
- {
- int ok,ret=0;
- long n;
-
- n=ssl3_get_message(s,
- SSL3_ST_CR_SRVR_DONE_A,
- SSL3_ST_CR_SRVR_DONE_B,
- SSL3_MT_SERVER_DONE,
- 30, /* should be very small, like 0 :-) */
- &ok);
-
- if (!ok) return((int)n);
- if (n > 0)
- {
- /* should contain no data */
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH);
- }
- ret=1;
- return(ret);
- }
-
-static int ssl3_send_client_key_exchange(SSL *s)
- {
- unsigned char *p,*d;
- int n;
- unsigned long l;
-#ifndef NO_RSA
- unsigned char *q;
- EVP_PKEY *pkey=NULL;
-#endif
-
- if (s->state == SSL3_ST_CW_KEY_EXCH_A)
- {
- d=(unsigned char *)s->init_buf->data;
- p= &(d[4]);
-
- l=s->s3->tmp.new_cipher->algorithms;
-
-#ifndef NO_RSA
- if (l & SSL_kRSA)
- {
- RSA *rsa;
- unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
-
- if (s->session->sess_cert->peer_rsa_tmp != NULL)
- rsa=s->session->sess_cert->peer_rsa_tmp;
- else
- {
- pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
- if ((pkey == NULL) ||
- (pkey->type != EVP_PKEY_RSA) ||
- (pkey->pkey.rsa == NULL))
- {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
- goto err;
- }
- rsa=pkey->pkey.rsa;
- EVP_PKEY_free(pkey);
- }
-
- tmp_buf[0]=s->client_version>>8;
- tmp_buf[1]=s->client_version&0xff;
- if (RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2) <= 0)
- goto err;
-
- s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
-
- q=p;
- /* Fix buf for TLS and beyond */
- if (s->version > SSL3_VERSION)
- p+=2;
- n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH,
- tmp_buf,p,rsa,RSA_PKCS1_PADDING);
-#ifdef PKCS1_CHECK
- if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
- if (s->options & SSL_OP_PKCS1_CHECK_2) tmp_buf[0]=0x70;
-#endif
- if (n <= 0)
- {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);
- goto err;
- }
-
- /* Fix buf for TLS and beyond */
- if (s->version > SSL3_VERSION)
- {
- s2n(n,q);
- n+=2;
- }
-
- s->session->master_key_length=
- s->method->ssl3_enc->generate_master_secret(s,
- s->session->master_key,
- tmp_buf,SSL_MAX_MASTER_KEY_LENGTH);
- memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH);
- }
- else
-#endif
-#ifndef NO_DH
- if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
- {
- DH *dh_srvr,*dh_clnt;
-
- if (s->session->sess_cert->peer_dh_tmp != NULL)
- dh_srvr=s->session->sess_cert->peer_dh_tmp;
- else
- {
- /* we get them from the cert */
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
- goto err;
- }
-
- /* generate a new random key */
- if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
- {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
- goto err;
- }
- if (!DH_generate_key(dh_clnt))
- {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
- goto err;
- }
-
- /* use the 'p' output buffer for the DH key, but
- * make sure to clear it out afterwards */
-
- n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
-
- if (n <= 0)
- {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
- goto err;
- }
-
- /* generate master key from the result */
- s->session->master_key_length=
- s->method->ssl3_enc->generate_master_secret(s,
- s->session->master_key,p,n);
- /* clean up */
- memset(p,0,n);
-
- /* send off the data */
- n=BN_num_bytes(dh_clnt->pub_key);
- s2n(n,p);
- BN_bn2bin(dh_clnt->pub_key,p);
- n+=2;
-
- DH_free(dh_clnt);
-
- /* perhaps clean things up a bit EAY EAY EAY EAY*/
- }
- else
-#endif
- {
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
- goto err;
- }
-
- *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE;
- l2n3(n,d);
-
- s->state=SSL3_ST_CW_KEY_EXCH_B;
- /* number of bytes to write */
- s->init_num=n+4;
- s->init_off=0;
- }
-
- /* SSL3_ST_CW_KEY_EXCH_B */
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-err:
- return(-1);
- }
-
-static int ssl3_send_client_verify(SSL *s)
- {
- unsigned char *p,*d;
- unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
- EVP_PKEY *pkey;
-#ifndef NO_RSA
- unsigned u=0;
-#endif
- unsigned long n;
-#ifndef NO_DSA
- int j;
-#endif
-
- if (s->state == SSL3_ST_CW_CERT_VRFY_A)
- {
- d=(unsigned char *)s->init_buf->data;
- p= &(d[4]);
- pkey=s->cert->key->privatekey;
-
- s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2),
- &(data[MD5_DIGEST_LENGTH]));
-
-#ifndef NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
- {
- s->method->ssl3_enc->cert_verify_mac(s,
- &(s->s3->finish_dgst1),&(data[0]));
- if (RSA_sign(NID_md5_sha1, data,
- MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
- &(p[2]), &u, pkey->pkey.rsa) <= 0 )
- {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB);
- goto err;
- }
- s2n(u,p);
- n=u+2;
- }
- else
-#endif
-#ifndef NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- {
- if (!DSA_sign(pkey->save_type,
- &(data[MD5_DIGEST_LENGTH]),
- SHA_DIGEST_LENGTH,&(p[2]),
- (unsigned int *)&j,pkey->pkey.dsa))
- {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB);
- goto err;
- }
- s2n(j,p);
- n=j+2;
- }
- else
-#endif
- {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,SSL_R_INTERNAL_ERROR);
- goto err;
- }
- *(d++)=SSL3_MT_CERTIFICATE_VERIFY;
- l2n3(n,d);
-
- s->init_num=(int)n+4;
- s->init_off=0;
- }
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-err:
- return(-1);
- }
-
-static int ssl3_send_client_certificate(SSL *s)
- {
- X509 *x509=NULL;
- EVP_PKEY *pkey=NULL;
- int i;
- unsigned long l;
-
- if (s->state == SSL3_ST_CW_CERT_A)
- {
- if ((s->cert == NULL) ||
- (s->cert->key->x509 == NULL) ||
- (s->cert->key->privatekey == NULL))
- s->state=SSL3_ST_CW_CERT_B;
- else
- s->state=SSL3_ST_CW_CERT_C;
- }
-
- /* We need to get a client cert */
- if (s->state == SSL3_ST_CW_CERT_B)
- {
- /* If we get an error, we need to
- * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
- * We then get retied later */
- i=0;
- if (s->ctx->client_cert_cb != NULL)
- i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
- if (i < 0)
- {
- s->rwstate=SSL_X509_LOOKUP;
- return(-1);
- }
- s->rwstate=SSL_NOTHING;
- if ((i == 1) && (pkey != NULL) && (x509 != NULL))
- {
- s->state=SSL3_ST_CW_CERT_B;
- if ( !SSL_use_certificate(s,x509) ||
- !SSL_use_PrivateKey(s,pkey))
- i=0;
- }
- else if (i == 1)
- {
- i=0;
- SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
- }
-
- if (x509 != NULL) X509_free(x509);
- if (pkey != NULL) EVP_PKEY_free(pkey);
- if (i == 0)
- {
- if (s->version == SSL3_VERSION)
- {
- s->s3->tmp.cert_req=0;
- ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE);
- return(1);
- }
- else
- {
- s->s3->tmp.cert_req=2;
- }
- }
-
- /* Ok, we have a cert */
- s->state=SSL3_ST_CW_CERT_C;
- }
-
- if (s->state == SSL3_ST_CW_CERT_C)
- {
- s->state=SSL3_ST_CW_CERT_D;
- l=ssl3_output_cert_chain(s,
- (s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
- s->init_num=(int)l;
- s->init_off=0;
- }
- /* SSL3_ST_CW_CERT_D */
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
- }
-
-#define has_bits(i,m) (((i)&(m)) == (m))
-
-static int ssl3_check_cert_and_algorithm(SSL *s)
- {
- int i,idx;
- long algs;
- EVP_PKEY *pkey=NULL;
- SESS_CERT *sc;
-#ifndef NO_RSA
- RSA *rsa;
-#endif
-#ifndef NO_DH
- DH *dh;
-#endif
-
- sc=s->session->sess_cert;
-
- if (sc == NULL)
- {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_INTERNAL_ERROR);
- goto err;
- }
-
- algs=s->s3->tmp.new_cipher->algorithms;
-
- /* we don't have a certificate */
- if (algs & (SSL_aDH|SSL_aNULL))
- return(1);
-
-#ifndef NO_RSA
- rsa=s->session->sess_cert->peer_rsa_tmp;
-#endif
-#ifndef NO_DH
- dh=s->session->sess_cert->peer_dh_tmp;
-#endif
-
- /* This is the passed certificate */
-
- idx=sc->peer_cert_type;
- pkey=X509_get_pubkey(sc->peer_pkeys[idx].x509);
- i=X509_certificate_type(sc->peer_pkeys[idx].x509,pkey);
- EVP_PKEY_free(pkey);
-
-
- /* Check that we have a certificate if we require one */
- if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
- {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
- goto f_err;
- }
-#ifndef NO_DSA
- else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
- {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
- goto f_err;
- }
-#endif
-#ifndef NO_RSA
- if ((algs & SSL_kRSA) &&
- !(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
- {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
- goto f_err;
- }
-#endif
-#ifndef NO_DH
- if ((algs & SSL_kEDH) &&
- !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
- {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
- goto f_err;
- }
- else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
- {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
- goto f_err;
- }
-#ifndef NO_DSA
- else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
- {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
- goto f_err;
- }
-#endif
-#endif
-
- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP))
- {
-#ifndef NO_RSA
- if (algs & SSL_kRSA)
- {
- if (rsa == NULL
- || RSA_size(rsa) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
- {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
- goto f_err;
- }
- }
- else
-#endif
-#ifndef NO_DH
- if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
- {
- if (dh == NULL
- || DH_size(dh) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
- {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY);
- goto f_err;
- }
- }
- else
-#endif
- {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
- goto f_err;
- }
- }
- return(1);
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-err:
- return(0);
- }
-
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
deleted file mode 100644
index c32c06de32..0000000000
--- a/src/lib/libssl/s3_lib.c
+++ /dev/null
@@ -1,1379 +0,0 @@
-/* ssl/s3_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/md5.h>
-#include <openssl/sha.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
-
-#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
-
-static long ssl3_default_timeout(void );
-
-OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
-/* The RSA ciphers */
-/* Cipher 01 */
- {
- 1,
- SSL3_TXT_RSA_NULL_MD5,
- SSL3_CK_RSA_NULL_MD5,
- SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
- SSL_NOT_EXP,
- 0,
- 0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 02 */
- {
- 1,
- SSL3_TXT_RSA_NULL_SHA,
- SSL3_CK_RSA_NULL_SHA,
- SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP,
- 0,
- 0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
-/* anon DH */
-/* Cipher 17 */
- {
- 1,
- SSL3_TXT_ADH_RC4_40_MD5,
- SSL3_CK_ADH_RC4_40_MD5,
- SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 18 */
- {
- 1,
- SSL3_TXT_ADH_RC4_128_MD5,
- SSL3_CK_ADH_RC4_128_MD5,
- SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
- SSL_NOT_EXP,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 19 */
- {
- 1,
- SSL3_TXT_ADH_DES_40_CBC_SHA,
- SSL3_CK_ADH_DES_40_CBC_SHA,
- SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 1A */
- {
- 1,
- SSL3_TXT_ADH_DES_64_CBC_SHA,
- SSL3_CK_ADH_DES_64_CBC_SHA,
- SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP,
- 0,
- 56,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 1B */
- {
- 1,
- SSL3_TXT_ADH_DES_192_CBC_SHA,
- SSL3_CK_ADH_DES_192_CBC_SHA,
- SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP,
- 0,
- 168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
-/* RSA again */
-/* Cipher 03 */
- {
- 1,
- SSL3_TXT_RSA_RC4_40_MD5,
- SSL3_CK_RSA_RC4_40_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 04 */
- {
- 1,
- SSL3_TXT_RSA_RC4_128_MD5,
- SSL3_CK_RSA_RC4_128_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|SSL_SSLV3,
- SSL_NOT_EXP|SSL_MEDIUM,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 05 */
- {
- 1,
- SSL3_TXT_RSA_RC4_128_SHA,
- SSL3_CK_RSA_RC4_128_SHA,
- SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP|SSL_MEDIUM,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 06 */
- {
- 1,
- SSL3_TXT_RSA_RC2_40_MD5,
- SSL3_CK_RSA_RC2_40_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_SSLV3,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 07 */
- {
- 1,
- SSL3_TXT_RSA_IDEA_128_SHA,
- SSL3_CK_RSA_IDEA_128_SHA,
- SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP|SSL_MEDIUM,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 08 */
- {
- 1,
- SSL3_TXT_RSA_DES_40_CBC_SHA,
- SSL3_CK_RSA_DES_40_CBC_SHA,
- SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 09 */
- {
- 1,
- SSL3_TXT_RSA_DES_64_CBC_SHA,
- SSL3_CK_RSA_DES_64_CBC_SHA,
- SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP|SSL_LOW,
- 0,
- 56,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 0A */
- {
- 1,
- SSL3_TXT_RSA_DES_192_CBC3_SHA,
- SSL3_CK_RSA_DES_192_CBC3_SHA,
- SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP|SSL_HIGH,
- 0,
- 168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
-/* The DH ciphers */
-/* Cipher 0B */
- {
- 0,
- SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
- SSL3_CK_DH_DSS_DES_40_CBC_SHA,
- SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 0C */
- {
- 0,
- SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
- SSL3_CK_DH_DSS_DES_64_CBC_SHA,
- SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP|SSL_LOW,
- 0,
- 56,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 0D */
- {
- 0,
- SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
- SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
- SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP|SSL_HIGH,
- 0,
- 168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 0E */
- {
- 0,
- SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
- SSL3_CK_DH_RSA_DES_40_CBC_SHA,
- SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 0F */
- {
- 0,
- SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
- SSL3_CK_DH_RSA_DES_64_CBC_SHA,
- SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP|SSL_LOW,
- 0,
- 56,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 10 */
- {
- 0,
- SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
- SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
- SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP|SSL_HIGH,
- 0,
- 168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
-/* The Ephemeral DH ciphers */
-/* Cipher 11 */
- {
- 1,
- SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
- SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
- SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 12 */
- {
- 1,
- SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
- SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
- SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP|SSL_LOW,
- 0,
- 56,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 13 */
- {
- 1,
- SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
- SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
- SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP|SSL_HIGH,
- 0,
- 168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 14 */
- {
- 1,
- SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
- SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
- SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 15 */
- {
- 1,
- SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
- SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
- SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP|SSL_LOW,
- 0,
- 56,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-/* Cipher 16 */
- {
- 1,
- SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
- SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
- SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP|SSL_HIGH,
- 0,
- 168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
-/* Fortezza */
-/* Cipher 1C */
- {
- 0,
- SSL3_TXT_FZA_DMS_NULL_SHA,
- SSL3_CK_FZA_DMS_NULL_SHA,
- SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP,
- 0,
- 0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
-/* Cipher 1D */
- {
- 0,
- SSL3_TXT_FZA_DMS_FZA_SHA,
- SSL3_CK_FZA_DMS_FZA_SHA,
- SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP,
- 0,
- 0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
-/* Cipher 1E */
- {
- 0,
- SSL3_TXT_FZA_DMS_RC4_SHA,
- SSL3_CK_FZA_DMS_RC4_SHA,
- SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_SSLV3,
- SSL_NOT_EXP,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
-#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
- /* New TLS Export CipherSuites */
- /* Cipher 60 */
- {
- 1,
- TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
- TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
- SSL_EXPORT|SSL_EXP56,
- 0,
- 56,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
- /* Cipher 61 */
- {
- 1,
- TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
- TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
- SSL_EXPORT|SSL_EXP56,
- 0,
- 56,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
- /* Cipher 62 */
- {
- 1,
- TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
- TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
- SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
- SSL_EXPORT|SSL_EXP56,
- 0,
- 56,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
- /* Cipher 63 */
- {
- 1,
- TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
- TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
- SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
- SSL_EXPORT|SSL_EXP56,
- 0,
- 56,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
- /* Cipher 64 */
- {
- 1,
- TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
- TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
- SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
- SSL_EXPORT|SSL_EXP56,
- 0,
- 56,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
- /* Cipher 65 */
- {
- 1,
- TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
- TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
- SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
- SSL_EXPORT|SSL_EXP56,
- 0,
- 56,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
- /* Cipher 66 */
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
- TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
- SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS
- },
-#endif
-
-/* end of list */
- };
-
-static SSL3_ENC_METHOD SSLv3_enc_data={
- ssl3_enc,
- ssl3_mac,
- ssl3_setup_key_block,
- ssl3_generate_master_secret,
- ssl3_change_cipher_state,
- ssl3_final_finish_mac,
- MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
- ssl3_cert_verify_mac,
- SSL3_MD_CLIENT_FINISHED_CONST,4,
- SSL3_MD_SERVER_FINISHED_CONST,4,
- ssl3_alert_code,
- };
-
-static SSL_METHOD SSLv3_data= {
- SSL3_VERSION,
- ssl3_new,
- ssl3_clear,
- ssl3_free,
- ssl_undefined_function,
- ssl_undefined_function,
- ssl3_read,
- ssl3_peek,
- ssl3_write,
- ssl3_shutdown,
- ssl3_renegotiate,
- ssl3_renegotiate_check,
- ssl3_ctrl,
- ssl3_ctx_ctrl,
- ssl3_get_cipher_by_char,
- ssl3_put_cipher_by_char,
- ssl3_pending,
- ssl3_num_ciphers,
- ssl3_get_cipher,
- ssl_bad_method,
- ssl3_default_timeout,
- &SSLv3_enc_data,
- ssl_undefined_function,
- ssl3_callback_ctrl,
- ssl3_ctx_callback_ctrl,
- };
-
-static long ssl3_default_timeout(void)
- {
- /* 2 hours, the 24 hours mentioned in the SSLv3 spec
- * is way too long for http, the cache would over fill */
- return(60*60*2);
- }
-
-SSL_METHOD *sslv3_base_method(void)
- {
- return(&SSLv3_data);
- }
-
-int ssl3_num_ciphers(void)
- {
- return(SSL3_NUM_CIPHERS);
- }
-
-SSL_CIPHER *ssl3_get_cipher(unsigned int u)
- {
- if (u < SSL3_NUM_CIPHERS)
- return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
- else
- return(NULL);
- }
-
-int ssl3_pending(SSL *s)
- {
- return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
- }
-
-int ssl3_new(SSL *s)
- {
- SSL3_STATE *s3;
-
- if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
- memset(s3,0,sizeof *s3);
-
- s->s3=s3;
-
- s->method->ssl_clear(s);
- return(1);
-err:
- return(0);
- }
-
-void ssl3_free(SSL *s)
- {
- if(s == NULL)
- return;
-
- ssl3_cleanup_key_block(s);
- if (s->s3->rbuf.buf != NULL)
- OPENSSL_free(s->s3->rbuf.buf);
- if (s->s3->wbuf.buf != NULL)
- OPENSSL_free(s->s3->wbuf.buf);
- if (s->s3->rrec.comp != NULL)
- OPENSSL_free(s->s3->rrec.comp);
-#ifndef NO_DH
- if (s->s3->tmp.dh != NULL)
- DH_free(s->s3->tmp.dh);
-#endif
- if (s->s3->tmp.ca_names != NULL)
- sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
- memset(s->s3,0,sizeof *s->s3);
- OPENSSL_free(s->s3);
- s->s3=NULL;
- }
-
-void ssl3_clear(SSL *s)
- {
- unsigned char *rp,*wp;
-
- ssl3_cleanup_key_block(s);
- if (s->s3->tmp.ca_names != NULL)
- sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
-
- if (s->s3->rrec.comp != NULL)
- {
- OPENSSL_free(s->s3->rrec.comp);
- s->s3->rrec.comp=NULL;
- }
-#ifndef NO_DH
- if (s->s3->tmp.dh != NULL)
- DH_free(s->s3->tmp.dh);
-#endif
-
- rp=s->s3->rbuf.buf;
- wp=s->s3->wbuf.buf;
-
- memset(s->s3,0,sizeof *s->s3);
- if (rp != NULL) s->s3->rbuf.buf=rp;
- if (wp != NULL) s->s3->wbuf.buf=wp;
-
- ssl_free_wbio_buffer(s);
-
- s->packet_length=0;
- s->s3->renegotiate=0;
- s->s3->total_renegotiations=0;
- s->s3->num_renegotiations=0;
- s->s3->in_read_app_data=0;
- s->version=SSL3_VERSION;
- }
-
-long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
- {
- int ret=0;
-
-#if !defined(NO_DSA) || !defined(NO_RSA)
- if (
-#ifndef NO_RSA
- cmd == SSL_CTRL_SET_TMP_RSA ||
- cmd == SSL_CTRL_SET_TMP_RSA_CB ||
-#endif
-#ifndef NO_DSA
- cmd == SSL_CTRL_SET_TMP_DH ||
- cmd == SSL_CTRL_SET_TMP_DH_CB ||
-#endif
- 0)
- {
- if (!ssl_cert_inst(&s->cert))
- {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
- return(0);
- }
- }
-#endif
-
- switch (cmd)
- {
- case SSL_CTRL_GET_SESSION_REUSED:
- ret=s->hit;
- break;
- case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
- break;
- case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
- ret=s->s3->num_renegotiations;
- break;
- case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
- ret=s->s3->num_renegotiations;
- s->s3->num_renegotiations=0;
- break;
- case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
- ret=s->s3->total_renegotiations;
- break;
- case SSL_CTRL_GET_FLAGS:
- ret=(int)(s->s3->flags);
- break;
-#ifndef NO_RSA
- case SSL_CTRL_NEED_TMP_RSA:
- if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
- ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
- (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
- ret = 1;
- break;
- case SSL_CTRL_SET_TMP_RSA:
- {
- RSA *rsa = (RSA *)parg;
- if (rsa == NULL)
- {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return(ret);
- }
- if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
- {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
- return(ret);
- }
- if (s->cert->rsa_tmp != NULL)
- RSA_free(s->cert->rsa_tmp);
- s->cert->rsa_tmp = rsa;
- ret = 1;
- }
- break;
- case SSL_CTRL_SET_TMP_RSA_CB:
- {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return(ret);
- }
- break;
-#endif
-#ifndef NO_DH
- case SSL_CTRL_SET_TMP_DH:
- {
- DH *dh = (DH *)parg;
- if (dh == NULL)
- {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return(ret);
- }
- if ((dh = DHparams_dup(dh)) == NULL)
- {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
- return(ret);
- }
- if (!(s->options & SSL_OP_SINGLE_DH_USE))
- {
- if (!DH_generate_key(dh))
- {
- DH_free(dh);
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
- return(ret);
- }
- }
- if (s->cert->dh_tmp != NULL)
- DH_free(s->cert->dh_tmp);
- s->cert->dh_tmp = dh;
- ret = 1;
- }
- break;
- case SSL_CTRL_SET_TMP_DH_CB:
- {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return(ret);
- }
- break;
-#endif
- default:
- break;
- }
- return(ret);
- }
-
-long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
- {
- int ret=0;
-
-#if !defined(NO_DSA) || !defined(NO_RSA)
- if (
-#ifndef NO_RSA
- cmd == SSL_CTRL_SET_TMP_RSA_CB ||
-#endif
-#ifndef NO_DSA
- cmd == SSL_CTRL_SET_TMP_DH_CB ||
-#endif
- 0)
- {
- if (!ssl_cert_inst(&s->cert))
- {
- SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
- return(0);
- }
- }
-#endif
-
- switch (cmd)
- {
-#ifndef NO_RSA
- case SSL_CTRL_SET_TMP_RSA_CB:
- {
- s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
- }
- break;
-#endif
-#ifndef NO_DH
- case SSL_CTRL_SET_TMP_DH_CB:
- {
- s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
- }
- break;
-#endif
- default:
- break;
- }
- return(ret);
- }
-
-long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
- {
- CERT *cert;
-
- cert=ctx->cert;
-
- switch (cmd)
- {
-#ifndef NO_RSA
- case SSL_CTRL_NEED_TMP_RSA:
- if ( (cert->rsa_tmp == NULL) &&
- ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
- (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
- )
- return(1);
- else
- return(0);
- /* break; */
- case SSL_CTRL_SET_TMP_RSA:
- {
- RSA *rsa;
- int i;
-
- rsa=(RSA *)parg;
- i=1;
- if (rsa == NULL)
- i=0;
- else
- {
- if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
- i=0;
- }
- if (!i)
- {
- SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
- return(0);
- }
- else
- {
- if (cert->rsa_tmp != NULL)
- RSA_free(cert->rsa_tmp);
- cert->rsa_tmp=rsa;
- return(1);
- }
- }
- /* break; */
- case SSL_CTRL_SET_TMP_RSA_CB:
- {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return(0);
- }
- break;
-#endif
-#ifndef NO_DH
- case SSL_CTRL_SET_TMP_DH:
- {
- DH *new=NULL,*dh;
-
- dh=(DH *)parg;
- if ((new=DHparams_dup(dh)) == NULL)
- {
- SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
- return 0;
- }
- if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
- {
- if (!DH_generate_key(new))
- {
- SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
- DH_free(new);
- return 0;
- }
- }
- if (cert->dh_tmp != NULL)
- DH_free(cert->dh_tmp);
- cert->dh_tmp=new;
- return 1;
- }
- /*break; */
- case SSL_CTRL_SET_TMP_DH_CB:
- {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return(0);
- }
- break;
-#endif
- /* A Thawte special :-) */
- case SSL_CTRL_EXTRA_CHAIN_CERT:
- if (ctx->extra_certs == NULL)
- {
- if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
- return(0);
- }
- sk_X509_push(ctx->extra_certs,(X509 *)parg);
- break;
-
- default:
- return(0);
- }
- return(1);
- }
-
-long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
- {
- CERT *cert;
-
- cert=ctx->cert;
-
- switch (cmd)
- {
-#ifndef NO_RSA
- case SSL_CTRL_SET_TMP_RSA_CB:
- {
- cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
- }
- break;
-#endif
-#ifndef NO_DH
- case SSL_CTRL_SET_TMP_DH_CB:
- {
- cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
- }
- break;
-#endif
- default:
- return(0);
- }
- return(1);
- }
-
-/* This function needs to check if the ciphers required are actually
- * available */
-SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
- {
- static int init=1;
- static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
- SSL_CIPHER c,*cp= &c,**cpp;
- unsigned long id;
- int i;
-
- if (init)
- {
- CRYPTO_w_lock(CRYPTO_LOCK_SSL);
-
- for (i=0; i<SSL3_NUM_CIPHERS; i++)
- sorted[i]= &(ssl3_ciphers[i]);
-
- qsort( (char *)sorted,
- SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
- FP_ICC ssl_cipher_ptr_id_cmp);
-
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-
- init=0;
- }
-
- id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
- c.id=id;
- cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
- (char *)sorted,
- SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
- FP_ICC ssl_cipher_ptr_id_cmp);
- if ((cpp == NULL) || !(*cpp)->valid)
- return(NULL);
- else
- return(*cpp);
- }
-
-int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
- {
- long l;
-
- if (p != NULL)
- {
- l=c->id;
- if ((l & 0xff000000) != 0x03000000) return(0);
- p[0]=((unsigned char)(l>> 8L))&0xFF;
- p[1]=((unsigned char)(l ))&0xFF;
- }
- return(2);
- }
-
-SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *have,
- STACK_OF(SSL_CIPHER) *pref)
- {
- SSL_CIPHER *c,*ret=NULL;
- int i,j,ok;
- CERT *cert;
- unsigned long alg,mask,emask;
-
- /* Let's see which ciphers we can support */
- cert=s->cert;
-
- sk_SSL_CIPHER_set_cmp_func(pref,ssl_cipher_ptr_id_cmp);
-
-#ifdef CIPHER_DEBUG
- printf("Have:\n");
- for(i=0 ; i < sk_num(pref) ; ++i)
- {
- c=(SSL_CIPHER *)sk_value(pref,i);
- printf("%p:%s\n",c,c->name);
- }
-#endif
-
- for (i=0; i<sk_SSL_CIPHER_num(have); i++)
- {
- c=sk_SSL_CIPHER_value(have,i);
-
- ssl_set_cert_masks(cert,c);
- mask=cert->mask;
- emask=cert->export_mask;
-
- alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
- if (SSL_C_IS_EXPORT(c))
- {
- ok=((alg & emask) == alg)?1:0;
-#ifdef CIPHER_DEBUG
- printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
- c,c->name);
-#endif
- }
- else
- {
- ok=((alg & mask) == alg)?1:0;
-#ifdef CIPHER_DEBUG
- printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
- c->name);
-#endif
- }
-
- if (!ok) continue;
-
- j=sk_SSL_CIPHER_find(pref,c);
- if (j >= 0)
- {
- ret=sk_SSL_CIPHER_value(pref,j);
- break;
- }
- }
- return(ret);
- }
-
-int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
- {
- int ret=0;
- unsigned long alg;
-
- alg=s->s3->tmp.new_cipher->algorithms;
-
-#ifndef NO_DH
- if (alg & (SSL_kDHr|SSL_kEDH))
- {
-# ifndef NO_RSA
- p[ret++]=SSL3_CT_RSA_FIXED_DH;
-# endif
-# ifndef NO_DSA
- p[ret++]=SSL3_CT_DSS_FIXED_DH;
-# endif
- }
- if ((s->version == SSL3_VERSION) &&
- (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
- {
-# ifndef NO_RSA
- p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
-# endif
-# ifndef NO_DSA
- p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
-# endif
- }
-#endif /* !NO_DH */
-#ifndef NO_RSA
- p[ret++]=SSL3_CT_RSA_SIGN;
-#endif
-#ifndef NO_DSA
- p[ret++]=SSL3_CT_DSS_SIGN;
-#endif
- return(ret);
- }
-
-int ssl3_shutdown(SSL *s)
- {
-
- /* Don't do anything much if we have not done the handshake or
- * we don't want to send messages :-) */
- if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
- {
- s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
- return(1);
- }
-
- if (!(s->shutdown & SSL_SENT_SHUTDOWN))
- {
- s->shutdown|=SSL_SENT_SHUTDOWN;
-#if 1
- ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
-#endif
- /* our shutdown alert has been sent now, and if it still needs
- * to be written, s->s3->alert_dispatch will be true */
- }
- else if (s->s3->alert_dispatch)
- {
- /* resend it if not sent */
-#if 1
- ssl3_dispatch_alert(s);
-#endif
- }
- else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
- {
- /* If we are waiting for a close from our peer, we are closed */
- ssl3_read_bytes(s,0,NULL,0,0);
- }
-
- if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
- !s->s3->alert_dispatch)
- return(1);
- else
- return(0);
- }
-
-int ssl3_write(SSL *s, const void *buf, int len)
- {
- int ret,n;
-
-#if 0
- if (s->shutdown & SSL_SEND_SHUTDOWN)
- {
- s->rwstate=SSL_NOTHING;
- return(0);
- }
-#endif
- clear_sys_error();
- if (s->s3->renegotiate) ssl3_renegotiate_check(s);
-
- /* This is an experimental flag that sends the
- * last handshake message in the same packet as the first
- * use data - used to see if it helps the TCP protocol during
- * session-id reuse */
- /* The second test is because the buffer may have been removed */
- if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
- {
- /* First time through, we write into the buffer */
- if (s->s3->delay_buf_pop_ret == 0)
- {
- ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
- buf,len);
- if (ret <= 0) return(ret);
-
- s->s3->delay_buf_pop_ret=ret;
- }
-
- s->rwstate=SSL_WRITING;
- n=BIO_flush(s->wbio);
- if (n <= 0) return(n);
- s->rwstate=SSL_NOTHING;
-
- /* We have flushed the buffer, so remove it */
- ssl_free_wbio_buffer(s);
- s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
-
- ret=s->s3->delay_buf_pop_ret;
- s->s3->delay_buf_pop_ret=0;
- }
- else
- {
- ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
- buf,len);
- if (ret <= 0) return(ret);
- }
-
- return(ret);
- }
-
-static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
- {
- int ret;
-
- clear_sys_error();
- if (s->s3->renegotiate) ssl3_renegotiate_check(s);
- s->s3->in_read_app_data=1;
- ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
- if ((ret == -1) && (s->s3->in_read_app_data == 0))
- {
- /* ssl3_read_bytes decided to call s->handshake_func, which
- * called ssl3_read_bytes to read handshake data.
- * However, ssl3_read_bytes actually found application data
- * and thinks that application data makes sense here (signalled
- * by resetting 'in_read_app_data', strangely); so disable
- * handshake processing and try to read application data again. */
- s->in_handshake++;
- ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
- s->in_handshake--;
- }
- else
- s->s3->in_read_app_data=0;
-
- return(ret);
- }
-
-int ssl3_read(SSL *s, void *buf, int len)
- {
- return ssl3_read_internal(s, buf, len, 0);
- }
-
-int ssl3_peek(SSL *s, void *buf, int len)
- {
- return ssl3_read_internal(s, buf, len, 1);
- }
-
-int ssl3_renegotiate(SSL *s)
- {
- if (s->handshake_func == NULL)
- return(1);
-
- if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
- return(0);
-
- s->s3->renegotiate=1;
- return(1);
- }
-
-int ssl3_renegotiate_check(SSL *s)
- {
- int ret=0;
-
- if (s->s3->renegotiate)
- {
- if ( (s->s3->rbuf.left == 0) &&
- (s->s3->wbuf.left == 0) &&
- !SSL_in_init(s))
- {
-/*
-if we are the server, and we have sent a 'RENEGOTIATE' message, we
-need to go to SSL_ST_ACCEPT.
-*/
- /* SSL_ST_ACCEPT */
- s->state=SSL_ST_RENEGOTIATE;
- s->s3->renegotiate=0;
- s->s3->num_renegotiations++;
- s->s3->total_renegotiations++;
- ret=1;
- }
- }
- return(ret);
- }
-
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c
deleted file mode 100644
index 9ab76604a6..0000000000
--- a/src/lib/libssl/s3_pkt.c
+++ /dev/null
@@ -1,1204 +0,0 @@
-/* ssl/s3_pkt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include <openssl/evp.h>
-#include <openssl/buffer.h>
-#include "ssl_locl.h"
-
-static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
- unsigned int len);
-static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
- unsigned int len);
-static int ssl3_get_record(SSL *s);
-static int do_compress(SSL *ssl);
-static int do_uncompress(SSL *ssl);
-static int do_change_cipher_spec(SSL *ssl);
-
-/* used only by ssl3_get_record */
-static int ssl3_read_n(SSL *s, int n, int max, int extend)
- {
- /* If extend == 0, obtain new n-byte packet; if extend == 1, increase
- * packet by another n bytes.
- * The packet will be in the sub-array of s->s3->rbuf.buf specified
- * by s->packet and s->packet_length.
- * (If s->read_ahead is set, 'max' bytes may be stored in rbuf
- * [plus s->packet_length bytes if extend == 1].)
- */
- int i,off,newb;
-
- if (!extend)
- {
- /* start with empty packet ... */
- if (s->s3->rbuf.left == 0)
- s->s3->rbuf.offset = 0;
- s->packet = s->s3->rbuf.buf + s->s3->rbuf.offset;
- s->packet_length = 0;
- /* ... now we can act as if 'extend' was set */
- }
-
- /* if there is enough in the buffer from a previous read, take some */
- if (s->s3->rbuf.left >= (int)n)
- {
- s->packet_length+=n;
- s->s3->rbuf.left-=n;
- s->s3->rbuf.offset+=n;
- return(n);
- }
-
- /* else we need to read more data */
- if (!s->read_ahead)
- max=n;
-
- {
- /* avoid buffer overflow */
- int max_max = SSL3_RT_MAX_PACKET_SIZE - s->packet_length;
- if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
- max_max += SSL3_RT_MAX_EXTRA;
- if (max > max_max)
- max = max_max;
- }
- if (n > max) /* does not happen */
- {
- SSLerr(SSL_F_SSL3_READ_N,SSL_R_INTERNAL_ERROR);
- return -1;
- }
-
- off = s->packet_length;
- newb = s->s3->rbuf.left;
- /* Move any available bytes to front of buffer:
- * 'off' bytes already pointed to by 'packet',
- * 'newb' extra ones at the end */
- if (s->packet != s->s3->rbuf.buf)
- {
- /* off > 0 */
- memmove(s->s3->rbuf.buf, s->packet, off+newb);
- s->packet = s->s3->rbuf.buf;
- }
-
- while (newb < n)
- {
- /* Now we have off+newb bytes at the front of s->s3->rbuf.buf and need
- * to read in more until we have off+n (up to off+max if possible) */
-
- clear_sys_error();
- if (s->rbio != NULL)
- {
- s->rwstate=SSL_READING;
- i=BIO_read(s->rbio, &(s->s3->rbuf.buf[off+newb]), max-newb);
- }
- else
- {
- SSLerr(SSL_F_SSL3_READ_N,SSL_R_READ_BIO_NOT_SET);
- i = -1;
- }
-
- if (i <= 0)
- {
- s->s3->rbuf.left = newb;
- return(i);
- }
- newb+=i;
- }
-
- /* done reading, now the book-keeping */
- s->s3->rbuf.offset = off + n;
- s->s3->rbuf.left = newb - n;
- s->packet_length += n;
- s->rwstate=SSL_NOTHING;
- return(n);
- }
-
-/* Call this to get a new input record.
- * It will return <= 0 if more data is needed, normally due to an error
- * or non-blocking IO.
- * When it finishes, one packet has been decoded and can be found in
- * ssl->s3->rrec.type - is the type of record
- * ssl->s3->rrec.data, - data
- * ssl->s3->rrec.length, - number of bytes
- */
-/* used only by ssl3_read_bytes */
-static int ssl3_get_record(SSL *s)
- {
- int ssl_major,ssl_minor,al;
- int n,i,ret= -1;
- SSL3_RECORD *rr;
- SSL_SESSION *sess;
- unsigned char *p;
- unsigned char md[EVP_MAX_MD_SIZE];
- short version;
- unsigned int mac_size;
- int clear=0,extra;
-
- rr= &(s->s3->rrec);
- sess=s->session;
-
- if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
- extra=SSL3_RT_MAX_EXTRA;
- else
- extra=0;
-
-again:
- /* check if we have the header */
- if ( (s->rstate != SSL_ST_READ_BODY) ||
- (s->packet_length < SSL3_RT_HEADER_LENGTH))
- {
- n=ssl3_read_n(s,SSL3_RT_HEADER_LENGTH,
- SSL3_RT_MAX_PACKET_SIZE,0);
- if (n <= 0) return(n); /* error or non-blocking */
- s->rstate=SSL_ST_READ_BODY;
-
- p=s->packet;
-
- /* Pull apart the header into the SSL3_RECORD */
- rr->type= *(p++);
- ssl_major= *(p++);
- ssl_minor= *(p++);
- version=(ssl_major<<8)|ssl_minor;
- n2s(p,rr->length);
-
- /* Lets check version */
- if (s->first_packet)
- {
- s->first_packet=0;
- }
- else
- {
- if (version != s->version)
- {
- SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
- /* Send back error using their
- * version number :-) */
- s->version=version;
- al=SSL_AD_PROTOCOL_VERSION;
- goto f_err;
- }
- }
-
- if ((version>>8) != SSL3_VERSION_MAJOR)
- {
- SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
- goto err;
- }
-
- if (rr->length >
- (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
- {
- al=SSL_AD_RECORD_OVERFLOW;
- SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);
- goto f_err;
- }
-
- /* now s->rstate == SSL_ST_READ_BODY */
- }
-
- /* s->rstate == SSL_ST_READ_BODY, get and decode the data */
-
- if (rr->length > (s->packet_length-SSL3_RT_HEADER_LENGTH))
- {
- /* now s->packet_length == SSL3_RT_HEADER_LENGTH */
- i=rr->length;
- n=ssl3_read_n(s,i,i,1);
- if (n <= 0) return(n); /* error or non-blocking io */
- /* now n == rr->length,
- * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */
- }
-
- s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */
-
- /* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
- * and we have that many bytes in s->packet
- */
- rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);
-
- /* ok, we can now read from 's->packet' data into 'rr'
- * rr->input points at rr->length bytes, which
- * need to be copied into rr->data by either
- * the decryption or by the decompression
- * When the data is 'copied' into the rr->data buffer,
- * rr->input will be pointed at the new buffer */
-
- /* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
- * rr->length bytes of encrypted compressed stuff. */
-
- /* check is not needed I believe */
- if (rr->length > (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
- {
- al=SSL_AD_RECORD_OVERFLOW;
- SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
- goto f_err;
- }
-
- /* decrypt in place in 'rr->input' */
- rr->data=rr->input;
-
- if (!s->method->ssl3_enc->enc(s,0))
- {
- al=SSL_AD_DECRYPT_ERROR;
- goto f_err;
- }
-#ifdef TLS_DEBUG
-printf("dec %d\n",rr->length);
-{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); }
-printf("\n");
-#endif
- /* r->length is now the compressed data plus mac */
- if ( (sess == NULL) ||
- (s->enc_read_ctx == NULL) ||
- (s->read_hash == NULL))
- clear=1;
-
- if (!clear)
- {
- mac_size=EVP_MD_size(s->read_hash);
-
- if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
- {
- al=SSL_AD_RECORD_OVERFLOW;
- SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
- goto f_err;
- }
- /* check the MAC for rr->input (it's in mac_size bytes at the tail) */
- if (rr->length < mac_size)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
- }
- rr->length-=mac_size;
- i=s->method->ssl3_enc->mac(s,md,0);
- if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
- {
- al=SSL_AD_BAD_RECORD_MAC;
- SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_MAC_DECODE);
- ret= -1;
- goto f_err;
- }
- }
-
- /* r->length is now just compressed */
- if (s->expand != NULL)
- {
- if (rr->length >
- (unsigned int)SSL3_RT_MAX_COMPRESSED_LENGTH+extra)
- {
- al=SSL_AD_RECORD_OVERFLOW;
- SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);
- goto f_err;
- }
- if (!do_uncompress(s))
- {
- al=SSL_AD_DECOMPRESSION_FAILURE;
- SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);
- goto f_err;
- }
- }
-
- if (rr->length > (unsigned int)SSL3_RT_MAX_PLAIN_LENGTH+extra)
- {
- al=SSL_AD_RECORD_OVERFLOW;
- SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);
- goto f_err;
- }
-
- rr->off=0;
- /* So at this point the following is true
- * ssl->s3->rrec.type is the type of record
- * ssl->s3->rrec.length == number of bytes in record
- * ssl->s3->rrec.off == offset to first valid byte
- * ssl->s3->rrec.data == where to take bytes from, increment
- * after use :-).
- */
-
- /* we have pulled in a full packet so zero things */
- s->packet_length=0;
-
- /* just read a 0 length packet */
- if (rr->length == 0) goto again;
-
- return(1);
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
-err:
- return(ret);
- }
-
-static int do_uncompress(SSL *ssl)
- {
- int i;
- SSL3_RECORD *rr;
-
- rr= &(ssl->s3->rrec);
- i=COMP_expand_block(ssl->expand,rr->comp,
- SSL3_RT_MAX_PLAIN_LENGTH,rr->data,(int)rr->length);
- if (i < 0)
- return(0);
- else
- rr->length=i;
- rr->data=rr->comp;
-
- return(1);
- }
-
-static int do_compress(SSL *ssl)
- {
- int i;
- SSL3_RECORD *wr;
-
- wr= &(ssl->s3->wrec);
- i=COMP_compress_block(ssl->compress,wr->data,
- SSL3_RT_MAX_COMPRESSED_LENGTH,
- wr->input,(int)wr->length);
- if (i < 0)
- return(0);
- else
- wr->length=i;
-
- wr->input=wr->data;
- return(1);
- }
-
-/* Call this to write data in records of type 'type'
- * It will return <= 0 if not all data has been sent or non-blocking IO.
- */
-int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
- {
- const unsigned char *buf=buf_;
- unsigned int tot,n,nw;
- int i;
-
- s->rwstate=SSL_NOTHING;
- tot=s->s3->wnum;
- s->s3->wnum=0;
-
- if (SSL_in_init(s) && !s->in_handshake)
- {
- i=s->handshake_func(s);
- if (i < 0) return(i);
- if (i == 0)
- {
- SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
- return(-1);
- }
- }
-
- n=(len-tot);
- for (;;)
- {
- if (n > SSL3_RT_MAX_PLAIN_LENGTH)
- nw=SSL3_RT_MAX_PLAIN_LENGTH;
- else
- nw=n;
-
- i=do_ssl3_write(s,type,&(buf[tot]),nw);
- if (i <= 0)
- {
- s->s3->wnum=tot;
- return(i);
- }
-
- if ((i == (int)n) ||
- (type == SSL3_RT_APPLICATION_DATA &&
- (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)))
- {
- return(tot+i);
- }
-
- n-=i;
- tot+=i;
- }
- }
-
-static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
- unsigned int len)
- {
- unsigned char *p,*plen;
- int i,mac_size,clear=0;
- SSL3_RECORD *wr;
- SSL3_BUFFER *wb;
- SSL_SESSION *sess;
-
- /* first check is there is a SSL3_RECORD still being written
- * out. This will happen with non blocking IO */
- if (s->s3->wbuf.left != 0)
- return(ssl3_write_pending(s,type,buf,len));
-
- /* If we have an alert to send, lets send it */
- if (s->s3->alert_dispatch)
- {
- i=ssl3_dispatch_alert(s);
- if (i <= 0)
- return(i);
- /* if it went, fall through and send more stuff */
- }
-
- if (len == 0) return(len);
-
- wr= &(s->s3->wrec);
- wb= &(s->s3->wbuf);
- sess=s->session;
-
- if ( (sess == NULL) ||
- (s->enc_write_ctx == NULL) ||
- (s->write_hash == NULL))
- clear=1;
-
- if (clear)
- mac_size=0;
- else
- mac_size=EVP_MD_size(s->write_hash);
-
- p=wb->buf;
-
- /* write the header */
- *(p++)=type&0xff;
- wr->type=type;
-
- *(p++)=(s->version>>8);
- *(p++)=s->version&0xff;
-
- /* record where we are to write out packet length */
- plen=p;
- p+=2;
-
- /* lets setup the record stuff. */
- wr->data=p;
- wr->length=(int)len;
- wr->input=(unsigned char *)buf;
-
- /* we now 'read' from wr->input, wr->length bytes into
- * wr->data */
-
- /* first we compress */
- if (s->compress != NULL)
- {
- if (!do_compress(s))
- {
- SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE);
- goto err;
- }
- }
- else
- {
- memcpy(wr->data,wr->input,wr->length);
- wr->input=wr->data;
- }
-
- /* we should still have the output to wr->data and the input
- * from wr->input. Length should be wr->length.
- * wr->data still points in the wb->buf */
-
- if (mac_size != 0)
- {
- s->method->ssl3_enc->mac(s,&(p[wr->length]),1);
- wr->length+=mac_size;
- wr->input=p;
- wr->data=p;
- }
-
- /* ssl3_enc can only have an error on read */
- s->method->ssl3_enc->enc(s,1);
-
- /* record length after mac and block padding */
- s2n(wr->length,plen);
-
- /* we should now have
- * wr->data pointing to the encrypted data, which is
- * wr->length long */
- wr->type=type; /* not needed but helps for debugging */
- wr->length+=SSL3_RT_HEADER_LENGTH;
-
- /* Now lets setup wb */
- wb->left=wr->length;
- wb->offset=0;
-
- s->s3->wpend_tot=len;
- s->s3->wpend_buf=buf;
- s->s3->wpend_type=type;
- s->s3->wpend_ret=len;
-
- /* we now just need to write the buffer */
- return(ssl3_write_pending(s,type,buf,len));
-err:
- return(-1);
- }
-
-/* if s->s3->wbuf.left != 0, we need to call this */
-static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
- unsigned int len)
- {
- int i;
-
-/* XXXX */
- if ((s->s3->wpend_tot > (int)len)
- || ((s->s3->wpend_buf != buf) &&
- !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))
- || (s->s3->wpend_type != type))
- {
- SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
- return(-1);
- }
-
- for (;;)
- {
- clear_sys_error();
- if (s->wbio != NULL)
- {
- s->rwstate=SSL_WRITING;
- i=BIO_write(s->wbio,
- (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]),
- (unsigned int)s->s3->wbuf.left);
- }
- else
- {
- SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET);
- i= -1;
- }
- if (i == s->s3->wbuf.left)
- {
- s->s3->wbuf.left=0;
- s->rwstate=SSL_NOTHING;
- return(s->s3->wpend_ret);
- }
- else if (i <= 0)
- return(i);
- s->s3->wbuf.offset+=i;
- s->s3->wbuf.left-=i;
- }
- }
-
-/* Return up to 'len' payload bytes received in 'type' records.
- * 'type' is one of the following:
- *
- * - SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
- * - SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
- * - 0 (during a shutdown, no data has to be returned)
- *
- * If we don't have stored data to work from, read a SSL/TLS record first
- * (possibly multiple records if we still don't have anything to return).
- *
- * This function must handle any surprises the peer may have for us, such as
- * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
- * a surprise, but handled as if it were), or renegotiation requests.
- * Also if record payloads contain fragments too small to process, we store
- * them until there is enough for the respective protocol (the record protocol
- * may use arbitrary fragmentation and even interleaving):
- * Change cipher spec protocol
- * just 1 byte needed, no need for keeping anything stored
- * Alert protocol
- * 2 bytes needed (AlertLevel, AlertDescription)
- * Handshake protocol
- * 4 bytes needed (HandshakeType, uint24 length) -- we just have
- * to detect unexpected Client Hello and Hello Request messages
- * here, anything else is handled by higher layers
- * Application data protocol
- * none of our business
- */
-int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
- {
- int al,i,j,ret;
- unsigned int n;
- SSL3_RECORD *rr;
- void (*cb)()=NULL;
-
- if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
- if (!ssl3_setup_buffers(s))
- return(-1);
-
- if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) ||
- (peek && (type != SSL3_RT_APPLICATION_DATA)))
- {
- SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_INTERNAL_ERROR);
- return -1;
- }
-
- if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0))
- /* (partially) satisfy request from storage */
- {
- unsigned char *src = s->s3->handshake_fragment;
- unsigned char *dst = buf;
- unsigned int k;
-
- /* peek == 0 */
- n = 0;
- while ((len > 0) && (s->s3->handshake_fragment_len > 0))
- {
- *dst++ = *src++;
- len--; s->s3->handshake_fragment_len--;
- n++;
- }
- /* move any remaining fragment bytes: */
- for (k = 0; k < s->s3->handshake_fragment_len; k++)
- s->s3->handshake_fragment[k] = *src++;
- return n;
- }
-
- /* Now s->s3->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */
-
- if (!s->in_handshake && SSL_in_init(s))
- {
- /* type == SSL3_RT_APPLICATION_DATA */
- i=s->handshake_func(s);
- if (i < 0) return(i);
- if (i == 0)
- {
- SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
- return(-1);
- }
- }
-start:
- s->rwstate=SSL_NOTHING;
-
- /* s->s3->rrec.type - is the type of record
- * s->s3->rrec.data, - data
- * s->s3->rrec.off, - offset into 'data' for next read
- * s->s3->rrec.length, - number of bytes. */
- rr = &(s->s3->rrec);
-
- /* get new packet if necessary */
- if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY))
- {
- ret=ssl3_get_record(s);
- if (ret <= 0) return(ret);
- }
-
- /* we now have a packet which can be read and processed */
-
- if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
- * reset by ssl3_get_finished */
- && (rr->type != SSL3_RT_HANDSHAKE))
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
- goto err;
- }
-
- /* If the other end has shut down, throw anything we read away
- * (even in 'peek' mode) */
- if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
- {
- rr->length=0;
- s->rwstate=SSL_NOTHING;
- return(0);
- }
-
-
- if (type == rr->type) /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */
- {
- /* make sure that we are not getting application data when we
- * are doing a handshake for the first time */
- if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
- (s->enc_read_ctx == NULL))
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE);
- goto f_err;
- }
-
- if (len <= 0) return(len);
-
- if ((unsigned int)len > rr->length)
- n = rr->length;
- else
- n = (unsigned int)len;
-
- memcpy(buf,&(rr->data[rr->off]),n);
- if (!peek)
- {
- rr->length-=n;
- rr->off+=n;
- if (rr->length == 0)
- {
- s->rstate=SSL_ST_READ_HEADER;
- rr->off=0;
- }
- }
- return(n);
- }
-
-
- /* If we get here, then type != rr->type; if we have a handshake
- * message, then it was unexpected (Hello Request or Client Hello). */
-
- /* In case of record types for which we have 'fragment' storage,
- * fill that so that we can process the data at a fixed place.
- */
- {
- unsigned int dest_maxlen = 0;
- unsigned char *dest = NULL;
- unsigned int *dest_len = NULL;
-
- if (rr->type == SSL3_RT_HANDSHAKE)
- {
- dest_maxlen = sizeof s->s3->handshake_fragment;
- dest = s->s3->handshake_fragment;
- dest_len = &s->s3->handshake_fragment_len;
- }
- else if (rr->type == SSL3_RT_ALERT)
- {
- dest_maxlen = sizeof s->s3->alert_fragment;
- dest = s->s3->alert_fragment;
- dest_len = &s->s3->alert_fragment_len;
- }
-
- if (dest_maxlen > 0)
- {
- n = dest_maxlen - *dest_len; /* available space in 'dest' */
- if (rr->length < n)
- n = rr->length; /* available bytes */
-
- /* now move 'n' bytes: */
- while (n-- > 0)
- {
- dest[(*dest_len)++] = rr->data[rr->off++];
- rr->length--;
- }
-
- if (*dest_len < dest_maxlen)
- goto start; /* fragment was too small */
- }
- }
-
- /* s->s3->handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE;
- * s->s3->alert_fragment_len == 2 iff rr->type == SSL3_RT_ALERT.
- * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */
-
- /* If we are a client, check for an incoming 'Hello Request': */
- if ((!s->server) &&
- (s->s3->handshake_fragment_len >= 4) &&
- (s->s3->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
- (s->session != NULL) && (s->session->cipher != NULL))
- {
- s->s3->handshake_fragment_len = 0;
-
- if ((s->s3->handshake_fragment[1] != 0) ||
- (s->s3->handshake_fragment[2] != 0) ||
- (s->s3->handshake_fragment[3] != 0))
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST);
- goto err;
- }
-
- if (SSL_is_init_finished(s) &&
- !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
- !s->s3->renegotiate)
- {
- ssl3_renegotiate(s);
- if (ssl3_renegotiate_check(s))
- {
- i=s->handshake_func(s);
- if (i < 0) return(i);
- if (i == 0)
- {
- SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
- return(-1);
- }
-
- if (!(s->mode & SSL_MODE_AUTO_RETRY))
- {
- if (s->s3->rbuf.left == 0) /* no read-ahead left? */
- {
- BIO *bio;
- /* In the case where we try to read application data,
- * but we trigger an SSL handshake, we return -1 with
- * the retry option set. Otherwise renegotiation may
- * cause nasty problems in the blocking world */
- s->rwstate=SSL_READING;
- bio=SSL_get_rbio(s);
- BIO_clear_retry_flags(bio);
- BIO_set_retry_read(bio);
- return(-1);
- }
- }
- }
- }
- /* we either finished a handshake or ignored the request,
- * now try again to obtain the (application) data we were asked for */
- goto start;
- }
-
- if (s->s3->alert_fragment_len >= 2)
- {
- int alert_level = s->s3->alert_fragment[0];
- int alert_descr = s->s3->alert_fragment[1];
-
- s->s3->alert_fragment_len = 0;
-
- if (s->info_callback != NULL)
- cb=s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb=s->ctx->info_callback;
-
- if (cb != NULL)
- {
- j = (alert_level << 8) | alert_descr;
- cb(s, SSL_CB_READ_ALERT, j);
- }
-
- if (alert_level == 1) /* warning */
- {
- s->s3->warn_alert = alert_descr;
- if (alert_descr == SSL_AD_CLOSE_NOTIFY)
- {
- s->shutdown |= SSL_RECEIVED_SHUTDOWN;
- return(0);
- }
- }
- else if (alert_level == 2) /* fatal */
- {
- char tmp[16];
-
- s->rwstate=SSL_NOTHING;
- s->s3->fatal_alert = alert_descr;
- SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
- BIO_snprintf(tmp,sizeof tmp,"%d",alert_descr);
- ERR_add_error_data(2,"SSL alert number ",tmp);
- s->shutdown|=SSL_RECEIVED_SHUTDOWN;
- SSL_CTX_remove_session(s->ctx,s->session);
- return(0);
- }
- else
- {
- al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE);
- goto f_err;
- }
-
- goto start;
- }
-
- if (s->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */
- {
- s->rwstate=SSL_NOTHING;
- rr->length=0;
- return(0);
- }
-
- if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
- {
- /* 'Change Cipher Spec' is just a single byte, so we know
- * exactly what the record payload has to look like */
- if ( (rr->length != 1) || (rr->off != 0) ||
- (rr->data[0] != SSL3_MT_CCS))
- {
- i=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
- goto err;
- }
-
- rr->length=0;
- s->s3->change_cipher_spec=1;
- if (!do_change_cipher_spec(s))
- goto err;
- else
- goto start;
- }
-
- /* Unexpected handshake message (Client Hello, or protocol violation) */
- if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake)
- {
- if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
- !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
- {
-#if 0 /* worked only because C operator preferences are not as expected (and
- * because this is not really needed for clients except for detecting
- * protocol violations): */
- s->state=SSL_ST_BEFORE|(s->server)
- ?SSL_ST_ACCEPT
- :SSL_ST_CONNECT;
-#else
- s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
-#endif
- s->new_session=1;
- }
- i=s->handshake_func(s);
- if (i < 0) return(i);
- if (i == 0)
- {
- SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
- return(-1);
- }
-
- if (!(s->mode & SSL_MODE_AUTO_RETRY))
- {
- if (s->s3->rbuf.left == 0) /* no read-ahead left? */
- {
- BIO *bio;
- /* In the case where we try to read application data,
- * but we trigger an SSL handshake, we return -1 with
- * the retry option set. Otherwise renegotiation may
- * cause nasty problems in the blocking world */
- s->rwstate=SSL_READING;
- bio=SSL_get_rbio(s);
- BIO_clear_retry_flags(bio);
- BIO_set_retry_read(bio);
- return(-1);
- }
- }
- goto start;
- }
-
- switch (rr->type)
- {
- default:
-#ifndef NO_TLS
- /* TLS just ignores unknown message types */
- if (s->version == TLS1_VERSION)
- {
- goto start;
- }
-#endif
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
- goto f_err;
- case SSL3_RT_CHANGE_CIPHER_SPEC:
- case SSL3_RT_ALERT:
- case SSL3_RT_HANDSHAKE:
- /* we already handled all of these, with the possible exception
- * of SSL3_RT_HANDSHAKE when s->in_handshake is set, but that
- * should not happen when type != rr->type */
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_INTERNAL_ERROR);
- goto f_err;
- case SSL3_RT_APPLICATION_DATA:
- /* At this point, we were expecting handshake data,
- * but have application data. If the library was
- * running inside ssl3_read() (i.e. in_read_app_data
- * is set) and it makes sense to read application data
- * at this point (session renegotiation not yet started),
- * we will indulge it.
- */
- if (s->s3->in_read_app_data &&
- (s->s3->total_renegotiations != 0) &&
- ((
- (s->state & SSL_ST_CONNECT) &&
- (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
- (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
- ) || (
- (s->state & SSL_ST_ACCEPT) &&
- (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
- (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
- )
- ))
- {
- s->s3->in_read_app_data=0;
- return(-1);
- }
- else
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
- goto f_err;
- }
- }
- /* not reached */
-
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
-err:
- return(-1);
- }
-
-static int do_change_cipher_spec(SSL *s)
- {
- int i;
- const char *sender;
- int slen;
-
- if (s->state & SSL_ST_ACCEPT)
- i=SSL3_CHANGE_CIPHER_SERVER_READ;
- else
- i=SSL3_CHANGE_CIPHER_CLIENT_READ;
-
- if (s->s3->tmp.key_block == NULL)
- {
- s->session->cipher=s->s3->tmp.new_cipher;
- if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
- }
-
- if (!s->method->ssl3_enc->change_cipher_state(s,i))
- return(0);
-
- /* we have to record the message digest at
- * this point so we can get it before we read
- * the finished message */
- if (s->state & SSL_ST_CONNECT)
- {
- sender=s->method->ssl3_enc->server_finished_label;
- slen=s->method->ssl3_enc->server_finished_label_len;
- }
- else
- {
- sender=s->method->ssl3_enc->client_finished_label;
- slen=s->method->ssl3_enc->client_finished_label_len;
- }
-
- s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
- &(s->s3->finish_dgst1),
- &(s->s3->finish_dgst2),
- sender,slen,s->s3->tmp.peer_finish_md);
-
- return(1);
- }
-
-void ssl3_send_alert(SSL *s, int level, int desc)
- {
- /* Map tls/ssl alert value to correct one */
- desc=s->method->ssl3_enc->alert_value(desc);
- if (desc < 0) return;
- /* If a fatal one, remove from cache */
- if ((level == 2) && (s->session != NULL))
- SSL_CTX_remove_session(s->ctx,s->session);
-
- s->s3->alert_dispatch=1;
- s->s3->send_alert[0]=level;
- s->s3->send_alert[1]=desc;
- if (s->s3->wbuf.left == 0) /* data still being written out */
- ssl3_dispatch_alert(s);
- /* else data is still being written out, we will get written
- * some time in the future */
- }
-
-int ssl3_dispatch_alert(SSL *s)
- {
- int i,j;
- void (*cb)()=NULL;
-
- s->s3->alert_dispatch=0;
- i=do_ssl3_write(s,SSL3_RT_ALERT,&s->s3->send_alert[0],2);
- if (i <= 0)
- {
- s->s3->alert_dispatch=1;
- }
- else
- {
- /* If it is important, send it now. If the message
- * does not get sent due to non-blocking IO, we will
- * not worry too much. */
- if (s->s3->send_alert[0] == SSL3_AL_FATAL)
- (void)BIO_flush(s->wbio);
-
- if (s->info_callback != NULL)
- cb=s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb=s->ctx->info_callback;
-
- if (cb != NULL)
- {
- j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1];
- cb(s,SSL_CB_WRITE_ALERT,j);
- }
- }
- return(i);
- }
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
deleted file mode 100644
index 258af84867..0000000000
--- a/src/lib/libssl/s3_srvr.c
+++ /dev/null
@@ -1,1777 +0,0 @@
-/* ssl/s3_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define REUSE_CIPHER_BUG
-#define NETSCAPE_HANG_BUG
-
-
-#include <stdio.h>
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/md5.h>
-#include <openssl/sha.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include "ssl_locl.h"
-
-static SSL_METHOD *ssl3_get_server_method(int ver);
-static int ssl3_get_client_hello(SSL *s);
-static int ssl3_check_client_hello(SSL *s);
-static int ssl3_send_server_hello(SSL *s);
-static int ssl3_send_server_key_exchange(SSL *s);
-static int ssl3_send_certificate_request(SSL *s);
-static int ssl3_send_server_done(SSL *s);
-static int ssl3_get_client_key_exchange(SSL *s);
-static int ssl3_get_client_certificate(SSL *s);
-static int ssl3_get_cert_verify(SSL *s);
-static int ssl3_send_hello_request(SSL *s);
-
-static SSL_METHOD *ssl3_get_server_method(int ver)
- {
- if (ver == SSL3_VERSION)
- return(SSLv3_server_method());
- else
- return(NULL);
- }
-
-SSL_METHOD *SSLv3_server_method(void)
- {
- static int init=1;
- static SSL_METHOD SSLv3_server_data;
-
- if (init)
- {
- memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
- sizeof(SSL_METHOD));
- SSLv3_server_data.ssl_accept=ssl3_accept;
- SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
- init=0;
- }
- return(&SSLv3_server_data);
- }
-
-int ssl3_accept(SSL *s)
- {
- BUF_MEM *buf;
- unsigned long l,Time=time(NULL);
- void (*cb)()=NULL;
- long num1;
- int ret= -1;
- int new_state,state,skip=0;
-
- RAND_add(&Time,sizeof(Time),0);
- ERR_clear_error();
- clear_sys_error();
-
- if (s->info_callback != NULL)
- cb=s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb=s->ctx->info_callback;
-
- /* init things to blank */
- if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
- s->in_handshake++;
-
- if (s->cert == NULL)
- {
- SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
- return(-1);
- }
-
- for (;;)
- {
- state=s->state;
-
- switch (s->state)
- {
- case SSL_ST_RENEGOTIATE:
- s->new_session=1;
- /* s->state=SSL_ST_ACCEPT; */
-
- case SSL_ST_BEFORE:
- case SSL_ST_ACCEPT:
- case SSL_ST_BEFORE|SSL_ST_ACCEPT:
- case SSL_ST_OK|SSL_ST_ACCEPT:
-
- s->server=1;
- if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
-
- if ((s->version>>8) != 3)
- {
- SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_INTERNAL_ERROR);
- return -1;
- }
- s->type=SSL_ST_ACCEPT;
-
- if (s->init_buf == NULL)
- {
- if ((buf=BUF_MEM_new()) == NULL)
- {
- ret= -1;
- goto end;
- }
- if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
- {
- ret= -1;
- goto end;
- }
- s->init_buf=buf;
- }
-
- if (!ssl3_setup_buffers(s))
- {
- ret= -1;
- goto end;
- }
-
- /* Ok, we now need to push on a buffering BIO so that
- * the output is sent in a way that TCP likes :-)
- */
- if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
-
- s->init_num=0;
-
- if (s->state != SSL_ST_RENEGOTIATE)
- {
- ssl3_init_finished_mac(s);
- s->state=SSL3_ST_SR_CLNT_HELLO_A;
- s->ctx->stats.sess_accept++;
- }
- else
- {
- s->ctx->stats.sess_accept_renegotiate++;
- s->state=SSL3_ST_SW_HELLO_REQ_A;
- }
- break;
-
- case SSL3_ST_SW_HELLO_REQ_A:
- case SSL3_ST_SW_HELLO_REQ_B:
-
- s->shutdown=0;
- ret=ssl3_send_hello_request(s);
- if (ret <= 0) goto end;
- s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
- s->state=SSL3_ST_SW_FLUSH;
- s->init_num=0;
-
- ssl3_init_finished_mac(s);
- break;
-
- case SSL3_ST_SW_HELLO_REQ_C:
- s->state=SSL_ST_OK;
- ret=1;
- goto end;
- /* break; */
-
- case SSL3_ST_SR_CLNT_HELLO_A:
- case SSL3_ST_SR_CLNT_HELLO_B:
- case SSL3_ST_SR_CLNT_HELLO_C:
-
- s->shutdown=0;
- ret=ssl3_get_client_hello(s);
- if (ret <= 0) goto end;
- s->state=SSL3_ST_SW_SRVR_HELLO_A;
- s->init_num=0;
- break;
-
- case SSL3_ST_SW_SRVR_HELLO_A:
- case SSL3_ST_SW_SRVR_HELLO_B:
- ret=ssl3_send_server_hello(s);
- if (ret <= 0) goto end;
-
- if (s->hit)
- s->state=SSL3_ST_SW_CHANGE_A;
- else
- s->state=SSL3_ST_SW_CERT_A;
- s->init_num=0;
- break;
-
- case SSL3_ST_SW_CERT_A:
- case SSL3_ST_SW_CERT_B:
- /* Check if it is anon DH */
- if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
- {
- ret=ssl3_send_server_certificate(s);
- if (ret <= 0) goto end;
- }
- else
- skip=1;
- s->state=SSL3_ST_SW_KEY_EXCH_A;
- s->init_num=0;
- break;
-
- case SSL3_ST_SW_KEY_EXCH_A:
- case SSL3_ST_SW_KEY_EXCH_B:
- l=s->s3->tmp.new_cipher->algorithms;
-
- /* clear this, it may get reset by
- * send_server_key_exchange */
- if (s->options & SSL_OP_EPHEMERAL_RSA)
- s->s3->tmp.use_rsa_tmp=1;
- else
- s->s3->tmp.use_rsa_tmp=0;
-
- /* only send if a DH key exchange, fortezza or
- * RSA but we have a sign only certificate */
- if (s->s3->tmp.use_rsa_tmp
- || (l & (SSL_DH|SSL_kFZA))
- || ((l & SSL_kRSA)
- && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
- || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
- && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
- )
- )
- )
- )
- {
- ret=ssl3_send_server_key_exchange(s);
- if (ret <= 0) goto end;
- }
- else
- skip=1;
-
- s->state=SSL3_ST_SW_CERT_REQ_A;
- s->init_num=0;
- break;
-
- case SSL3_ST_SW_CERT_REQ_A:
- case SSL3_ST_SW_CERT_REQ_B:
- if (/* don't request cert unless asked for it: */
- !(s->verify_mode & SSL_VERIFY_PEER) ||
- /* if SSL_VERIFY_CLIENT_ONCE is set,
- * don't request cert during re-negotiation: */
- ((s->session->peer != NULL) &&
- (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
- /* never request cert in anonymous ciphersuites
- * (see section "Certificate request" in SSL 3 drafts
- * and in RFC 2246): */
- ((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
- /* ... except when the application insists on verification
- * (against the specs, but s3_clnt.c accepts this for SSL 3) */
- !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)))
- {
- /* no cert request */
- skip=1;
- s->s3->tmp.cert_request=0;
- s->state=SSL3_ST_SW_SRVR_DONE_A;
- }
- else
- {
- s->s3->tmp.cert_request=1;
- ret=ssl3_send_certificate_request(s);
- if (ret <= 0) goto end;
-#ifndef NETSCAPE_HANG_BUG
- s->state=SSL3_ST_SW_SRVR_DONE_A;
-#else
- s->state=SSL3_ST_SW_FLUSH;
- s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
-#endif
- s->init_num=0;
- }
- break;
-
- case SSL3_ST_SW_SRVR_DONE_A:
- case SSL3_ST_SW_SRVR_DONE_B:
- ret=ssl3_send_server_done(s);
- if (ret <= 0) goto end;
- s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
- s->state=SSL3_ST_SW_FLUSH;
- s->init_num=0;
- break;
-
- case SSL3_ST_SW_FLUSH:
- /* number of bytes to be flushed */
- num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
- if (num1 > 0)
- {
- s->rwstate=SSL_WRITING;
- num1=BIO_flush(s->wbio);
- if (num1 <= 0) { ret= -1; goto end; }
- s->rwstate=SSL_NOTHING;
- }
-
- s->state=s->s3->tmp.next_state;
- break;
-
- case SSL3_ST_SR_CERT_A:
- case SSL3_ST_SR_CERT_B:
- /* Check for second client hello (MS SGC) */
- ret = ssl3_check_client_hello(s);
- if (ret <= 0)
- goto end;
- if (ret == 2)
- s->state = SSL3_ST_SR_CLNT_HELLO_C;
- else {
- /* could be sent for a DH cert, even if we
- * have not asked for it :-) */
- ret=ssl3_get_client_certificate(s);
- if (ret <= 0) goto end;
- s->init_num=0;
- s->state=SSL3_ST_SR_KEY_EXCH_A;
- }
- break;
-
- case SSL3_ST_SR_KEY_EXCH_A:
- case SSL3_ST_SR_KEY_EXCH_B:
- ret=ssl3_get_client_key_exchange(s);
- if (ret <= 0) goto end;
- s->state=SSL3_ST_SR_CERT_VRFY_A;
- s->init_num=0;
-
- /* We need to get hashes here so if there is
- * a client cert, it can be verified */
- s->method->ssl3_enc->cert_verify_mac(s,
- &(s->s3->finish_dgst1),
- &(s->s3->tmp.cert_verify_md[0]));
- s->method->ssl3_enc->cert_verify_mac(s,
- &(s->s3->finish_dgst2),
- &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
-
- break;
-
- case SSL3_ST_SR_CERT_VRFY_A:
- case SSL3_ST_SR_CERT_VRFY_B:
-
- /* we should decide if we expected this one */
- ret=ssl3_get_cert_verify(s);
- if (ret <= 0) goto end;
-
- s->state=SSL3_ST_SR_FINISHED_A;
- s->init_num=0;
- break;
-
- case SSL3_ST_SR_FINISHED_A:
- case SSL3_ST_SR_FINISHED_B:
- ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
- SSL3_ST_SR_FINISHED_B);
- if (ret <= 0) goto end;
- if (s->hit)
- s->state=SSL_ST_OK;
- else
- s->state=SSL3_ST_SW_CHANGE_A;
- s->init_num=0;
- break;
-
- case SSL3_ST_SW_CHANGE_A:
- case SSL3_ST_SW_CHANGE_B:
-
- s->session->cipher=s->s3->tmp.new_cipher;
- if (!s->method->ssl3_enc->setup_key_block(s))
- { ret= -1; goto end; }
-
- ret=ssl3_send_change_cipher_spec(s,
- SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
-
- if (ret <= 0) goto end;
- s->state=SSL3_ST_SW_FINISHED_A;
- s->init_num=0;
-
- if (!s->method->ssl3_enc->change_cipher_state(s,
- SSL3_CHANGE_CIPHER_SERVER_WRITE))
- {
- ret= -1;
- goto end;
- }
-
- break;
-
- case SSL3_ST_SW_FINISHED_A:
- case SSL3_ST_SW_FINISHED_B:
- ret=ssl3_send_finished(s,
- SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B,
- s->method->ssl3_enc->server_finished_label,
- s->method->ssl3_enc->server_finished_label_len);
- if (ret <= 0) goto end;
- s->state=SSL3_ST_SW_FLUSH;
- if (s->hit)
- s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
- else
- s->s3->tmp.next_state=SSL_ST_OK;
- s->init_num=0;
- break;
-
- case SSL_ST_OK:
- /* clean a few things up */
- ssl3_cleanup_key_block(s);
-
- BUF_MEM_free(s->init_buf);
- s->init_buf=NULL;
-
- /* remove buffering on output */
- ssl_free_wbio_buffer(s);
-
- s->new_session=0;
- s->init_num=0;
-
- ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
-
- s->ctx->stats.sess_accept_good++;
- /* s->server=1; */
- s->handshake_func=ssl3_accept;
- ret=1;
-
- if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
-
- goto end;
- /* break; */
-
- default:
- SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE);
- ret= -1;
- goto end;
- /* break; */
- }
-
- if (!s->s3->tmp.reuse_message && !skip)
- {
- if (s->debug)
- {
- if ((ret=BIO_flush(s->wbio)) <= 0)
- goto end;
- }
-
-
- if ((cb != NULL) && (s->state != state))
- {
- new_state=s->state;
- s->state=state;
- cb(s,SSL_CB_ACCEPT_LOOP,1);
- s->state=new_state;
- }
- }
- skip=0;
- }
-end:
- /* BIO_flush(s->wbio); */
-
- if (cb != NULL)
- cb(s,SSL_CB_ACCEPT_EXIT,ret);
- s->in_handshake--;
- return(ret);
- }
-
-static int ssl3_send_hello_request(SSL *s)
- {
- unsigned char *p;
-
- if (s->state == SSL3_ST_SW_HELLO_REQ_A)
- {
- p=(unsigned char *)s->init_buf->data;
- *(p++)=SSL3_MT_HELLO_REQUEST;
- *(p++)=0;
- *(p++)=0;
- *(p++)=0;
-
- s->state=SSL3_ST_SW_HELLO_REQ_B;
- /* number of bytes to write */
- s->init_num=4;
- s->init_off=0;
- }
-
- /* SSL3_ST_SW_HELLO_REQ_B */
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
- }
-
-static int ssl3_check_client_hello(SSL *s)
- {
- int ok;
- long n;
-
- n=ssl3_get_message(s,
- SSL3_ST_SR_CERT_A,
- SSL3_ST_SR_CERT_B,
- -1,
- SSL3_RT_MAX_PLAIN_LENGTH,
- &ok);
- if (!ok) return((int)n);
- s->s3->tmp.reuse_message = 1;
- if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
- {
- /* Throw away what we have done so far in the current handshake,
- * which will now be aborted. (A full SSL_clear would be too much.)
- * I hope that tmp.dh is the only thing that may need to be cleared
- * when a handshake is not completed ... */
-#ifndef NO_DH
- if (s->s3->tmp.dh != NULL)
- {
- DH_free(s->s3->tmp.dh);
- s->s3->tmp.dh = NULL;
- }
-#endif
- return 2;
- }
- return 1;
-}
-
-static int ssl3_get_client_hello(SSL *s)
- {
- int i,j,ok,al,ret= -1;
- long n;
- unsigned long id;
- unsigned char *p,*d,*q;
- SSL_CIPHER *c;
- SSL_COMP *comp=NULL;
- STACK_OF(SSL_CIPHER) *ciphers=NULL;
-
- /* We do this so that we will respond with our native type.
- * If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
- * This down switching should be handled by a different method.
- * If we are SSLv3, we will respond with SSLv3, even if prompted with
- * TLSv1.
- */
- if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
- {
- s->first_packet=1;
- s->state=SSL3_ST_SR_CLNT_HELLO_B;
- }
- n=ssl3_get_message(s,
- SSL3_ST_SR_CLNT_HELLO_B,
- SSL3_ST_SR_CLNT_HELLO_C,
- SSL3_MT_CLIENT_HELLO,
- SSL3_RT_MAX_PLAIN_LENGTH,
- &ok);
-
- if (!ok) return((int)n);
- d=p=(unsigned char *)s->init_buf->data;
-
- /* use version from inside client hello, not from record header
- * (may differ: see RFC 2246, Appendix E, second paragraph) */
- s->client_version=(((int)p[0])<<8)|(int)p[1];
- p+=2;
-
- /* load the client random */
- memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE);
- p+=SSL3_RANDOM_SIZE;
-
- /* get the session-id */
- j= *(p++);
-
- s->hit=0;
- if (j == 0)
- {
- if (!ssl_get_new_session(s,1))
- goto err;
- }
- else
- {
- i=ssl_get_prev_session(s,p,j);
- if (i == 1)
- { /* previous session */
- s->hit=1;
- }
- else if (i == -1)
- goto err;
- else /* i == 0 */
- {
- if (!ssl_get_new_session(s,1))
- goto err;
- }
- }
-
- p+=j;
- n2s(p,i);
- if ((i == 0) && (j != 0))
- {
- /* we need a cipher if we are not resuming a session */
- al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
- goto f_err;
- }
- if ((i+p) > (d+n))
- {
- /* not enough data */
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- if ((i > 0) && (ssl_bytes_to_cipher_list(s,p,i,&(ciphers))
- == NULL))
- {
- goto err;
- }
- p+=i;
-
- /* If it is a hit, check that the cipher is in the list */
- if ((s->hit) && (i > 0))
- {
- j=0;
- id=s->session->cipher->id;
-
-#ifdef CIPHER_DEBUG
- printf("client sent %d ciphers\n",sk_num(ciphers));
-#endif
- for (i=0; i<sk_SSL_CIPHER_num(ciphers); i++)
- {
- c=sk_SSL_CIPHER_value(ciphers,i);
-#ifdef CIPHER_DEBUG
- printf("client [%2d of %2d]:%s\n",
- i,sk_num(ciphers),SSL_CIPHER_get_name(c));
-#endif
- if (c->id == id)
- {
- j=1;
- break;
- }
- }
- if (j == 0)
- {
- if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
- {
- /* Very bad for multi-threading.... */
- s->session->cipher=sk_SSL_CIPHER_value(ciphers,
- 0);
- }
- else
- {
- /* we need to have the cipher in the cipher
- * list if we are asked to reuse it */
- al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
- goto f_err;
- }
- }
- }
-
- /* compression */
- i= *(p++);
- q=p;
- for (j=0; j<i; j++)
- {
- if (p[j] == 0) break;
- }
-
- p+=i;
- if (j >= i)
- {
- /* no compress */
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_COMPRESSION_SPECIFIED);
- goto f_err;
- }
-
- /* Worst case, we will use the NULL compression, but if we have other
- * options, we will now look for them. We have i-1 compression
- * algorithms from the client, starting at q. */
- s->s3->tmp.new_compression=NULL;
- if (s->ctx->comp_methods != NULL)
- { /* See if we have a match */
- int m,nn,o,v,done=0;
-
- nn=sk_SSL_COMP_num(s->ctx->comp_methods);
- for (m=0; m<nn; m++)
- {
- comp=sk_SSL_COMP_value(s->ctx->comp_methods,m);
- v=comp->id;
- for (o=0; o<i; o++)
- {
- if (v == q[o])
- {
- done=1;
- break;
- }
- }
- if (done) break;
- }
- if (done)
- s->s3->tmp.new_compression=comp;
- else
- comp=NULL;
- }
-
- /* TLS does not mind if there is extra stuff */
- if (s->version == SSL3_VERSION)
- {
- if (p > (d+n))
- {
- /* wrong number of bytes,
- * there could be more to follow */
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- }
-
- /* Given s->session->ciphers and ssl_get_ciphers_by_id(s), we must
- * pick a cipher */
-
- if (!s->hit)
- {
- s->session->compress_meth=(comp == NULL)?0:comp->id;
- if (s->session->ciphers != NULL)
- sk_SSL_CIPHER_free(s->session->ciphers);
- s->session->ciphers=ciphers;
- if (ciphers == NULL)
- {
- al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED);
- goto f_err;
- }
- ciphers=NULL;
- c=ssl3_choose_cipher(s,s->session->ciphers,
- ssl_get_ciphers_by_id(s));
-
- if (c == NULL)
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER);
- goto f_err;
- }
- s->s3->tmp.new_cipher=c;
- }
- else
- {
- /* Session-id reuse */
-#ifdef REUSE_CIPHER_BUG
- STACK_OF(SSL_CIPHER) *sk;
- SSL_CIPHER *nc=NULL;
- SSL_CIPHER *ec=NULL;
-
- if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
- {
- sk=s->session->ciphers;
- for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
- {
- c=sk_SSL_CIPHER_value(sk,i);
- if (c->algorithms & SSL_eNULL)
- nc=c;
- if (SSL_C_IS_EXPORT(c))
- ec=c;
- }
- if (nc != NULL)
- s->s3->tmp.new_cipher=nc;
- else if (ec != NULL)
- s->s3->tmp.new_cipher=ec;
- else
- s->s3->tmp.new_cipher=s->session->cipher;
- }
- else
-#endif
- s->s3->tmp.new_cipher=s->session->cipher;
- }
-
- /* we now have the following setup.
- * client_random
- * cipher_list - our prefered list of ciphers
- * ciphers - the clients prefered list of ciphers
- * compression - basically ignored right now
- * ssl version is set - sslv3
- * s->session - The ssl session has been setup.
- * s->hit - session reuse flag
- * s->tmp.new_cipher - the new cipher to use.
- */
-
- ret=1;
- if (0)
- {
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
- }
-err:
- if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers);
- return(ret);
- }
-
-static int ssl3_send_server_hello(SSL *s)
- {
- unsigned char *buf;
- unsigned char *p,*d;
- int i,sl;
- unsigned long l,Time;
-
- if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
- {
- buf=(unsigned char *)s->init_buf->data;
- p=s->s3->server_random;
- Time=time(NULL); /* Time */
- l2n(Time,p);
- RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
- /* Do the message type and length last */
- d=p= &(buf[4]);
-
- *(p++)=s->version>>8;
- *(p++)=s->version&0xff;
-
- /* Random stuff */
- memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
- p+=SSL3_RANDOM_SIZE;
-
- /* now in theory we have 3 options to sending back the
- * session id. If it is a re-use, we send back the
- * old session-id, if it is a new session, we send
- * back the new session-id or we send back a 0 length
- * session-id if we want it to be single use.
- * Currently I will not implement the '0' length session-id
- * 12-Jan-98 - I'll now support the '0' length stuff.
- */
- if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER))
- s->session->session_id_length=0;
-
- sl=s->session->session_id_length;
- *(p++)=sl;
- memcpy(p,s->session->session_id,sl);
- p+=sl;
-
- /* put the cipher */
- i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p);
- p+=i;
-
- /* put the compression method */
- if (s->s3->tmp.new_compression == NULL)
- *(p++)=0;
- else
- *(p++)=s->s3->tmp.new_compression->id;
-
- /* do the header */
- l=(p-d);
- d=buf;
- *(d++)=SSL3_MT_SERVER_HELLO;
- l2n3(l,d);
-
- s->state=SSL3_ST_CW_CLNT_HELLO_B;
- /* number of bytes to write */
- s->init_num=p-buf;
- s->init_off=0;
- }
-
- /* SSL3_ST_CW_CLNT_HELLO_B */
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
- }
-
-static int ssl3_send_server_done(SSL *s)
- {
- unsigned char *p;
-
- if (s->state == SSL3_ST_SW_SRVR_DONE_A)
- {
- p=(unsigned char *)s->init_buf->data;
-
- /* do the header */
- *(p++)=SSL3_MT_SERVER_DONE;
- *(p++)=0;
- *(p++)=0;
- *(p++)=0;
-
- s->state=SSL3_ST_SW_SRVR_DONE_B;
- /* number of bytes to write */
- s->init_num=4;
- s->init_off=0;
- }
-
- /* SSL3_ST_CW_CLNT_HELLO_B */
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
- }
-
-static int ssl3_send_server_key_exchange(SSL *s)
- {
-#ifndef NO_RSA
- unsigned char *q;
- int j,num;
- RSA *rsa;
- unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
- unsigned int u;
-#endif
-#ifndef NO_DH
- DH *dh=NULL,*dhp;
-#endif
- EVP_PKEY *pkey;
- unsigned char *p,*d;
- int al,i;
- unsigned long type;
- int n;
- CERT *cert;
- BIGNUM *r[4];
- int nr[4],kn;
- BUF_MEM *buf;
- EVP_MD_CTX md_ctx;
-
- if (s->state == SSL3_ST_SW_KEY_EXCH_A)
- {
- type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
- cert=s->cert;
-
- buf=s->init_buf;
-
- r[0]=r[1]=r[2]=r[3]=NULL;
- n=0;
-#ifndef NO_RSA
- if (type & SSL_kRSA)
- {
- rsa=cert->rsa_tmp;
- if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL))
- {
- rsa=s->cert->rsa_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
- if(rsa == NULL)
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
- goto f_err;
- }
- CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
- cert->rsa_tmp=rsa;
- }
- if (rsa == NULL)
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);
- goto f_err;
- }
- r[0]=rsa->n;
- r[1]=rsa->e;
- s->s3->tmp.use_rsa_tmp=1;
- }
- else
-#endif
-#ifndef NO_DH
- if (type & SSL_kEDH)
- {
- dhp=cert->dh_tmp;
- if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
- dhp=s->cert->dh_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
- if (dhp == NULL)
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
- goto f_err;
- }
-
- if (s->s3->tmp.dh != NULL)
- {
- DH_free(dh);
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, SSL_R_INTERNAL_ERROR);
- goto err;
- }
-
- if ((dh=DHparams_dup(dhp)) == NULL)
- {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
- goto err;
- }
-
- s->s3->tmp.dh=dh;
- if ((dhp->pub_key == NULL ||
- dhp->priv_key == NULL ||
- (s->options & SSL_OP_SINGLE_DH_USE)))
- {
- if(!DH_generate_key(dh))
- {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- ERR_R_DH_LIB);
- goto err;
- }
- }
- else
- {
- dh->pub_key=BN_dup(dhp->pub_key);
- dh->priv_key=BN_dup(dhp->priv_key);
- if ((dh->pub_key == NULL) ||
- (dh->priv_key == NULL))
- {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
- goto err;
- }
- }
- r[0]=dh->p;
- r[1]=dh->g;
- r[2]=dh->pub_key;
- }
- else
-#endif
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
- goto f_err;
- }
- for (i=0; r[i] != NULL; i++)
- {
- nr[i]=BN_num_bytes(r[i]);
- n+=2+nr[i];
- }
-
- if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
- {
- if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
- == NULL)
- {
- al=SSL_AD_DECODE_ERROR;
- goto f_err;
- }
- kn=EVP_PKEY_size(pkey);
- }
- else
- {
- pkey=NULL;
- kn=0;
- }
-
- if (!BUF_MEM_grow(buf,n+4+kn))
- {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF);
- goto err;
- }
- d=(unsigned char *)s->init_buf->data;
- p= &(d[4]);
-
- for (i=0; r[i] != NULL; i++)
- {
- s2n(nr[i],p);
- BN_bn2bin(r[i],p);
- p+=nr[i];
- }
-
- /* not anonymous */
- if (pkey != NULL)
- {
- /* n is the length of the params, they start at &(d[4])
- * and p points to the space at the end. */
-#ifndef NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
- {
- q=md_buf;
- j=0;
- for (num=2; num > 0; num--)
- {
- EVP_DigestInit(&md_ctx,(num == 2)
- ?s->ctx->md5:s->ctx->sha1);
- EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
- EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
- EVP_DigestUpdate(&md_ctx,&(d[4]),n);
- EVP_DigestFinal(&md_ctx,q,
- (unsigned int *)&i);
- q+=i;
- j+=i;
- }
- if (RSA_sign(NID_md5_sha1, md_buf, j,
- &(p[2]), &u, pkey->pkey.rsa) <= 0)
- {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA);
- goto err;
- }
- s2n(u,p);
- n+=u+2;
- }
- else
-#endif
-#if !defined(NO_DSA)
- if (pkey->type == EVP_PKEY_DSA)
- {
- /* lets do DSS */
- EVP_SignInit(&md_ctx,EVP_dss1());
- EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
- EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
- EVP_SignUpdate(&md_ctx,&(d[4]),n);
- if (!EVP_SignFinal(&md_ctx,&(p[2]),
- (unsigned int *)&i,pkey))
- {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
- goto err;
- }
- s2n(i,p);
- n+=i+2;
- }
- else
-#endif
- {
- /* Is this error check actually needed? */
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE);
- goto f_err;
- }
- }
-
- *(d++)=SSL3_MT_SERVER_KEY_EXCHANGE;
- l2n3(n,d);
-
- /* we should now have things packed up, so lets send
- * it off */
- s->init_num=n+4;
- s->init_off=0;
- }
-
- s->state = SSL3_ST_SW_KEY_EXCH_B;
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
-err:
- return(-1);
- }
-
-static int ssl3_send_certificate_request(SSL *s)
- {
- unsigned char *p,*d;
- int i,j,nl,off,n;
- STACK_OF(X509_NAME) *sk=NULL;
- X509_NAME *name;
- BUF_MEM *buf;
-
- if (s->state == SSL3_ST_SW_CERT_REQ_A)
- {
- buf=s->init_buf;
-
- d=p=(unsigned char *)&(buf->data[4]);
-
- /* get the list of acceptable cert types */
- p++;
- n=ssl3_get_req_cert_type(s,p);
- d[0]=n;
- p+=n;
- n++;
-
- off=n;
- p+=2;
- n+=2;
-
- sk=SSL_get_client_CA_list(s);
- nl=0;
- if (sk != NULL)
- {
- for (i=0; i<sk_X509_NAME_num(sk); i++)
- {
- name=sk_X509_NAME_value(sk,i);
- j=i2d_X509_NAME(name,NULL);
- if (!BUF_MEM_grow(buf,4+n+j+2))
- {
- SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);
- goto err;
- }
- p=(unsigned char *)&(buf->data[4+n]);
- if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
- {
- s2n(j,p);
- i2d_X509_NAME(name,&p);
- n+=2+j;
- nl+=2+j;
- }
- else
- {
- d=p;
- i2d_X509_NAME(name,&p);
- j-=2; s2n(j,d); j+=2;
- n+=j;
- nl+=j;
- }
- }
- }
- /* else no CA names */
- p=(unsigned char *)&(buf->data[4+off]);
- s2n(nl,p);
-
- d=(unsigned char *)buf->data;
- *(d++)=SSL3_MT_CERTIFICATE_REQUEST;
- l2n3(n,d);
-
- /* we should now have things packed up, so lets send
- * it off */
-
- s->init_num=n+4;
- s->init_off=0;
-#ifdef NETSCAPE_HANG_BUG
- p=(unsigned char *)s->init_buf->data + s->init_num;
-
- /* do the header */
- *(p++)=SSL3_MT_SERVER_DONE;
- *(p++)=0;
- *(p++)=0;
- *(p++)=0;
- s->init_num += 4;
-#endif
-
- }
-
- /* SSL3_ST_SW_CERT_REQ_B */
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
-err:
- return(-1);
- }
-
-static int ssl3_get_client_key_exchange(SSL *s)
- {
- int i,al,ok;
- long n;
- unsigned long l;
- unsigned char *p;
-#ifndef NO_RSA
- RSA *rsa=NULL;
- EVP_PKEY *pkey=NULL;
-#endif
-#ifndef NO_DH
- BIGNUM *pub=NULL;
- DH *dh_srvr;
-#endif
-
- n=ssl3_get_message(s,
- SSL3_ST_SR_KEY_EXCH_A,
- SSL3_ST_SR_KEY_EXCH_B,
- SSL3_MT_CLIENT_KEY_EXCHANGE,
- 400, /* ???? */
- &ok);
-
- if (!ok) return((int)n);
- p=(unsigned char *)s->init_buf->data;
-
- l=s->s3->tmp.new_cipher->algorithms;
-
-#ifndef NO_RSA
- if (l & SSL_kRSA)
- {
- /* FIX THIS UP EAY EAY EAY EAY */
- if (s->s3->tmp.use_rsa_tmp)
- {
- if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL))
- rsa=s->cert->rsa_tmp;
- /* Don't do a callback because rsa_tmp should
- * be sent already */
- if (rsa == NULL)
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY);
- goto f_err;
-
- }
- }
- else
- {
- pkey=s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
- if ( (pkey == NULL) ||
- (pkey->type != EVP_PKEY_RSA) ||
- (pkey->pkey.rsa == NULL))
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
- goto f_err;
- }
- rsa=pkey->pkey.rsa;
- }
-
- /* TLS */
- if (s->version > SSL3_VERSION)
- {
- n2s(p,i);
- if (n != i+2)
- {
- if (!(s->options & SSL_OP_TLS_D5_BUG))
- {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
- goto err;
- }
- else
- p-=2;
- }
- else
- n=i;
- }
-
- i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING);
-
- al = -1;
-
- if (i != SSL_MAX_MASTER_KEY_LENGTH)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
- }
-
- if ((al == -1) && !((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))
- {
- /* The premaster secret must contain the same version number as the
- * ClientHello to detect version rollback attacks (strangely, the
- * protocol does not offer such protection for DH ciphersuites).
- * However, buggy clients exist that send the negotiated protocol
- * version instead if the server does not support the requested
- * protocol version.
- * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */
- if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&
- (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff))))
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER);
- goto f_err;
- }
- }
-
- if (al != -1)
- {
-#if 0
- goto f_err;
-#else
- /* Some decryption failure -- use random value instead as countermeasure
- * against Bleichenbacher's attack on PKCS #1 v1.5 RSA padding
- * (see RFC 2246, section 7.4.7.1).
- * But note that due to length and protocol version checking, the
- * attack is impractical anyway (see section 5 in D. Bleichenbacher:
- * "Chosen Ciphertext Attacks Against Protocols Based on the RSA
- * Encryption Standard PKCS #1", CRYPTO '98, LNCS 1462, pp. 1-12).
- */
- ERR_clear_error();
- i = SSL_MAX_MASTER_KEY_LENGTH;
- p[0] = s->client_version >> 8;
- p[1] = s->client_version & 0xff;
- RAND_pseudo_bytes(p+2, i-2); /* should be RAND_bytes, but we cannot work around a failure */
-#endif
- }
-
- s->session->master_key_length=
- s->method->ssl3_enc->generate_master_secret(s,
- s->session->master_key,
- p,i);
- memset(p,0,i);
- }
- else
-#endif
-#ifndef NO_DH
- if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
- {
- n2s(p,i);
- if (n != i+2)
- {
- if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG))
- {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
- goto err;
- }
- else
- {
- p-=2;
- i=(int)n;
- }
- }
-
- if (n == 0L) /* the parameters are in the cert */
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS);
- goto f_err;
- }
- else
- {
- if (s->s3->tmp.dh == NULL)
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
- goto f_err;
- }
- else
- dh_srvr=s->s3->tmp.dh;
- }
-
- pub=BN_bin2bn(p,i,NULL);
- if (pub == NULL)
- {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB);
- goto err;
- }
-
- i=DH_compute_key(p,pub,dh_srvr);
-
- if (i <= 0)
- {
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
- goto err;
- }
-
- DH_free(s->s3->tmp.dh);
- s->s3->tmp.dh=NULL;
-
- BN_clear_free(pub);
- pub=NULL;
- s->session->master_key_length=
- s->method->ssl3_enc->generate_master_secret(s,
- s->session->master_key,p,i);
- memset(p,0,i);
- }
- else
-#endif
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNKNOWN_CIPHER_TYPE);
- goto f_err;
- }
-
- return(1);
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
-#if !defined(NO_DH) || !defined(NO_RSA)
-err:
-#endif
- return(-1);
- }
-
-static int ssl3_get_cert_verify(SSL *s)
- {
- EVP_PKEY *pkey=NULL;
- unsigned char *p;
- int al,ok,ret=0;
- long n;
- int type=0,i,j;
- X509 *peer;
-
- n=ssl3_get_message(s,
- SSL3_ST_SR_CERT_VRFY_A,
- SSL3_ST_SR_CERT_VRFY_B,
- -1,
- 512, /* 512? */
- &ok);
-
- if (!ok) return((int)n);
-
- if (s->session->peer != NULL)
- {
- peer=s->session->peer;
- pkey=X509_get_pubkey(peer);
- type=X509_certificate_type(peer,pkey);
- }
- else
- {
- peer=NULL;
- pkey=NULL;
- }
-
- if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY)
- {
- s->s3->tmp.reuse_message=1;
- if ((peer != NULL) && (type | EVP_PKT_SIGN))
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);
- goto f_err;
- }
- ret=1;
- goto end;
- }
-
- if (peer == NULL)
- {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED);
- al=SSL_AD_UNEXPECTED_MESSAGE;
- goto f_err;
- }
-
- if (!(type & EVP_PKT_SIGN))
- {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
- al=SSL_AD_ILLEGAL_PARAMETER;
- goto f_err;
- }
-
- if (s->s3->change_cipher_spec)
- {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
- al=SSL_AD_UNEXPECTED_MESSAGE;
- goto f_err;
- }
-
- /* we now have a signature that we need to verify */
- p=(unsigned char *)s->init_buf->data;
- n2s(p,i);
- n-=2;
- if (i > n)
- {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH);
- al=SSL_AD_DECODE_ERROR;
- goto f_err;
- }
-
- j=EVP_PKEY_size(pkey);
- if ((i > j) || (n > j) || (n <= 0))
- {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE);
- al=SSL_AD_DECODE_ERROR;
- goto f_err;
- }
-
-#ifndef NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
- {
- i=RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
- MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, p, i,
- pkey->pkey.rsa);
- if (i < 0)
- {
- al=SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT);
- goto f_err;
- }
- if (i == 0)
- {
- al=SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE);
- goto f_err;
- }
- }
- else
-#endif
-#ifndef NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- {
- j=DSA_verify(pkey->save_type,
- &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
- SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
- if (j <= 0)
- {
- /* bad signature */
- al=SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE);
- goto f_err;
- }
- }
- else
-#endif
- {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_INTERNAL_ERROR);
- al=SSL_AD_UNSUPPORTED_CERTIFICATE;
- goto f_err;
- }
-
-
- ret=1;
- if (0)
- {
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
- }
-end:
- EVP_PKEY_free(pkey);
- return(ret);
- }
-
-static int ssl3_get_client_certificate(SSL *s)
- {
- int i,ok,al,ret= -1;
- X509 *x=NULL;
- unsigned long l,nc,llen,n;
- unsigned char *p,*d,*q;
- STACK_OF(X509) *sk=NULL;
-
- n=ssl3_get_message(s,
- SSL3_ST_SR_CERT_A,
- SSL3_ST_SR_CERT_B,
- -1,
-#if defined(MSDOS) && !defined(WIN32)
- 1024*30, /* 30k max cert list :-) */
-#else
- 1024*100, /* 100k max cert list :-) */
-#endif
- &ok);
-
- if (!ok) return((int)n);
-
- if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE)
- {
- if ( (s->verify_mode & SSL_VERIFY_PEER) &&
- (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
- {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
- al=SSL_AD_HANDSHAKE_FAILURE;
- goto f_err;
- }
- /* If tls asked for a client cert, the client must return a 0 list */
- if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request)
- {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
- al=SSL_AD_UNEXPECTED_MESSAGE;
- goto f_err;
- }
- s->s3->tmp.reuse_message=1;
- return(1);
- }
-
- if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);
- goto f_err;
- }
- d=p=(unsigned char *)s->init_buf->data;
-
- if ((sk=sk_X509_new_null()) == NULL)
- {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- n2l3(p,llen);
- if (llen+3 != n)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- for (nc=0; nc<llen; )
- {
- n2l3(p,l);
- if ((l+nc+3) > llen)
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
- goto f_err;
- }
-
- q=p;
- x=d2i_X509(NULL,&p,l);
- if (x == NULL)
- {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_ASN1_LIB);
- goto err;
- }
- if (p != (q+l))
- {
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
- goto f_err;
- }
- if (!sk_X509_push(sk,x))
- {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- x=NULL;
- nc+=l+3;
- }
-
- if (sk_X509_num(sk) <= 0)
- {
- /* TLS does not mind 0 certs returned */
- if (s->version == SSL3_VERSION)
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_RETURNED);
- goto f_err;
- }
- /* Fail for TLS only if we required a certificate */
- else if ((s->verify_mode & SSL_VERIFY_PEER) &&
- (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
- {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
- al=SSL_AD_HANDSHAKE_FAILURE;
- goto f_err;
- }
- }
- else
- {
- i=ssl_verify_cert_chain(s,sk);
- if (!i)
- {
- al=ssl_verify_alarm_type(s->verify_result);
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
- goto f_err;
- }
- }
-
- if (s->session->peer != NULL) /* This should not be needed */
- X509_free(s->session->peer);
- s->session->peer=sk_X509_shift(sk);
- s->session->verify_result = s->verify_result;
-
- /* With the current implementation, sess_cert will always be NULL
- * when we arrive here. */
- if (s->session->sess_cert == NULL)
- {
- s->session->sess_cert = ssl_sess_cert_new();
- if (s->session->sess_cert == NULL)
- {
- SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
- if (s->session->sess_cert->cert_chain != NULL)
- sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
- s->session->sess_cert->cert_chain=sk;
- /* Inconsistency alert: cert_chain does *not* include the
- * peer's own certificate, while we do include it in s3_clnt.c */
-
- sk=NULL;
-
- ret=1;
- if (0)
- {
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
- }
-err:
- if (x != NULL) X509_free(x);
- if (sk != NULL) sk_X509_pop_free(sk,X509_free);
- return(ret);
- }
-
-int ssl3_send_server_certificate(SSL *s)
- {
- unsigned long l;
- X509 *x;
-
- if (s->state == SSL3_ST_SW_CERT_A)
- {
- x=ssl_get_server_send_cert(s);
- if (x == NULL)
- {
- SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,SSL_R_INTERNAL_ERROR);
- return(0);
- }
-
- l=ssl3_output_cert_chain(s,x);
- s->state=SSL3_ST_SW_CERT_B;
- s->init_num=(int)l;
- s->init_off=0;
- }
-
- /* SSL3_ST_SW_CERT_B */
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
- }
diff --git a/src/lib/libssl/shlib_version b/src/lib/libssl/shlib_version
deleted file mode 100644
index 900b4048a9..0000000000
--- a/src/lib/libssl/shlib_version
+++ /dev/null
@@ -1,2 +0,0 @@
-major=5
-minor=1
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
deleted file mode 100644
index 9de9e611ab..0000000000
--- a/src/lib/libssl/ssl.h
+++ /dev/null
@@ -1,1566 +0,0 @@
-/* ssl/ssl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL_H
-#define HEADER_SSL_H
-
-#ifndef NO_COMP
-#include <openssl/comp.h>
-#endif
-#ifndef NO_BIO
-#include <openssl/bio.h>
-#endif
-#ifndef NO_X509
-#include <openssl/x509.h>
-#endif
-#include <openssl/safestack.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* SSLeay version number for ASN.1 encoding of the session information */
-/* Version 0 - initial version
- * Version 1 - added the optional peer certificate
- */
-#define SSL_SESSION_ASN1_VERSION 0x0001
-
-/* text strings for the ciphers */
-#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5
-#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5
-#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
-#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5
-#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
-#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5
-#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5
-#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA
-#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
-#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
-
-#define SSL_MAX_SSL_SESSION_ID_LENGTH 32
-#define SSL_MAX_SID_CTX_LENGTH 32
-
-#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
-#define SSL_MAX_KEY_ARG_LENGTH 8
-#define SSL_MAX_MASTER_KEY_LENGTH 48
-
-/* These are used to specify which ciphers to use and not to use */
-#define SSL_TXT_LOW "LOW"
-#define SSL_TXT_MEDIUM "MEDIUM"
-#define SSL_TXT_HIGH "HIGH"
-#define SSL_TXT_kFZA "kFZA"
-#define SSL_TXT_aFZA "aFZA"
-#define SSL_TXT_eFZA "eFZA"
-#define SSL_TXT_FZA "FZA"
-
-#define SSL_TXT_aNULL "aNULL"
-#define SSL_TXT_eNULL "eNULL"
-#define SSL_TXT_NULL "NULL"
-
-#define SSL_TXT_kRSA "kRSA"
-#define SSL_TXT_kDHr "kDHr"
-#define SSL_TXT_kDHd "kDHd"
-#define SSL_TXT_kEDH "kEDH"
-#define SSL_TXT_aRSA "aRSA"
-#define SSL_TXT_aDSS "aDSS"
-#define SSL_TXT_aDH "aDH"
-#define SSL_TXT_DSS "DSS"
-#define SSL_TXT_DH "DH"
-#define SSL_TXT_EDH "EDH"
-#define SSL_TXT_ADH "ADH"
-#define SSL_TXT_RSA "RSA"
-#define SSL_TXT_DES "DES"
-#define SSL_TXT_3DES "3DES"
-#define SSL_TXT_RC4 "RC4"
-#define SSL_TXT_RC2 "RC2"
-#define SSL_TXT_IDEA "IDEA"
-#define SSL_TXT_MD5 "MD5"
-#define SSL_TXT_SHA1 "SHA1"
-#define SSL_TXT_SHA "SHA"
-#define SSL_TXT_EXP "EXP"
-#define SSL_TXT_EXPORT "EXPORT"
-#define SSL_TXT_EXP40 "EXPORT40"
-#define SSL_TXT_EXP56 "EXPORT56"
-#define SSL_TXT_SSLV2 "SSLv2"
-#define SSL_TXT_SSLV3 "SSLv3"
-#define SSL_TXT_TLSV1 "TLSv1"
-#define SSL_TXT_ALL "ALL"
-
-/* 'DEFAULT' at the start of the cipher list insert the following string
- * in addition to this being the default cipher string */
-#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH"
-
-/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
-#define SSL_SENT_SHUTDOWN 1
-#define SSL_RECEIVED_SHUTDOWN 2
-
-#ifdef __cplusplus
-}
-#endif
-
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if (defined(NO_RSA) || defined(NO_MD5)) && !defined(NO_SSL2)
-#define NO_SSL2
-#endif
-
-#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
-#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
-
-/* This is needed to stop compilers complaining about the
- * 'struct ssl_st *' function parameters used to prototype callbacks
- * in SSL_CTX. */
-typedef struct ssl_st *ssl_crock_st;
-
-/* used to hold info on the particular ciphers used */
-typedef struct ssl_cipher_st
- {
- int valid;
- const char *name; /* text name */
- unsigned long id; /* id, 4 bytes, first is version */
- unsigned long algorithms; /* what ciphers are used */
- unsigned long algo_strength; /* strength and export flags */
- unsigned long algorithm2; /* Extra flags */
- int strength_bits; /* Number of bits really used */
- int alg_bits; /* Number of bits for algorithm */
- unsigned long mask; /* used for matching */
- unsigned long mask_strength; /* also used for matching */
- } SSL_CIPHER;
-
-DECLARE_STACK_OF(SSL_CIPHER)
-
-typedef struct ssl_st SSL;
-typedef struct ssl_ctx_st SSL_CTX;
-
-/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
-typedef struct ssl_method_st
- {
- int version;
- int (*ssl_new)(SSL *s);
- void (*ssl_clear)(SSL *s);
- void (*ssl_free)(SSL *s);
- int (*ssl_accept)(SSL *s);
- int (*ssl_connect)(SSL *s);
- int (*ssl_read)(SSL *s,void *buf,int len);
- int (*ssl_peek)(SSL *s,void *buf,int len);
- int (*ssl_write)(SSL *s,const void *buf,int len);
- int (*ssl_shutdown)(SSL *s);
- int (*ssl_renegotiate)(SSL *s);
- int (*ssl_renegotiate_check)(SSL *s);
- long (*ssl_ctrl)(SSL *s,int cmd,long larg,char *parg);
- long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,char *parg);
- SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
- int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr);
- int (*ssl_pending)(SSL *s);
- int (*num_ciphers)(void);
- SSL_CIPHER *(*get_cipher)(unsigned ncipher);
- struct ssl_method_st *(*get_ssl_method)(int version);
- long (*get_timeout)(void);
- struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
- int (*ssl_version)();
- long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)());
- long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)());
- } SSL_METHOD;
-
-/* Lets make this into an ASN.1 type structure as follows
- * SSL_SESSION_ID ::= SEQUENCE {
- * version INTEGER, -- structure version number
- * SSLversion INTEGER, -- SSL version number
- * Cipher OCTET_STRING, -- the 3 byte cipher ID
- * Session_ID OCTET_STRING, -- the Session ID
- * Master_key OCTET_STRING, -- the master key
- * Key_Arg [ 0 ] IMPLICIT OCTET_STRING, -- the optional Key argument
- * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
- * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
- * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
- * Session_ID_context [ 4 ] EXPLICIT OCTET_STRING, -- the Session ID context
- * Verify_result [ 5 ] EXPLICIT INTEGER -- X509_V_... code for `Peer'
- * Compression [6] IMPLICIT ASN1_OBJECT -- compression OID XXXXX
- * }
- * Look in ssl/ssl_asn1.c for more details
- * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
- */
-typedef struct ssl_session_st
- {
- int ssl_version; /* what ssl version session info is
- * being kept in here? */
-
- /* only really used in SSLv2 */
- unsigned int key_arg_length;
- unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
- int master_key_length;
- unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
- /* session_id - valid? */
- unsigned int session_id_length;
- unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
- /* this is used to determine whether the session is being reused in
- * the appropriate context. It is up to the application to set this,
- * via SSL_new */
- unsigned int sid_ctx_length;
- unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-
- int not_resumable;
-
- /* The cert is the certificate used to establish this connection */
- struct sess_cert_st /* SESS_CERT */ *sess_cert;
-
- /* This is the cert for the other end.
- * On clients, it will be the same as sess_cert->peer_key->x509
- * (the latter is not enough as sess_cert is not retained
- * in the external representation of sessions, see ssl_asn1.c). */
- X509 *peer;
- /* when app_verify_callback accepts a session where the peer's certificate
- * is not ok, we must remember the error for session reuse: */
- long verify_result; /* only for servers */
-
- int references;
- long timeout;
- long time;
-
- int compress_meth; /* Need to lookup the method */
-
- SSL_CIPHER *cipher;
- unsigned long cipher_id; /* when ASN.1 loaded, this
- * needs to be used to load
- * the 'cipher' structure */
-
- STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
-
- CRYPTO_EX_DATA ex_data; /* application specific data */
-
- /* These are used to make removal of session-ids more
- * efficient and to implement a maximum cache size. */
- struct ssl_session_st *prev,*next;
- } SSL_SESSION;
-
-#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
-#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
-#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
-#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
-#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
-#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L
-#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
-#define SSL_OP_TLS_D5_BUG 0x00000100L
-#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
-#define SSL_OP_TLS_ROLLBACK_BUG 0x00000400L
-
-/* If set, always create a new key when using tmp_dh parameters */
-#define SSL_OP_SINGLE_DH_USE 0x00100000L
-/* Set to also use the tmp_rsa key when doing RSA operations. */
-#define SSL_OP_EPHEMERAL_RSA 0x00200000L
-
-/* The next flag deliberately changes the ciphertest, this is a check
- * for the PKCS#1 attack */
-#define SSL_OP_PKCS1_CHECK_1 0x08000000L
-#define SSL_OP_PKCS1_CHECK_2 0x10000000L
-#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
-/* SSL_OP_NON_EXPORT_FIRST looks utterly broken .. */
-#define SSL_OP_NON_EXPORT_FIRST 0x40000000L
-#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x80000000L
-#define SSL_OP_ALL 0x000FFFFFL
-
-#define SSL_OP_NO_SSLv2 0x01000000L
-#define SSL_OP_NO_SSLv3 0x02000000L
-#define SSL_OP_NO_TLSv1 0x04000000L
-
-/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
- * when just a single record has been written): */
-#define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L
-/* Make it possible to retry SSL_write() with changed buffer location
- * (buffer contents must stay the same!); this is not the default to avoid
- * the misconception that non-blocking SSL_write() behaves like
- * non-blocking write(): */
-#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
-/* Never bother the application with retries if the transport
- * is blocking: */
-#define SSL_MODE_AUTO_RETRY 0x00000004L
-
-/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
- * they cannot be used to clear bits. */
-
-#define SSL_CTX_set_options(ctx,op) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,op,NULL)
-#define SSL_CTX_get_options(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,0,NULL)
-#define SSL_set_options(ssl,op) \
- SSL_ctrl(ssl,SSL_CTRL_OPTIONS,op,NULL)
-#define SSL_get_options(ssl) \
- SSL_ctrl(ssl,SSL_CTRL_OPTIONS,0,NULL)
-
-#define SSL_CTX_set_mode(ctx,op) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,op,NULL)
-#define SSL_CTX_get_mode(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,0,NULL)
-#define SSL_set_mode(ssl,op) \
- SSL_ctrl(ssl,SSL_CTRL_MODE,op,NULL)
-#define SSL_get_mode(ssl) \
- SSL_ctrl(ssl,SSL_CTRL_MODE,0,NULL)
-
-#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
-
-typedef struct ssl_comp_st
- {
- int id;
- char *name;
-#ifndef NO_COMP
- COMP_METHOD *method;
-#else
- char *method;
-#endif
- } SSL_COMP;
-
-DECLARE_STACK_OF(SSL_COMP)
-
-struct ssl_ctx_st
- {
- SSL_METHOD *method;
- unsigned long options;
- unsigned long mode;
-
- STACK_OF(SSL_CIPHER) *cipher_list;
- /* same as above but sorted for lookup */
- STACK_OF(SSL_CIPHER) *cipher_list_by_id;
-
- struct x509_store_st /* X509_STORE */ *cert_store;
- struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSIONs */
- /* Most session-ids that will be cached, default is
- * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
- unsigned long session_cache_size;
- struct ssl_session_st *session_cache_head;
- struct ssl_session_st *session_cache_tail;
-
- /* This can have one of 2 values, ored together,
- * SSL_SESS_CACHE_CLIENT,
- * SSL_SESS_CACHE_SERVER,
- * Default is SSL_SESSION_CACHE_SERVER, which means only
- * SSL_accept which cache SSL_SESSIONS. */
- int session_cache_mode;
-
- /* If timeout is not 0, it is the default timeout value set
- * when SSL_new() is called. This has been put in to make
- * life easier to set things up */
- long session_timeout;
-
- /* If this callback is not null, it will be called each
- * time a session id is added to the cache. If this function
- * returns 1, it means that the callback will do a
- * SSL_SESSION_free() when it has finished using it. Otherwise,
- * on 0, it means the callback has finished with it.
- * If remove_session_cb is not null, it will be called when
- * a session-id is removed from the cache. After the call,
- * OpenSSL will SSL_SESSION_free() it. */
- int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);
- void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);
- SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
- unsigned char *data,int len,int *copy);
- struct
- {
- int sess_connect; /* SSL new conn - started */
- int sess_connect_renegotiate;/* SSL reneg - requested */
- int sess_connect_good; /* SSL new conne/reneg - finished */
- int sess_accept; /* SSL new accept - started */
- int sess_accept_renegotiate;/* SSL reneg - requested */
- int sess_accept_good; /* SSL accept/reneg - finished */
- int sess_miss; /* session lookup misses */
- int sess_timeout; /* reuse attempt on timeouted session */
- int sess_cache_full; /* session removed due to full cache */
- int sess_hit; /* session reuse actually done */
- int sess_cb_hit; /* session-id that was not
- * in the cache was
- * passed back via the callback. This
- * indicates that the application is
- * supplying session-id's from other
- * processes - spooky :-) */
- } stats;
-
- int references;
-
-/**/ void (*info_callback)();
-
- /* if defined, these override the X509_verify_cert() calls */
-/**/ int (*app_verify_callback)();
-/**/ char *app_verify_arg; /* never used; should be void * */
-
- /* default values to use in SSL structures */
-/**/ struct cert_st /* CERT */ *cert;
-/**/ int read_ahead;
-/**/ int verify_mode;
-/**/ int verify_depth;
-/**/ unsigned int sid_ctx_length;
-/**/ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-/**/ int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx);
-
- int purpose; /* Purpose setting */
- int trust; /* Trust setting */
-
- /* Default password callback. */
-/**/ pem_password_cb *default_passwd_callback;
-
- /* Default password callback user data. */
-/**/ void *default_passwd_callback_userdata;
-
- /* get client cert callback */
-/**/ int (*client_cert_cb)(/* SSL *ssl, X509 **x509, EVP_PKEY **pkey */);
-
- /* what we put in client cert requests */
- STACK_OF(X509_NAME) *client_CA;
-
-/**/ int quiet_shutdown;
-
- CRYPTO_EX_DATA ex_data;
-
- const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
- const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
- const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */
-
- STACK_OF(X509) *extra_certs;
- STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
- };
-
-#define SSL_SESS_CACHE_OFF 0x0000
-#define SSL_SESS_CACHE_CLIENT 0x0001
-#define SSL_SESS_CACHE_SERVER 0x0002
-#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
-#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
-/* This one, when set, makes the server session-id lookup not look
- * in the cache. If there is an application get_session callback
- * defined, this will still get called. */
-#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
-
- struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
-#define SSL_CTX_sess_number(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
-#define SSL_CTX_sess_connect(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
-#define SSL_CTX_sess_connect_good(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
-#define SSL_CTX_sess_connect_renegotiate(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
-#define SSL_CTX_sess_accept(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
-#define SSL_CTX_sess_accept_renegotiate(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
-#define SSL_CTX_sess_accept_good(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
-#define SSL_CTX_sess_hits(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
-#define SSL_CTX_sess_cb_hits(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
-#define SSL_CTX_sess_misses(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
-#define SSL_CTX_sess_timeouts(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
-#define SSL_CTX_sess_cache_full(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
-
-#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb))
-#define SSL_CTX_sess_get_new_cb(ctx) ((ctx)->new_session_cb)
-#define SSL_CTX_sess_set_remove_cb(ctx,cb) ((ctx)->remove_session_cb=(cb))
-#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb)
-#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb))
-#define SSL_CTX_sess_get_get_cb(ctx) ((ctx)->get_session_cb)
-#define SSL_CTX_set_info_callback(ctx,cb) ((ctx)->info_callback=(cb))
-#define SSL_CTX_get_info_callback(ctx) ((ctx)->info_callback)
-#define SSL_CTX_set_client_cert_cb(ctx,cb) ((ctx)->client_cert_cb=(cb))
-#define SSL_CTX_get_client_cert_cb(ctx) ((ctx)->client_cert_cb)
-
-#define SSL_NOTHING 1
-#define SSL_WRITING 2
-#define SSL_READING 3
-#define SSL_X509_LOOKUP 4
-
-/* These will only be used when doing non-blocking IO */
-#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
-#define SSL_want_read(s) (SSL_want(s) == SSL_READING)
-#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
-#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
-
-struct ssl_st
- {
- /* protocol version
- * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION)
- */
- int version;
- int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
-
- SSL_METHOD *method; /* SSLv3 */
-
- /* There are 2 BIO's even though they are normally both the
- * same. This is so data can be read and written to different
- * handlers */
-
-#ifndef NO_BIO
- BIO *rbio; /* used by SSL_read */
- BIO *wbio; /* used by SSL_write */
- BIO *bbio; /* used during session-id reuse to concatenate
- * messages */
-#else
- char *rbio; /* used by SSL_read */
- char *wbio; /* used by SSL_write */
- char *bbio;
-#endif
- /* This holds a variable that indicates what we were doing
- * when a 0 or -1 is returned. This is needed for
- * non-blocking IO so we know what request needs re-doing when
- * in SSL_accept or SSL_connect */
- int rwstate;
-
- /* true when we are actually in SSL_accept() or SSL_connect() */
- int in_handshake;
- int (*handshake_func)();
-
- /* Imagine that here's a boolean member "init" that is
- * switched as soon as SSL_set_{accept/connect}_state
- * is called for the first time, so that "state" and
- * "handshake_func" are properly initialized. But as
- * handshake_func is == 0 until then, we use this
- * test instead of an "init" member.
- */
-
- int server; /* are we the server side? - mostly used by SSL_clear*/
-
- int new_session;/* 1 if we are to use a new session */
- int quiet_shutdown;/* don't send shutdown packets */
- int shutdown; /* we have shut things down, 0x01 sent, 0x02
- * for received */
- int state; /* where we are */
- int rstate; /* where we are when reading */
-
- BUF_MEM *init_buf; /* buffer used during init */
- int init_num; /* amount read/written */
- int init_off; /* amount read/written */
-
- /* used internally to point at a raw packet */
- unsigned char *packet;
- unsigned int packet_length;
-
- struct ssl2_state_st *s2; /* SSLv2 variables */
- struct ssl3_state_st *s3; /* SSLv3 variables */
-
- int read_ahead; /* Read as many input bytes as possible
- * (for non-blocking reads) */
- int hit; /* reusing a previous session */
-
- int purpose; /* Purpose setting */
- int trust; /* Trust setting */
-
- /* crypto */
- STACK_OF(SSL_CIPHER) *cipher_list;
- STACK_OF(SSL_CIPHER) *cipher_list_by_id;
-
- /* These are the ones being used, the ones in SSL_SESSION are
- * the ones to be 'copied' into these ones */
-
- EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
- const EVP_MD *read_hash; /* used for mac generation */
-#ifndef NO_COMP
- COMP_CTX *expand; /* uncompress */
-#else
- char *expand;
-#endif
-
- EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
- const EVP_MD *write_hash; /* used for mac generation */
-#ifndef NO_COMP
- COMP_CTX *compress; /* compression */
-#else
- char *compress;
-#endif
-
- /* session info */
-
- /* client cert? */
- /* This is used to hold the server certificate used */
- struct cert_st /* CERT */ *cert;
-
- /* the session_id_context is used to ensure sessions are only reused
- * in the appropriate context */
- unsigned int sid_ctx_length;
- unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-
- /* This can also be in the session once a session is established */
- SSL_SESSION *session;
-
- /* Used in SSL2 and SSL3 */
- int verify_mode; /* 0 don't care about verify failure.
- * 1 fail if verify fails */
- int verify_depth;
- int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
- void (*info_callback)(); /* optional informational callback */
-
- int error; /* error bytes to be written */
- int error_code; /* actual code */
-
- SSL_CTX *ctx;
- /* set this flag to 1 and a sleep(1) is put into all SSL_read()
- * and SSL_write() calls, good for nbio debuging :-) */
- int debug;
-
- /* extra application data */
- long verify_result;
- CRYPTO_EX_DATA ex_data;
-
- /* for server side, keep the list of CA_dn we can use */
- STACK_OF(X509_NAME) *client_CA;
-
- int references;
- unsigned long options; /* protocol behaviour */
- unsigned long mode; /* API behaviour */
- int first_packet;
- int client_version; /* what was passed, used for
- * SSLv3/TLS rollback check */
- };
-
-#ifdef __cplusplus
-}
-#endif
-
-#include <openssl/ssl2.h>
-#include <openssl/ssl3.h>
-#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
-#include <openssl/ssl23.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* compatibility */
-#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
-#define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
-#define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))
-#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))
-#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
-#define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
-
-/* The following are the possible values for ssl->state are are
- * used to indicate where we are up to in the SSL connection establishment.
- * The macros that follow are about the only things you should need to use
- * and even then, only when using non-blocking IO.
- * It can also be useful to work out where you were when the connection
- * failed */
-
-#define SSL_ST_CONNECT 0x1000
-#define SSL_ST_ACCEPT 0x2000
-#define SSL_ST_MASK 0x0FFF
-#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)
-#define SSL_ST_BEFORE 0x4000
-#define SSL_ST_OK 0x03
-#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
-
-#define SSL_CB_LOOP 0x01
-#define SSL_CB_EXIT 0x02
-#define SSL_CB_READ 0x04
-#define SSL_CB_WRITE 0x08
-#define SSL_CB_ALERT 0x4000 /* used in callback */
-#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
-#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
-#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
-#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
-#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
-#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
-#define SSL_CB_HANDSHAKE_START 0x10
-#define SSL_CB_HANDSHAKE_DONE 0x20
-
-/* Is the SSL_connection established? */
-#define SSL_get_state(a) SSL_state(a)
-#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
-#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
-#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
-#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
-#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
-
-/* The following 2 states are kept in ssl->rstate when reads fail,
- * you should not need these */
-#define SSL_ST_READ_HEADER 0xF0
-#define SSL_ST_READ_BODY 0xF1
-#define SSL_ST_READ_DONE 0xF2
-
-/* Obtain latest Finished message
- * -- that we sent (SSL_get_finished)
- * -- that we expected from peer (SSL_get_peer_finished).
- * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
-size_t SSL_get_finished(SSL *s, void *buf, size_t count);
-size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
-
-/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
- * are 'ored' with SSL_VERIFY_PEER if they are desired */
-#define SSL_VERIFY_NONE 0x00
-#define SSL_VERIFY_PEER 0x01
-#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
-#define SSL_VERIFY_CLIENT_ONCE 0x04
-
-#define OpenSSL_add_ssl_algorithms() SSL_library_init()
-#define SSLeay_add_ssl_algorithms() SSL_library_init()
-
-/* this is for backward compatibility */
-#if 0 /* NEW_SSLEAY */
-#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
-#define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n)
-#define SSL_add_session(a,b) SSL_CTX_add_session((a),(b))
-#define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b))
-#define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b))
-#endif
-/* More backward compatibility */
-#define SSL_get_cipher(s) \
- SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-#define SSL_get_cipher_bits(s,np) \
- SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
-#define SSL_get_cipher_version(s) \
- SSL_CIPHER_get_version(SSL_get_current_cipher(s))
-#define SSL_get_cipher_name(s) \
- SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-#define SSL_get_time(a) SSL_SESSION_get_time(a)
-#define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))
-#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
-#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
-
-#if 1 /*SSLEAY_MACROS*/
-#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \
- (char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \
- (bp),(unsigned char **)(s_id))
-#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \
- bp,(unsigned char *)s_id)
-#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
- (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
-#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
-#define PEM_write_SSL_SESSION(fp,x) \
- PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
- PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_SSL_SESSION(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
- PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
-#endif
-
-#define SSL_AD_REASON_OFFSET 1000
-/* These alert types are for SSLv3 and TLSv1 */
-#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
-#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
-#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */
-#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
-#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
-#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */
-#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */
-#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */
-#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
-#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
-#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
-#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
-#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
-#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */
-#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */
-#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */
-#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */
-#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
-#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */
-#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */
-#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
-#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
-#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
-#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
-
-#define SSL_ERROR_NONE 0
-#define SSL_ERROR_SSL 1
-#define SSL_ERROR_WANT_READ 2
-#define SSL_ERROR_WANT_WRITE 3
-#define SSL_ERROR_WANT_X509_LOOKUP 4
-#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */
-#define SSL_ERROR_ZERO_RETURN 6
-#define SSL_ERROR_WANT_CONNECT 7
-
-#define SSL_CTRL_NEED_TMP_RSA 1
-#define SSL_CTRL_SET_TMP_RSA 2
-#define SSL_CTRL_SET_TMP_DH 3
-#define SSL_CTRL_SET_TMP_RSA_CB 4
-#define SSL_CTRL_SET_TMP_DH_CB 5
-/* Add these ones */
-#define SSL_CTRL_GET_SESSION_REUSED 6
-#define SSL_CTRL_GET_CLIENT_CERT_REQUEST 7
-#define SSL_CTRL_GET_NUM_RENEGOTIATIONS 8
-#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 9
-#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 10
-#define SSL_CTRL_GET_FLAGS 11
-#define SSL_CTRL_EXTRA_CHAIN_CERT 12
-
-/* Stats */
-#define SSL_CTRL_SESS_NUMBER 20
-#define SSL_CTRL_SESS_CONNECT 21
-#define SSL_CTRL_SESS_CONNECT_GOOD 22
-#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23
-#define SSL_CTRL_SESS_ACCEPT 24
-#define SSL_CTRL_SESS_ACCEPT_GOOD 25
-#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26
-#define SSL_CTRL_SESS_HIT 27
-#define SSL_CTRL_SESS_CB_HIT 28
-#define SSL_CTRL_SESS_MISSES 29
-#define SSL_CTRL_SESS_TIMEOUTS 30
-#define SSL_CTRL_SESS_CACHE_FULL 31
-#define SSL_CTRL_OPTIONS 32
-#define SSL_CTRL_MODE 33
-
-#define SSL_CTRL_GET_READ_AHEAD 40
-#define SSL_CTRL_SET_READ_AHEAD 41
-#define SSL_CTRL_SET_SESS_CACHE_SIZE 42
-#define SSL_CTRL_GET_SESS_CACHE_SIZE 43
-#define SSL_CTRL_SET_SESS_CACHE_MODE 44
-#define SSL_CTRL_GET_SESS_CACHE_MODE 45
-
-#define SSL_session_reused(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
-#define SSL_num_renegotiations(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
-#define SSL_clear_num_renegotiations(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
-#define SSL_total_renegotiations(ssl) \
- SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
-
-#define SSL_CTX_need_tmp_RSA(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
-#define SSL_CTX_set_tmp_rsa(ctx,rsa) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
-#define SSL_CTX_set_tmp_dh(ctx,dh) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
-
-#define SSL_need_tmp_RSA(ssl) \
- SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
-#define SSL_set_tmp_rsa(ssl,rsa) \
- SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
-#define SSL_set_tmp_dh(ssl,dh) \
- SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
-
-#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
-
-/* VMS uses only 31 characters for symbols. */
-#ifdef VMS
-#undef SSL_CTX_set_cert_verify_callback
-#define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb
-#undef SSL_CTX_use_certificate_chain_file
-#define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file
-#undef SSL_CTX_set_default_verify_paths
-#define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths
-#undef SSL_get_ex_data_X509_STORE_CTX_idx
-#define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_data_X509_STOR_CTX_i
-#undef SSL_add_file_cert_subjects_to_stack
-#define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_sub_to_stack
-#undef SSL_add_dir_cert_subjects_to_stack
-#define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_sub_to_stack
-#endif
-
-#ifndef NO_BIO
-BIO_METHOD *BIO_f_ssl(void);
-BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
-BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
-BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
-int BIO_ssl_copy_session_id(BIO *to,BIO *from);
-void BIO_ssl_shutdown(BIO *ssl_bio);
-
-#endif
-
-int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str);
-SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
-void SSL_CTX_free(SSL_CTX *);
-long SSL_CTX_set_timeout(SSL_CTX *ctx,long t);
-long SSL_CTX_get_timeout(SSL_CTX *ctx);
-X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *);
-void SSL_CTX_set_cert_store(SSL_CTX *,X509_STORE *);
-int SSL_want(SSL *s);
-int SSL_clear(SSL *s);
-
-void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm);
-
-SSL_CIPHER *SSL_get_current_cipher(SSL *s);
-int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits);
-char * SSL_CIPHER_get_version(SSL_CIPHER *c);
-const char * SSL_CIPHER_get_name(SSL_CIPHER *c);
-
-int SSL_get_fd(SSL *s);
-const char * SSL_get_cipher_list(SSL *s,int n);
-char * SSL_get_shared_ciphers(SSL *s, char *buf, int len);
-int SSL_get_read_ahead(SSL * s);
-int SSL_pending(SSL *s);
-#ifndef NO_SOCK
-int SSL_set_fd(SSL *s, int fd);
-int SSL_set_rfd(SSL *s, int fd);
-int SSL_set_wfd(SSL *s, int fd);
-#endif
-#ifndef NO_BIO
-void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);
-BIO * SSL_get_rbio(SSL *s);
-BIO * SSL_get_wbio(SSL *s);
-#endif
-int SSL_set_cipher_list(SSL *s, const char *str);
-void SSL_set_read_ahead(SSL *s, int yes);
-int SSL_get_verify_mode(SSL *s);
-int SSL_get_verify_depth(SSL *s);
-int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *);
-void SSL_set_verify(SSL *s, int mode,
- int (*callback)(int ok,X509_STORE_CTX *ctx));
-void SSL_set_verify_depth(SSL *s, int depth);
-#ifndef NO_RSA
-int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
-#endif
-int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
-int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
-int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
-int SSL_use_certificate(SSL *ssl, X509 *x);
-int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
-
-#ifndef NO_STDIO
-int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
-int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
-int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
-int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
-int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
-int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
-int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */
-STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
-int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
- const char *file);
-int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
- const char *dir);
-#endif
-
-void ERR_load_SSL_strings(void );
-void SSL_load_error_strings(void );
-char * SSL_state_string(SSL *s);
-char * SSL_rstate_string(SSL *s);
-char * SSL_state_string_long(SSL *s);
-char * SSL_rstate_string_long(SSL *s);
-long SSL_SESSION_get_time(SSL_SESSION *s);
-long SSL_SESSION_set_time(SSL_SESSION *s, long t);
-long SSL_SESSION_get_timeout(SSL_SESSION *s);
-long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
-void SSL_copy_session_id(SSL *to,SSL *from);
-
-SSL_SESSION *SSL_SESSION_new(void);
-unsigned long SSL_SESSION_hash(SSL_SESSION *a);
-int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b);
-#ifndef NO_FP_API
-int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);
-#endif
-#ifndef NO_BIO
-int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses);
-#endif
-void SSL_SESSION_free(SSL_SESSION *ses);
-int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
-int SSL_set_session(SSL *to, SSL_SESSION *session);
-int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
-int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
-SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length);
-
-#ifdef HEADER_X509_H
-X509 * SSL_get_peer_certificate(SSL *s);
-#endif
-
-STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s);
-
-#ifdef VMS
-#define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud
-#endif
-
-int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
-int SSL_CTX_get_verify_depth(SSL_CTX *ctx);
-int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *);
-void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,
- int (*callback)(int, X509_STORE_CTX *));
-void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(),char *arg);
-#ifndef NO_RSA
-int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
-#endif
-int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
-int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
-int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx,
- unsigned char *d, long len);
-int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
-int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
-
-void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
-
-int SSL_CTX_check_private_key(SSL_CTX *ctx);
-int SSL_check_private_key(SSL *ctx);
-
-int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
- unsigned int sid_ctx_len);
-
-SSL * SSL_new(SSL_CTX *ctx);
-int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
- unsigned int sid_ctx_len);
-
-int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
-int SSL_set_purpose(SSL *s, int purpose);
-int SSL_CTX_set_trust(SSL_CTX *s, int trust);
-int SSL_set_trust(SSL *s, int trust);
-
-void SSL_free(SSL *ssl);
-int SSL_accept(SSL *ssl);
-int SSL_connect(SSL *ssl);
-int SSL_read(SSL *ssl,void *buf,int num);
-int SSL_peek(SSL *ssl,void *buf,int num);
-int SSL_write(SSL *ssl,const void *buf,int num);
-long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg);
-long SSL_callback_ctrl(SSL *, int, void (*)());
-long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, char *parg);
-long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)());
-
-int SSL_get_error(SSL *s,int ret_code);
-const char *SSL_get_version(SSL *s);
-
-/* This sets the 'default' SSL version that SSL_new() will create */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);
-
-SSL_METHOD *SSLv2_method(void); /* SSLv2 */
-SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
-SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
-
-SSL_METHOD *SSLv3_method(void); /* SSLv3 */
-SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
-SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
-
-SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */
-SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */
-SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */
-
-SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
-SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
-SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
-
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s);
-
-int SSL_do_handshake(SSL *s);
-int SSL_renegotiate(SSL *s);
-int SSL_shutdown(SSL *s);
-
-SSL_METHOD *SSL_get_ssl_method(SSL *s);
-int SSL_set_ssl_method(SSL *s,SSL_METHOD *method);
-char *SSL_alert_type_string_long(int value);
-char *SSL_alert_type_string(int value);
-char *SSL_alert_desc_string_long(int value);
-char *SSL_alert_desc_string(int value);
-
-void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
-void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
-STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s);
-STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *s);
-int SSL_add_client_CA(SSL *ssl,X509 *x);
-int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);
-
-void SSL_set_connect_state(SSL *s);
-void SSL_set_accept_state(SSL *s);
-
-long SSL_get_default_timeout(SSL *s);
-
-int SSL_library_init(void );
-
-char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);
-STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
-
-SSL *SSL_dup(SSL *ssl);
-
-X509 *SSL_get_certificate(SSL *ssl);
-/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
-
-void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
-int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);
-void SSL_set_quiet_shutdown(SSL *ssl,int mode);
-int SSL_get_quiet_shutdown(SSL *ssl);
-void SSL_set_shutdown(SSL *ssl,int mode);
-int SSL_get_shutdown(SSL *ssl);
-int SSL_version(SSL *ssl);
-int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
-int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
- const char *CApath);
-#define SSL_get0_session SSL_get_session /* just peek at pointer */
-SSL_SESSION *SSL_get_session(SSL *ssl);
-SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
-SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);
-void SSL_set_info_callback(SSL *ssl,void (*cb)());
-void (*SSL_get_info_callback(SSL *ssl))();
-int SSL_state(SSL *ssl);
-
-void SSL_set_verify_result(SSL *ssl,long v);
-long SSL_get_verify_result(SSL *ssl);
-
-int SSL_set_ex_data(SSL *ssl,int idx,void *data);
-void *SSL_get_ex_data(SSL *ssl,int idx);
-int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
-int SSL_SESSION_set_ex_data(SSL_SESSION *ss,int idx,void *data);
-void *SSL_SESSION_get_ex_data(SSL_SESSION *ss,int idx);
-int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
-int SSL_CTX_set_ex_data(SSL_CTX *ssl,int idx,void *data);
-void *SSL_CTX_get_ex_data(SSL_CTX *ssl,int idx);
-int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
-int SSL_get_ex_data_X509_STORE_CTX_idx(void );
-
-#define SSL_CTX_sess_set_cache_size(ctx,t) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
-#define SSL_CTX_sess_get_cache_size(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
-#define SSL_CTX_set_session_cache_mode(ctx,m) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
-#define SSL_CTX_get_session_cache_mode(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
-
-#define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
-#define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
-#define SSL_CTX_get_read_ahead(ctx) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
-#define SSL_CTX_set_read_ahead(ctx,m) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
-
- /* NB: the keylength is only applicable when is_export is true */
-#ifndef NO_RSA
-void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
- RSA *(*cb)(SSL *ssl,int is_export,
- int keylength));
-
-void SSL_set_tmp_rsa_callback(SSL *ssl,
- RSA *(*cb)(SSL *ssl,int is_export,
- int keylength));
-#endif
-#ifndef NO_DH
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
- DH *(*dh)(SSL *ssl,int is_export,
- int keylength));
-void SSL_set_tmp_dh_callback(SSL *ssl,
- DH *(*dh)(SSL *ssl,int is_export,
- int keylength));
-#endif
-
-#ifndef NO_COMP
-int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);
-#else
-int SSL_COMP_add_compression_method(int id,char *cm);
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_SSL_strings(void);
-
-/* Error codes for the SSL functions. */
-
-/* Function codes. */
-#define SSL_F_CLIENT_CERTIFICATE 100
-#define SSL_F_CLIENT_HELLO 101
-#define SSL_F_CLIENT_MASTER_KEY 102
-#define SSL_F_D2I_SSL_SESSION 103
-#define SSL_F_DO_SSL3_WRITE 104
-#define SSL_F_GET_CLIENT_FINISHED 105
-#define SSL_F_GET_CLIENT_HELLO 106
-#define SSL_F_GET_CLIENT_MASTER_KEY 107
-#define SSL_F_GET_SERVER_FINISHED 108
-#define SSL_F_GET_SERVER_HELLO 109
-#define SSL_F_GET_SERVER_VERIFY 110
-#define SSL_F_I2D_SSL_SESSION 111
-#define SSL_F_READ_N 112
-#define SSL_F_REQUEST_CERTIFICATE 113
-#define SSL_F_SERVER_HELLO 114
-#define SSL_F_SSL23_ACCEPT 115
-#define SSL_F_SSL23_CLIENT_HELLO 116
-#define SSL_F_SSL23_CONNECT 117
-#define SSL_F_SSL23_GET_CLIENT_HELLO 118
-#define SSL_F_SSL23_GET_SERVER_HELLO 119
-#define SSL_F_SSL23_PEEK 237
-#define SSL_F_SSL23_READ 120
-#define SSL_F_SSL23_WRITE 121
-#define SSL_F_SSL2_ACCEPT 122
-#define SSL_F_SSL2_CONNECT 123
-#define SSL_F_SSL2_ENC_INIT 124
-#define SSL_F_SSL2_PEEK 234
-#define SSL_F_SSL2_READ 125
-#define SSL_F_SSL2_READ_INTERNAL 236
-#define SSL_F_SSL2_SET_CERTIFICATE 126
-#define SSL_F_SSL2_WRITE 127
-#define SSL_F_SSL3_ACCEPT 128
-#define SSL_F_SSL3_CALLBACK_CTRL 233
-#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
-#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
-#define SSL_F_SSL3_CLIENT_HELLO 131
-#define SSL_F_SSL3_CONNECT 132
-#define SSL_F_SSL3_CTRL 213
-#define SSL_F_SSL3_CTX_CTRL 133
-#define SSL_F_SSL3_ENC 134
-#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
-#define SSL_F_SSL3_GET_CERT_VERIFY 136
-#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
-#define SSL_F_SSL3_GET_CLIENT_HELLO 138
-#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
-#define SSL_F_SSL3_GET_FINISHED 140
-#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
-#define SSL_F_SSL3_GET_MESSAGE 142
-#define SSL_F_SSL3_GET_RECORD 143
-#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
-#define SSL_F_SSL3_GET_SERVER_DONE 145
-#define SSL_F_SSL3_GET_SERVER_HELLO 146
-#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
-#define SSL_F_SSL3_PEEK 235
-#define SSL_F_SSL3_READ_BYTES 148
-#define SSL_F_SSL3_READ_N 149
-#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
-#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
-#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
-#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
-#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
-#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
-#define SSL_F_SSL3_SETUP_BUFFERS 156
-#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
-#define SSL_F_SSL3_WRITE_BYTES 158
-#define SSL_F_SSL3_WRITE_PENDING 159
-#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
-#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
-#define SSL_F_SSL_BAD_METHOD 160
-#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
-#define SSL_F_SSL_CERT_DUP 221
-#define SSL_F_SSL_CERT_INST 222
-#define SSL_F_SSL_CERT_INSTANTIATE 214
-#define SSL_F_SSL_CERT_NEW 162
-#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
-#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
-#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
-#define SSL_F_SSL_CLEAR 164
-#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
-#define SSL_F_SSL_CREATE_CIPHER_LIST 166
-#define SSL_F_SSL_CTRL 232
-#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
-#define SSL_F_SSL_CTX_NEW 169
-#define SSL_F_SSL_CTX_SET_PURPOSE 226
-#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
-#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
-#define SSL_F_SSL_CTX_SET_TRUST 229
-#define SSL_F_SSL_CTX_USE_CERTIFICATE 171
-#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
-#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220
-#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173
-#define SSL_F_SSL_CTX_USE_PRIVATEKEY 174
-#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
-#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
-#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
-#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
-#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
-#define SSL_F_SSL_DO_HANDSHAKE 180
-#define SSL_F_SSL_GET_NEW_SESSION 181
-#define SSL_F_SSL_GET_PREV_SESSION 217
-#define SSL_F_SSL_GET_SERVER_SEND_CERT 182
-#define SSL_F_SSL_GET_SIGN_PKEY 183
-#define SSL_F_SSL_INIT_WBIO_BUFFER 184
-#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
-#define SSL_F_SSL_NEW 186
-#define SSL_F_SSL_READ 223
-#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
-#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
-#define SSL_F_SSL_SESSION_NEW 189
-#define SSL_F_SSL_SESSION_PRINT_FP 190
-#define SSL_F_SSL_SESS_CERT_NEW 225
-#define SSL_F_SSL_SET_CERT 191
-#define SSL_F_SSL_SET_FD 192
-#define SSL_F_SSL_SET_PKEY 193
-#define SSL_F_SSL_SET_PURPOSE 227
-#define SSL_F_SSL_SET_RFD 194
-#define SSL_F_SSL_SET_SESSION 195
-#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
-#define SSL_F_SSL_SET_TRUST 228
-#define SSL_F_SSL_SET_WFD 196
-#define SSL_F_SSL_SHUTDOWN 224
-#define SSL_F_SSL_UNDEFINED_FUNCTION 197
-#define SSL_F_SSL_USE_CERTIFICATE 198
-#define SSL_F_SSL_USE_CERTIFICATE_ASN1 199
-#define SSL_F_SSL_USE_CERTIFICATE_FILE 200
-#define SSL_F_SSL_USE_PRIVATEKEY 201
-#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
-#define SSL_F_SSL_USE_PRIVATEKEY_FILE 203
-#define SSL_F_SSL_USE_RSAPRIVATEKEY 204
-#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
-#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
-#define SSL_F_SSL_VERIFY_CERT_CHAIN 207
-#define SSL_F_SSL_WRITE 208
-#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
-#define SSL_F_TLS1_ENC 210
-#define SSL_F_TLS1_SETUP_KEY_BLOCK 211
-#define SSL_F_WRITE_PENDING 212
-
-/* Reason codes. */
-#define SSL_R_APP_DATA_IN_HANDSHAKE 100
-#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
-#define SSL_R_BAD_ALERT_RECORD 101
-#define SSL_R_BAD_AUTHENTICATION_TYPE 102
-#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
-#define SSL_R_BAD_CHECKSUM 104
-#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
-#define SSL_R_BAD_DECOMPRESSION 107
-#define SSL_R_BAD_DH_G_LENGTH 108
-#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
-#define SSL_R_BAD_DH_P_LENGTH 110
-#define SSL_R_BAD_DIGEST_LENGTH 111
-#define SSL_R_BAD_DSA_SIGNATURE 112
-#define SSL_R_BAD_HELLO_REQUEST 105
-#define SSL_R_BAD_LENGTH 271
-#define SSL_R_BAD_MAC_DECODE 113
-#define SSL_R_BAD_MESSAGE_TYPE 114
-#define SSL_R_BAD_PACKET_LENGTH 115
-#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
-#define SSL_R_BAD_RESPONSE_ARGUMENT 117
-#define SSL_R_BAD_RSA_DECRYPT 118
-#define SSL_R_BAD_RSA_ENCRYPT 119
-#define SSL_R_BAD_RSA_E_LENGTH 120
-#define SSL_R_BAD_RSA_MODULUS_LENGTH 121
-#define SSL_R_BAD_RSA_SIGNATURE 122
-#define SSL_R_BAD_SIGNATURE 123
-#define SSL_R_BAD_SSL_FILETYPE 124
-#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
-#define SSL_R_BAD_STATE 126
-#define SSL_R_BAD_WRITE_RETRY 127
-#define SSL_R_BIO_NOT_SET 128
-#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
-#define SSL_R_BN_LIB 130
-#define SSL_R_CA_DN_LENGTH_MISMATCH 131
-#define SSL_R_CA_DN_TOO_LONG 132
-#define SSL_R_CCS_RECEIVED_EARLY 133
-#define SSL_R_CERTIFICATE_VERIFY_FAILED 134
-#define SSL_R_CERT_LENGTH_MISMATCH 135
-#define SSL_R_CHALLENGE_IS_DIFFERENT 136
-#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
-#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
-#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
-#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
-#define SSL_R_COMPRESSION_FAILURE 141
-#define SSL_R_COMPRESSION_LIBRARY_ERROR 142
-#define SSL_R_CONNECTION_ID_IS_DIFFERENT 143
-#define SSL_R_CONNECTION_TYPE_NOT_SET 144
-#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
-#define SSL_R_DATA_LENGTH_TOO_LONG 146
-#define SSL_R_DECRYPTION_FAILED 147
-#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
-#define SSL_R_DIGEST_CHECK_FAILED 149
-#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
-#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 1092
-#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
-#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
-#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
-#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
-#define SSL_R_HTTPS_PROXY_REQUEST 155
-#define SSL_R_HTTP_REQUEST 156
-#define SSL_R_INTERNAL_ERROR 157
-#define SSL_R_INVALID_CHALLENGE_LENGTH 158
-#define SSL_R_INVALID_COMMAND 280
-#define SSL_R_INVALID_PURPOSE 278
-#define SSL_R_INVALID_TRUST 279
-#define SSL_R_LENGTH_MISMATCH 159
-#define SSL_R_LENGTH_TOO_SHORT 160
-#define SSL_R_LIBRARY_BUG 274
-#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
-#define SSL_R_MISSING_DH_DSA_CERT 162
-#define SSL_R_MISSING_DH_KEY 163
-#define SSL_R_MISSING_DH_RSA_CERT 164
-#define SSL_R_MISSING_DSA_SIGNING_CERT 165
-#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166
-#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167
-#define SSL_R_MISSING_RSA_CERTIFICATE 168
-#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
-#define SSL_R_MISSING_RSA_SIGNING_CERT 170
-#define SSL_R_MISSING_TMP_DH_KEY 171
-#define SSL_R_MISSING_TMP_RSA_KEY 172
-#define SSL_R_MISSING_TMP_RSA_PKEY 173
-#define SSL_R_MISSING_VERIFY_MESSAGE 174
-#define SSL_R_NON_SSLV2_INITIAL_PACKET 175
-#define SSL_R_NO_CERTIFICATES_RETURNED 176
-#define SSL_R_NO_CERTIFICATE_ASSIGNED 177
-#define SSL_R_NO_CERTIFICATE_RETURNED 178
-#define SSL_R_NO_CERTIFICATE_SET 179
-#define SSL_R_NO_CERTIFICATE_SPECIFIED 180
-#define SSL_R_NO_CIPHERS_AVAILABLE 181
-#define SSL_R_NO_CIPHERS_PASSED 182
-#define SSL_R_NO_CIPHERS_SPECIFIED 183
-#define SSL_R_NO_CIPHER_LIST 184
-#define SSL_R_NO_CIPHER_MATCH 185
-#define SSL_R_NO_CLIENT_CERT_RECEIVED 186
-#define SSL_R_NO_COMPRESSION_SPECIFIED 187
-#define SSL_R_NO_METHOD_SPECIFIED 188
-#define SSL_R_NO_PRIVATEKEY 189
-#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
-#define SSL_R_NO_PROTOCOLS_AVAILABLE 191
-#define SSL_R_NO_PUBLICKEY 192
-#define SSL_R_NO_SHARED_CIPHER 193
-#define SSL_R_NO_VERIFY_CALLBACK 194
-#define SSL_R_NULL_SSL_CTX 195
-#define SSL_R_NULL_SSL_METHOD_PASSED 196
-#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
-#define SSL_R_PACKET_LENGTH_TOO_LONG 198
-#define SSL_R_PATH_TOO_LONG 270
-#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
-#define SSL_R_PEER_ERROR 200
-#define SSL_R_PEER_ERROR_CERTIFICATE 201
-#define SSL_R_PEER_ERROR_NO_CERTIFICATE 202
-#define SSL_R_PEER_ERROR_NO_CIPHER 203
-#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204
-#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
-#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206
-#define SSL_R_PROTOCOL_IS_SHUTDOWN 207
-#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208
-#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209
-#define SSL_R_PUBLIC_KEY_NOT_RSA 210
-#define SSL_R_READ_BIO_NOT_SET 211
-#define SSL_R_READ_WRONG_PACKET_TYPE 212
-#define SSL_R_RECORD_LENGTH_MISMATCH 213
-#define SSL_R_RECORD_TOO_LARGE 214
-#define SSL_R_RECORD_TOO_SMALL 1093
-#define SSL_R_REQUIRED_CIPHER_MISSING 215
-#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
-#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
-#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
-#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
-#define SSL_R_SHORT_READ 219
-#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
-#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
-#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
-#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
-#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
-#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
-#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
-#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
-#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
-#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
-#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
-#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 223
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 224
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 225
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 226
-#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
-#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 227
-#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
-#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
-#define SSL_R_SSL_HANDSHAKE_FAILURE 229
-#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
-#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
-#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231
-#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
-#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
-#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
-#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
-#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
-#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
-#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
-#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
-#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
-#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
-#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
-#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
-#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
-#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
-#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
-#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
-#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
-#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237
-#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238
-#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
-#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240
-#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241
-#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
-#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
-#define SSL_R_UNEXPECTED_MESSAGE 244
-#define SSL_R_UNEXPECTED_RECORD 245
-#define SSL_R_UNINITIALIZED 276
-#define SSL_R_UNKNOWN_ALERT_TYPE 246
-#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
-#define SSL_R_UNKNOWN_CIPHER_RETURNED 248
-#define SSL_R_UNKNOWN_CIPHER_TYPE 249
-#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
-#define SSL_R_UNKNOWN_PKEY_TYPE 251
-#define SSL_R_UNKNOWN_PROTOCOL 252
-#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
-#define SSL_R_UNKNOWN_SSL_VERSION 254
-#define SSL_R_UNKNOWN_STATE 255
-#define SSL_R_UNSUPPORTED_CIPHER 256
-#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
-#define SSL_R_UNSUPPORTED_OPTION 1091
-#define SSL_R_UNSUPPORTED_PROTOCOL 258
-#define SSL_R_UNSUPPORTED_SSL_VERSION 259
-#define SSL_R_WRITE_BIO_NOT_SET 260
-#define SSL_R_WRONG_CIPHER_RETURNED 261
-#define SSL_R_WRONG_MESSAGE_TYPE 262
-#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263
-#define SSL_R_WRONG_SIGNATURE_LENGTH 264
-#define SSL_R_WRONG_SIGNATURE_SIZE 265
-#define SSL_R_WRONG_SSL_VERSION 266
-#define SSL_R_WRONG_VERSION_NUMBER 267
-#define SSL_R_X509_LIB 268
-#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/src/lib/libssl/ssl2.h b/src/lib/libssl/ssl2.h
deleted file mode 100644
index f8b56afb6b..0000000000
--- a/src/lib/libssl/ssl2.h
+++ /dev/null
@@ -1,269 +0,0 @@
-/* ssl/ssl2.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL2_H
-#define HEADER_SSL2_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Protocol Version Codes */
-#define SSL2_VERSION 0x0002
-#define SSL2_VERSION_MAJOR 0x00
-#define SSL2_VERSION_MINOR 0x02
-/* #define SSL2_CLIENT_VERSION 0x0002 */
-/* #define SSL2_SERVER_VERSION 0x0002 */
-
-/* Protocol Message Codes */
-#define SSL2_MT_ERROR 0
-#define SSL2_MT_CLIENT_HELLO 1
-#define SSL2_MT_CLIENT_MASTER_KEY 2
-#define SSL2_MT_CLIENT_FINISHED 3
-#define SSL2_MT_SERVER_HELLO 4
-#define SSL2_MT_SERVER_VERIFY 5
-#define SSL2_MT_SERVER_FINISHED 6
-#define SSL2_MT_REQUEST_CERTIFICATE 7
-#define SSL2_MT_CLIENT_CERTIFICATE 8
-
-/* Error Message Codes */
-#define SSL2_PE_UNDEFINED_ERROR 0x0000
-#define SSL2_PE_NO_CIPHER 0x0001
-#define SSL2_PE_NO_CERTIFICATE 0x0002
-#define SSL2_PE_BAD_CERTIFICATE 0x0004
-#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
-
-/* Cipher Kind Values */
-#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */
-#define SSL2_CK_RC4_128_WITH_MD5 0x02010080
-#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
-#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080
-#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080
-#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080
-#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040
-#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */
-#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
-#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */
-#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */
-
-#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */
-#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */
-
-#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1"
-#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5"
-#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5"
-#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5"
-#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5"
-#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
-#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5"
-#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5"
-#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA"
-#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5"
-#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA"
-#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5"
-
-#define SSL2_TXT_NULL "NULL"
-
-/* Flags for the SSL_CIPHER.algorithm2 field */
-#define SSL2_CF_5_BYTE_ENC 0x01
-#define SSL2_CF_8_BYTE_ENC 0x02
-
-/* Certificate Type Codes */
-#define SSL2_CT_X509_CERTIFICATE 0x01
-
-/* Authentication Type Code */
-#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01
-
-#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32
-
-/* Upper/Lower Bounds */
-#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
-#ifdef MPE
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u
-#else
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */
-#endif
-#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */
-
-#define SSL2_CHALLENGE_LENGTH 16
-/*#define SSL2_CHALLENGE_LENGTH 32 */
-#define SSL2_MIN_CHALLENGE_LENGTH 16
-#define SSL2_MAX_CHALLENGE_LENGTH 32
-#define SSL2_CONNECTION_ID_LENGTH 16
-#define SSL2_MAX_CONNECTION_ID_LENGTH 16
-#define SSL2_SSL_SESSION_ID_LENGTH 16
-#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
-#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
-#define SSL2_MAX_KEY_MATERIAL_LENGTH 24
-
-#ifndef HEADER_SSL_LOCL_H
-#define CERT char
-#endif
-
-typedef struct ssl2_state_st
- {
- int three_byte_header;
- int clear_text; /* clear text */
- int escape; /* not used in SSLv2 */
- int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */
-
- /* non-blocking io info, used to make sure the same
- * args were passwd */
- unsigned int wnum; /* number of bytes sent so far */
- int wpend_tot;
- const unsigned char *wpend_buf;
-
- int wpend_off; /* offset to data to write */
- int wpend_len; /* number of bytes passwd to write */
- int wpend_ret; /* number of bytes to return to caller */
-
- /* buffer raw data */
- int rbuf_left;
- int rbuf_offs;
- unsigned char *rbuf;
- unsigned char *wbuf;
-
- unsigned char *write_ptr;/* used to point to the start due to
- * 2/3 byte header. */
-
- unsigned int padding;
- unsigned int rlength; /* passed to ssl2_enc */
- int ract_data_length; /* Set when things are encrypted. */
- unsigned int wlength; /* passed to ssl2_enc */
- int wact_data_length; /* Set when things are decrypted. */
- unsigned char *ract_data;
- unsigned char *wact_data;
- unsigned char *mac_data;
- unsigned char *pad_data;
-
- unsigned char *read_key;
- unsigned char *write_key;
-
- /* Stuff specifically to do with this SSL session */
- unsigned int challenge_length;
- unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
- unsigned int conn_id_length;
- unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
- unsigned int key_material_length;
- unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2];
-
- unsigned long read_sequence;
- unsigned long write_sequence;
-
- struct {
- unsigned int conn_id_length;
- unsigned int cert_type;
- unsigned int cert_length;
- int csl;
- int clear;
- unsigned int enc;
- unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
- int cipher_spec_length;
- unsigned int session_id_length;
- unsigned int clen;
- unsigned int rlen;
- } tmp;
- } SSL2_STATE;
-
-/* SSLv2 */
-/* client */
-#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT)
-#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT)
-#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT)
-/* server */
-#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT)
-#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT)
-#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT)
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libssl/ssl23.h b/src/lib/libssl/ssl23.h
deleted file mode 100644
index d3228983c7..0000000000
--- a/src/lib/libssl/ssl23.h
+++ /dev/null
@@ -1,83 +0,0 @@
-/* ssl/ssl23.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL23_H
-#define HEADER_SSL23_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*client */
-/* write to server */
-#define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
-#define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
-/* read from server */
-#define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT)
-#define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT)
-
-/* server */
-/* read from client */
-#define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT)
-#define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT)
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
deleted file mode 100644
index 7ee1feaa67..0000000000
--- a/src/lib/libssl/ssl3.h
+++ /dev/null
@@ -1,429 +0,0 @@
-/* ssl/ssl3.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL3_H
-#define HEADER_SSL3_H
-
-#ifndef NO_COMP
-#include <openssl/comp.h>
-#endif
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/ssl.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define SSL3_CK_RSA_NULL_MD5 0x03000001
-#define SSL3_CK_RSA_NULL_SHA 0x03000002
-#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
-#define SSL3_CK_RSA_RC4_128_MD5 0x03000004
-#define SSL3_CK_RSA_RC4_128_SHA 0x03000005
-#define SSL3_CK_RSA_RC2_40_MD5 0x03000006
-#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
-#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
-#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
-#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
-
-#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
-#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
-#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
-#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
-#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
-#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
-
-#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
-#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
-#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
-#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
-#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
-#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
-
-#define SSL3_CK_ADH_RC4_40_MD5 0x03000017
-#define SSL3_CK_ADH_RC4_128_MD5 0x03000018
-#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
-#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
-#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
-
-#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
-#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
-#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
-
-#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
-#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
-#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
-#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
-#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
-#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
-#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
-#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
-#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
-#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
-
-#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
-#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
-
-#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
-#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
-
-#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
-#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
-#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
-#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
-#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
-
-#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
-#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
-#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
-
-#define SSL3_SSL_SESSION_ID_LENGTH 32
-#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
-
-#define SSL3_MASTER_SECRET_SIZE 48
-#define SSL3_RANDOM_SIZE 32
-#define SSL3_SESSION_ID_SIZE 32
-#define SSL3_RT_HEADER_LENGTH 5
-
-/* Due to MS stuffing up, this can change.... */
-#if defined(WIN16) || (defined(MSDOS) && !defined(WIN32))
-#define SSL3_RT_MAX_EXTRA (14000)
-#else
-#define SSL3_RT_MAX_EXTRA (16384)
-#endif
-
-#define SSL3_RT_MAX_PLAIN_LENGTH 16384
-#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH)
-#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
-#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
-#define SSL3_RT_MAX_DATA_SIZE (1024*1024)
-
-#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
-#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
-
-#define SSL3_VERSION 0x0300
-#define SSL3_VERSION_MAJOR 0x03
-#define SSL3_VERSION_MINOR 0x00
-
-#define SSL3_RT_CHANGE_CIPHER_SPEC 20
-#define SSL3_RT_ALERT 21
-#define SSL3_RT_HANDSHAKE 22
-#define SSL3_RT_APPLICATION_DATA 23
-
-#define SSL3_AL_WARNING 1
-#define SSL3_AL_FATAL 2
-
-#define SSL3_AD_CLOSE_NOTIFY 0
-#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */
-#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */
-#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */
-#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */
-#define SSL3_AD_NO_CERTIFICATE 41
-#define SSL3_AD_BAD_CERTIFICATE 42
-#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
-#define SSL3_AD_CERTIFICATE_REVOKED 44
-#define SSL3_AD_CERTIFICATE_EXPIRED 45
-#define SSL3_AD_CERTIFICATE_UNKNOWN 46
-#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */
-
-typedef struct ssl3_record_st
- {
-/*r */ int type; /* type of record */
-/*rw*/ unsigned int length; /* How many bytes available */
-/*r */ unsigned int off; /* read/write offset into 'buf' */
-/*rw*/ unsigned char *data; /* pointer to the record data */
-/*rw*/ unsigned char *input; /* where the decode bytes are */
-/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */
- } SSL3_RECORD;
-
-typedef struct ssl3_buffer_st
- {
- unsigned char *buf; /* SSL3_RT_MAX_PACKET_SIZE bytes (more if
- * SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER is set) */
- int offset; /* where to 'copy from' */
- int left; /* how many bytes left */
- } SSL3_BUFFER;
-
-#define SSL3_CT_RSA_SIGN 1
-#define SSL3_CT_DSS_SIGN 2
-#define SSL3_CT_RSA_FIXED_DH 3
-#define SSL3_CT_DSS_FIXED_DH 4
-#define SSL3_CT_RSA_EPHEMERAL_DH 5
-#define SSL3_CT_DSS_EPHEMERAL_DH 6
-#define SSL3_CT_FORTEZZA_DMS 20
-#define SSL3_CT_NUMBER 7
-
-#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
-#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
-#define SSL3_FLAGS_POP_BUFFER 0x0004
-#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
-
-typedef struct ssl3_state_st
- {
- long flags;
- int delay_buf_pop_ret;
-
- unsigned char read_sequence[8];
- unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
- unsigned char write_sequence[8];
- unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
-
- unsigned char server_random[SSL3_RANDOM_SIZE];
- unsigned char client_random[SSL3_RANDOM_SIZE];
-
- SSL3_BUFFER rbuf; /* read IO goes into here */
- SSL3_BUFFER wbuf; /* write IO goes into here */
-
- SSL3_RECORD rrec; /* each decoded record goes in here */
- SSL3_RECORD wrec; /* goes out from here */
-
- /* storage for Alert/Handshake protocol data received but not
- * yet processed by ssl3_read_bytes: */
- unsigned char alert_fragment[2];
- unsigned int alert_fragment_len;
- unsigned char handshake_fragment[4];
- unsigned int handshake_fragment_len;
-
- /* partial write - check the numbers match */
- unsigned int wnum; /* number of bytes sent so far */
- int wpend_tot; /* number bytes written */
- int wpend_type;
- int wpend_ret; /* number of bytes submitted */
- const unsigned char *wpend_buf;
-
- /* used during startup, digest all incoming/outgoing packets */
- EVP_MD_CTX finish_dgst1;
- EVP_MD_CTX finish_dgst2;
-
- /* this is set whenerver we see a change_cipher_spec message
- * come in when we are not looking for one */
- int change_cipher_spec;
-
- int warn_alert;
- int fatal_alert;
- /* we allow one fatal and one warning alert to be outstanding,
- * send close alert via the warning alert */
- int alert_dispatch;
- unsigned char send_alert[2];
-
- /* This flag is set when we should renegotiate ASAP, basically when
- * there is no more data in the read or write buffers */
- int renegotiate;
- int total_renegotiations;
- int num_renegotiations;
-
- int in_read_app_data;
-
- struct {
- /* actually only needs to be 16+20 */
- unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
-
- /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
- unsigned char finish_md[EVP_MAX_MD_SIZE*2];
- int finish_md_len;
- unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
- int peer_finish_md_len;
-
- unsigned long message_size;
- int message_type;
-
- /* used to hold the new cipher we are going to use */
- SSL_CIPHER *new_cipher;
-#ifndef NO_DH
- DH *dh;
-#endif
- /* used when SSL_ST_FLUSH_DATA is entered */
- int next_state;
-
- int reuse_message;
-
- /* used for certificate requests */
- int cert_req;
- int ctype_num;
- char ctype[SSL3_CT_NUMBER];
- STACK_OF(X509_NAME) *ca_names;
-
- int use_rsa_tmp;
-
- int key_block_length;
- unsigned char *key_block;
-
- const EVP_CIPHER *new_sym_enc;
- const EVP_MD *new_hash;
-#ifndef NO_COMP
- const SSL_COMP *new_compression;
-#else
- char *new_compression;
-#endif
- int cert_request;
- } tmp;
-
- } SSL3_STATE;
-
-/* SSLv3 */
-/*client */
-/* extra state */
-#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
-/* write to server */
-#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
-/* read from server */
-#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
-#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
-#define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
-/* write to server */
-#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
-#define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
-#define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
-#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
-#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
-/* read from server */
-#define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
-#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
-#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
-
-/* server */
-/* extra state */
-#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
-/* read from client */
-/* Do not change the number values, they do matter */
-#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
-/* write to client */
-#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
-/* read from client */
-#define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
-/* write to client */
-#define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
-
-#define SSL3_MT_HELLO_REQUEST 0
-#define SSL3_MT_CLIENT_HELLO 1
-#define SSL3_MT_SERVER_HELLO 2
-#define SSL3_MT_CERTIFICATE 11
-#define SSL3_MT_SERVER_KEY_EXCHANGE 12
-#define SSL3_MT_CERTIFICATE_REQUEST 13
-#define SSL3_MT_SERVER_DONE 14
-#define SSL3_MT_CERTIFICATE_VERIFY 15
-#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
-#define SSL3_MT_FINISHED 20
-
-#define SSL3_MT_CCS 1
-
-/* These are used when changing over to a new cipher */
-#define SSL3_CC_READ 0x01
-#define SSL3_CC_WRITE 0x02
-#define SSL3_CC_CLIENT 0x10
-#define SSL3_CC_SERVER 0x20
-#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
-#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
-#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
-#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/lib/libssl/ssl_algs.c b/src/lib/libssl/ssl_algs.c
deleted file mode 100644
index dde8918fe0..0000000000
--- a/src/lib/libssl/ssl_algs.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* ssl/ssl_algs.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include <openssl/lhash.h>
-#include "ssl_locl.h"
-
-int SSL_library_init(void)
- {
-#ifndef NO_DES
- EVP_add_cipher(EVP_des_cbc());
- EVP_add_cipher(EVP_des_ede3_cbc());
-#endif
-#ifndef NO_IDEA
- EVP_add_cipher(EVP_idea_cbc());
-#endif
-#ifndef NO_RC4
- EVP_add_cipher(EVP_rc4());
-#endif
-#ifndef NO_RC2
- EVP_add_cipher(EVP_rc2_cbc());
-#endif
-
-#ifndef NO_MD2
- EVP_add_digest(EVP_md2());
-#endif
-#ifndef NO_MD5
- EVP_add_digest(EVP_md5());
- EVP_add_digest_alias(SN_md5,"ssl2-md5");
- EVP_add_digest_alias(SN_md5,"ssl3-md5");
-#endif
-#ifndef NO_SHA
- EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
- EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
- EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
-#endif
-#if !defined(NO_SHA) && !defined(NO_DSA)
- EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
- EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
- EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
- EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
-#endif
-
- /* If you want support for phased out ciphers, add the following */
-#if 0
- EVP_add_digest(EVP_sha());
- EVP_add_digest(EVP_dss());
-#endif
- return(1);
- }
-
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
deleted file mode 100644
index fa6456e4f5..0000000000
--- a/src/lib/libssl/ssl_asn1.c
+++ /dev/null
@@ -1,349 +0,0 @@
-/* ssl/ssl_asn1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include "ssl_locl.h"
-
-typedef struct ssl_session_asn1_st
- {
- ASN1_INTEGER version;
- ASN1_INTEGER ssl_version;
- ASN1_OCTET_STRING cipher;
- ASN1_OCTET_STRING master_key;
- ASN1_OCTET_STRING session_id;
- ASN1_OCTET_STRING session_id_context;
- ASN1_OCTET_STRING key_arg;
- ASN1_INTEGER time;
- ASN1_INTEGER timeout;
- ASN1_INTEGER verify_result;
- } SSL_SESSION_ASN1;
-
-int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
- {
-#define LSIZE2 (sizeof(long)*2)
- int v1=0,v2=0,v3=0,v4=0,v5=0;
- unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2];
- unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2],ibuf5[LSIZE2];
- long l;
- SSL_SESSION_ASN1 a;
- M_ASN1_I2D_vars(in);
-
- if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
- return(0);
-
- /* Note that I cheat in the following 2 assignments. I know
- * that if the ASN1_INTEGER passed to ASN1_INTEGER_set
- * is > sizeof(long)+1, the buffer will not be re-OPENSSL_malloc()ed.
- * This is a bit evil but makes things simple, no dynamic allocation
- * to clean up :-) */
- a.version.length=LSIZE2;
- a.version.type=V_ASN1_INTEGER;
- a.version.data=ibuf1;
- ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION);
-
- a.ssl_version.length=LSIZE2;
- a.ssl_version.type=V_ASN1_INTEGER;
- a.ssl_version.data=ibuf2;
- ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version);
-
- a.cipher.type=V_ASN1_OCTET_STRING;
- a.cipher.data=buf;
-
- if (in->cipher == NULL)
- l=in->cipher_id;
- else
- l=in->cipher->id;
- if (in->ssl_version == SSL2_VERSION)
- {
- a.cipher.length=3;
- buf[0]=((unsigned char)(l>>16L))&0xff;
- buf[1]=((unsigned char)(l>> 8L))&0xff;
- buf[2]=((unsigned char)(l ))&0xff;
- }
- else
- {
- a.cipher.length=2;
- buf[0]=((unsigned char)(l>>8L))&0xff;
- buf[1]=((unsigned char)(l ))&0xff;
- }
-
- a.master_key.length=in->master_key_length;
- a.master_key.type=V_ASN1_OCTET_STRING;
- a.master_key.data=in->master_key;
-
- a.session_id.length=in->session_id_length;
- a.session_id.type=V_ASN1_OCTET_STRING;
- a.session_id.data=in->session_id;
-
- a.session_id_context.length=in->sid_ctx_length;
- a.session_id_context.type=V_ASN1_OCTET_STRING;
- a.session_id_context.data=in->sid_ctx;
-
- a.key_arg.length=in->key_arg_length;
- a.key_arg.type=V_ASN1_OCTET_STRING;
- a.key_arg.data=in->key_arg;
-
- if (in->time != 0L)
- {
- a.time.length=LSIZE2;
- a.time.type=V_ASN1_INTEGER;
- a.time.data=ibuf3;
- ASN1_INTEGER_set(&(a.time),in->time);
- }
-
- if (in->timeout != 0L)
- {
- a.timeout.length=LSIZE2;
- a.timeout.type=V_ASN1_INTEGER;
- a.timeout.data=ibuf4;
- ASN1_INTEGER_set(&(a.timeout),in->timeout);
- }
-
- if (in->verify_result != X509_V_OK)
- {
- a.verify_result.length=LSIZE2;
- a.verify_result.type=V_ASN1_INTEGER;
- a.verify_result.data=ibuf5;
- ASN1_INTEGER_set(&a.verify_result,in->verify_result);
- }
-
- M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_len(&(a.session_id), i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_len(&(a.master_key), i2d_ASN1_OCTET_STRING);
- if (in->key_arg_length > 0)
- M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING);
- if (in->time != 0L)
- M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
- if (in->timeout != 0L)
- M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
- if (in->peer != NULL)
- M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3);
- M_ASN1_I2D_len_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,v4);
- if (in->verify_result != X509_V_OK)
- M_ASN1_I2D_len_EXP_opt(&(a.verify_result),i2d_ASN1_INTEGER,5,v5);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(&(a.ssl_version), i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(&(a.cipher), i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_put(&(a.session_id), i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_put(&(a.master_key), i2d_ASN1_OCTET_STRING);
- if (in->key_arg_length > 0)
- M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0);
- if (in->time != 0L)
- M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
- if (in->timeout != 0L)
- M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
- if (in->peer != NULL)
- M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3);
- M_ASN1_I2D_put_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,
- v4);
- if (in->verify_result != X509_V_OK)
- M_ASN1_I2D_put_EXP_opt(&a.verify_result,i2d_ASN1_INTEGER,5,v5);
- M_ASN1_I2D_finish();
- }
-
-SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
- long length)
- {
- int version,ssl_version=0,i;
- long id;
- ASN1_INTEGER ai,*aip;
- ASN1_OCTET_STRING os,*osp;
- M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new);
-
- aip= &ai;
- osp= &os;
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
-
- ai.data=NULL; ai.length=0;
- M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
- version=(int)ASN1_INTEGER_get(aip);
- if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
-
- /* we don't care about the version right now :-) */
- M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
- ssl_version=(int)ASN1_INTEGER_get(aip);
- ret->ssl_version=ssl_version;
- if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
-
- os.data=NULL; os.length=0;
- M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
- if (ssl_version == SSL2_VERSION)
- {
- if (os.length != 3)
- {
- c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
- goto err;
- }
- id=0x02000000L|
- ((unsigned long)os.data[0]<<16L)|
- ((unsigned long)os.data[1]<< 8L)|
- (unsigned long)os.data[2];
- }
- else if ((ssl_version>>8) == 3)
- {
- if (os.length != 2)
- {
- c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
- goto err;
- }
- id=0x03000000L|
- ((unsigned long)os.data[0]<<8L)|
- (unsigned long)os.data[1];
- }
- else
- {
- SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
- return(NULL);
- }
-
- ret->cipher=NULL;
- ret->cipher_id=id;
-
- M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
- if ((ssl_version>>8) == SSL3_VERSION)
- i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
- else /* if (ssl_version == SSL2_VERSION) */
- i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
-
- if (os.length > i)
- os.length=i;
-
- ret->session_id_length=os.length;
- memcpy(ret->session_id,os.data,os.length);
-
- M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
- if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH)
- ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
- else
- ret->master_key_length=os.length;
- memcpy(ret->master_key,os.data,ret->master_key_length);
-
- os.length=0;
- M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING);
- if (os.length > SSL_MAX_KEY_ARG_LENGTH)
- ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH;
- else
- ret->key_arg_length=os.length;
- memcpy(ret->key_arg,os.data,ret->key_arg_length);
- if (os.data != NULL) OPENSSL_free(os.data);
-
- ai.length=0;
- M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1);
- if (ai.data != NULL)
- {
- ret->time=ASN1_INTEGER_get(aip);
- OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
- }
- else
- ret->time=time(NULL);
-
- ai.length=0;
- M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
- if (ai.data != NULL)
- {
- ret->timeout=ASN1_INTEGER_get(aip);
- OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
- }
- else
- ret->timeout=3;
-
- if (ret->peer != NULL)
- {
- X509_free(ret->peer);
- ret->peer=NULL;
- }
- M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3);
-
- os.length=0;
- os.data=NULL;
- M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,4);
-
- if(os.data != NULL)
- {
- if (os.length > SSL_MAX_SID_CTX_LENGTH)
- SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH);
- ret->sid_ctx_length=os.length;
- memcpy(ret->sid_ctx,os.data,os.length);
- OPENSSL_free(os.data); os.data=NULL; os.length=0;
- }
- else
- ret->sid_ctx_length=0;
-
- ai.length=0;
- M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,5);
- if (ai.data != NULL)
- {
- ret->verify_result=ASN1_INTEGER_get(aip);
- OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
- }
- else
- ret->verify_result=X509_V_OK;
-
- M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
- }
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
deleted file mode 100644
index 27e7fcc60a..0000000000
--- a/src/lib/libssl/ssl_cert.c
+++ /dev/null
@@ -1,757 +0,0 @@
-/*! \file ssl/ssl_cert.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdio.h>
-
-#include "openssl/e_os.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#if !defined(WIN32) && !defined(VSM) && !defined(NeXT) && !defined(MAC_OS_pre_X)
-#include <dirent.h>
-#endif
-
-#ifdef NeXT
-#include <sys/dir.h>
-#define dirent direct
-#endif
-
-#include <openssl/objects.h>
-#include <openssl/bio.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include "ssl_locl.h"
-
-int SSL_get_ex_data_X509_STORE_CTX_idx(void)
- {
- static int ssl_x509_store_ctx_idx= -1;
-
- if (ssl_x509_store_ctx_idx < 0)
- {
- ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index(
- 0,"SSL for verify callback",NULL,NULL,NULL);
- }
- return(ssl_x509_store_ctx_idx);
- }
-
-CERT *ssl_cert_new(void)
- {
- CERT *ret;
-
- ret=(CERT *)OPENSSL_malloc(sizeof(CERT));
- if (ret == NULL)
- {
- SSLerr(SSL_F_SSL_CERT_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- memset(ret,0,sizeof(CERT));
-
- ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]);
- ret->references=1;
-
- return(ret);
- }
-
-CERT *ssl_cert_dup(CERT *cert)
- {
- CERT *ret;
- int i;
-
- ret = (CERT *)OPENSSL_malloc(sizeof(CERT));
- if (ret == NULL)
- {
- SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
-
- memset(ret, 0, sizeof(CERT));
-
- ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
- /* or ret->key = ret->pkeys + (cert->key - cert->pkeys),
- * if you find that more readable */
-
- ret->valid = cert->valid;
- ret->mask = cert->mask;
- ret->export_mask = cert->export_mask;
-
-#ifndef NO_RSA
- if (cert->rsa_tmp != NULL)
- {
- ret->rsa_tmp = cert->rsa_tmp;
- CRYPTO_add(&ret->rsa_tmp->references, 1, CRYPTO_LOCK_RSA);
- }
- ret->rsa_tmp_cb = cert->rsa_tmp_cb;
-#endif
-
-#ifndef NO_DH
- if (cert->dh_tmp != NULL)
- {
- /* DH parameters don't have a reference count */
- ret->dh_tmp = DHparams_dup(cert->dh_tmp);
- if (ret->dh_tmp == NULL)
- {
- SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB);
- goto err;
- }
- if (cert->dh_tmp->priv_key)
- {
- BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
- if (!b)
- {
- SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
- goto err;
- }
- ret->dh_tmp->priv_key = b;
- }
- if (cert->dh_tmp->pub_key)
- {
- BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
- if (!b)
- {
- SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
- goto err;
- }
- ret->dh_tmp->pub_key = b;
- }
- }
- ret->dh_tmp_cb = cert->dh_tmp_cb;
-#endif
-
- for (i = 0; i < SSL_PKEY_NUM; i++)
- {
- if (cert->pkeys[i].x509 != NULL)
- {
- ret->pkeys[i].x509 = cert->pkeys[i].x509;
- CRYPTO_add(&ret->pkeys[i].x509->references, 1,
- CRYPTO_LOCK_X509);
- }
-
- if (cert->pkeys[i].privatekey != NULL)
- {
- ret->pkeys[i].privatekey = cert->pkeys[i].privatekey;
- CRYPTO_add(&ret->pkeys[i].privatekey->references, 1,
- CRYPTO_LOCK_EVP_PKEY);
-
- switch(i)
- {
- /* If there was anything special to do for
- * certain types of keys, we'd do it here.
- * (Nothing at the moment, I think.) */
-
- case SSL_PKEY_RSA_ENC:
- case SSL_PKEY_RSA_SIGN:
- /* We have an RSA key. */
- break;
-
- case SSL_PKEY_DSA_SIGN:
- /* We have a DSA key. */
- break;
-
- case SSL_PKEY_DH_RSA:
- case SSL_PKEY_DH_DSA:
- /* We have a DH key. */
- break;
-
- default:
- /* Can't happen. */
- SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG);
- }
- }
- }
-
- /* ret->extra_certs *should* exist, but currently the own certificate
- * chain is held inside SSL_CTX */
-
- ret->references=1;
-
- return(ret);
-
-#ifndef NO_DH /* avoid 'unreferenced label' warning if NO_DH is defined */
-err:
-#endif
-#ifndef NO_RSA
- if (ret->rsa_tmp != NULL)
- RSA_free(ret->rsa_tmp);
-#endif
-#ifndef NO_DH
- if (ret->dh_tmp != NULL)
- DH_free(ret->dh_tmp);
-#endif
-
- for (i = 0; i < SSL_PKEY_NUM; i++)
- {
- if (ret->pkeys[i].x509 != NULL)
- X509_free(ret->pkeys[i].x509);
- if (ret->pkeys[i].privatekey != NULL)
- EVP_PKEY_free(ret->pkeys[i].privatekey);
- }
-
- return NULL;
- }
-
-
-void ssl_cert_free(CERT *c)
- {
- int i;
-
- if(c == NULL)
- return;
-
- i=CRYPTO_add(&c->references,-1,CRYPTO_LOCK_SSL_CERT);
-#ifdef REF_PRINT
- REF_PRINT("CERT",c);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"ssl_cert_free, bad reference count\n");
- abort(); /* ok */
- }
-#endif
-
-#ifndef NO_RSA
- if (c->rsa_tmp) RSA_free(c->rsa_tmp);
-#endif
-#ifndef NO_DH
- if (c->dh_tmp) DH_free(c->dh_tmp);
-#endif
-
- for (i=0; i<SSL_PKEY_NUM; i++)
- {
- if (c->pkeys[i].x509 != NULL)
- X509_free(c->pkeys[i].x509);
- if (c->pkeys[i].privatekey != NULL)
- EVP_PKEY_free(c->pkeys[i].privatekey);
-#if 0
- if (c->pkeys[i].publickey != NULL)
- EVP_PKEY_free(c->pkeys[i].publickey);
-#endif
- }
- OPENSSL_free(c);
- }
-
-int ssl_cert_inst(CERT **o)
- {
- /* Create a CERT if there isn't already one
- * (which cannot really happen, as it is initially created in
- * SSL_CTX_new; but the earlier code usually allows for that one
- * being non-existant, so we follow that behaviour, as it might
- * turn out that there actually is a reason for it -- but I'm
- * not sure that *all* of the existing code could cope with
- * s->cert being NULL, otherwise we could do without the
- * initialization in SSL_CTX_new).
- */
-
- if (o == NULL)
- {
- SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
- if (*o == NULL)
- {
- if ((*o = ssl_cert_new()) == NULL)
- {
- SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);
- return(0);
- }
- }
- return(1);
- }
-
-
-SESS_CERT *ssl_sess_cert_new(void)
- {
- SESS_CERT *ret;
-
- ret = OPENSSL_malloc(sizeof *ret);
- if (ret == NULL)
- {
- SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- memset(ret, 0 ,sizeof *ret);
- ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
- ret->references = 1;
-
- return ret;
- }
-
-void ssl_sess_cert_free(SESS_CERT *sc)
- {
- int i;
-
- if (sc == NULL)
- return;
-
- i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT);
-#ifdef REF_PRINT
- REF_PRINT("SESS_CERT", sc);
-#endif
- if (i > 0)
- return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"ssl_sess_cert_free, bad reference count\n");
- abort(); /* ok */
- }
-#endif
-
- /* i == 0 */
- if (sc->cert_chain != NULL)
- sk_X509_pop_free(sc->cert_chain, X509_free);
- for (i = 0; i < SSL_PKEY_NUM; i++)
- {
- if (sc->peer_pkeys[i].x509 != NULL)
- X509_free(sc->peer_pkeys[i].x509);
-#if 0 /* We don't have the peer's private key. These lines are just
- * here as a reminder that we're still using a not-quite-appropriate
- * data structure. */
- if (sc->peer_pkeys[i].privatekey != NULL)
- EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
-#endif
- }
-
-#ifndef NO_RSA
- if (sc->peer_rsa_tmp != NULL)
- RSA_free(sc->peer_rsa_tmp);
-#endif
-#ifndef NO_DH
- if (sc->peer_dh_tmp != NULL)
- DH_free(sc->peer_dh_tmp);
-#endif
-
- OPENSSL_free(sc);
- }
-
-int ssl_set_peer_cert_type(SESS_CERT *sc,int type)
- {
- sc->peer_cert_type = type;
- return(1);
- }
-
-int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk)
- {
- X509 *x;
- int i;
- X509_STORE_CTX ctx;
-
- if ((sk == NULL) || (sk_X509_num(sk) == 0))
- return(0);
-
- x=sk_X509_value(sk,0);
- X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk);
- if (SSL_get_verify_depth(s) >= 0)
- X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s));
- X509_STORE_CTX_set_ex_data(&ctx,SSL_get_ex_data_X509_STORE_CTX_idx(),s);
- /* We need to set the verify purpose. The purpose can be determined by
- * the context: if its a server it will verify SSL client certificates
- * or vice versa.
- */
-
- if(s->server) i = X509_PURPOSE_SSL_CLIENT;
- else i = X509_PURPOSE_SSL_SERVER;
-
- X509_STORE_CTX_purpose_inherit(&ctx, i, s->purpose, s->trust);
-
- if (s->ctx->app_verify_callback != NULL)
- i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
- else
- {
-#ifndef NO_X509_VERIFY
- i=X509_verify_cert(&ctx);
-#else
- i=0;
- ctx.error=X509_V_ERR_APPLICATION_VERIFICATION;
- SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,SSL_R_NO_VERIFY_CALLBACK);
-#endif
- }
-
- s->verify_result=ctx.error;
- X509_STORE_CTX_cleanup(&ctx);
-
- return(i);
- }
-
-static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,STACK_OF(X509_NAME) *list)
- {
- if (*ca_list != NULL)
- sk_X509_NAME_pop_free(*ca_list,X509_NAME_free);
-
- *ca_list=list;
- }
-
-STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk)
- {
- int i;
- STACK_OF(X509_NAME) *ret;
- X509_NAME *name;
-
- ret=sk_X509_NAME_new_null();
- for (i=0; i<sk_X509_NAME_num(sk); i++)
- {
- name=X509_NAME_dup(sk_X509_NAME_value(sk,i));
- if ((name == NULL) || !sk_X509_NAME_push(ret,name))
- {
- sk_X509_NAME_pop_free(ret,X509_NAME_free);
- return(NULL);
- }
- }
- return(ret);
- }
-
-void SSL_set_client_CA_list(SSL *s,STACK_OF(X509_NAME) *list)
- {
- set_client_CA_list(&(s->client_CA),list);
- }
-
-void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *list)
- {
- set_client_CA_list(&(ctx->client_CA),list);
- }
-
-STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx)
- {
- return(ctx->client_CA);
- }
-
-STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s)
- {
- if (s->type == SSL_ST_CONNECT)
- { /* we are in the client */
- if (((s->version>>8) == SSL3_VERSION_MAJOR) &&
- (s->s3 != NULL))
- return(s->s3->tmp.ca_names);
- else
- return(NULL);
- }
- else
- {
- if (s->client_CA != NULL)
- return(s->client_CA);
- else
- return(s->ctx->client_CA);
- }
- }
-
-static int add_client_CA(STACK_OF(X509_NAME) **sk,X509 *x)
- {
- X509_NAME *name;
-
- if (x == NULL) return(0);
- if ((*sk == NULL) && ((*sk=sk_X509_NAME_new_null()) == NULL))
- return(0);
-
- if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL)
- return(0);
-
- if (!sk_X509_NAME_push(*sk,name))
- {
- X509_NAME_free(name);
- return(0);
- }
- return(1);
- }
-
-int SSL_add_client_CA(SSL *ssl,X509 *x)
- {
- return(add_client_CA(&(ssl->client_CA),x));
- }
-
-int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x)
- {
- return(add_client_CA(&(ctx->client_CA),x));
- }
-
-static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
- {
- return(X509_NAME_cmp(*a,*b));
- }
-
-#ifndef NO_STDIO
-/*!
- * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
- * it doesn't really have anything to do with clients (except that a common use
- * for a stack of CAs is to send it to the client). Actually, it doesn't have
- * much to do with CAs, either, since it will load any old cert.
- * \param file the file containing one or more certs.
- * \return a ::STACK containing the certs.
- */
-STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
- {
- BIO *in;
- X509 *x=NULL;
- X509_NAME *xn=NULL;
- STACK_OF(X509_NAME) *ret,*sk;
-
- ret=sk_X509_NAME_new_null();
- sk=sk_X509_NAME_new(xname_cmp);
-
- in=BIO_new(BIO_s_file_internal());
-
- if ((ret == NULL) || (sk == NULL) || (in == NULL))
- {
- SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (!BIO_read_filename(in,file))
- goto err;
-
- for (;;)
- {
- if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
- break;
- if ((xn=X509_get_subject_name(x)) == NULL) goto err;
- /* check for duplicates */
- xn=X509_NAME_dup(xn);
- if (xn == NULL) goto err;
- if (sk_X509_NAME_find(sk,xn) >= 0)
- X509_NAME_free(xn);
- else
- {
- sk_X509_NAME_push(sk,xn);
- sk_X509_NAME_push(ret,xn);
- }
- }
-
- if (0)
- {
-err:
- if (ret != NULL) sk_X509_NAME_pop_free(ret,X509_NAME_free);
- ret=NULL;
- }
- if (sk != NULL) sk_X509_NAME_free(sk);
- if (in != NULL) BIO_free(in);
- if (x != NULL) X509_free(x);
- return(ret);
- }
-#endif
-
-/*!
- * Add a file of certs to a stack.
- * \param stack the stack to add to.
- * \param file the file to add from. All certs in this file that are not
- * already in the stack will be added.
- * \return 1 for success, 0 for failure. Note that in the case of failure some
- * certs may have been added to \c stack.
- */
-
-int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
- const char *file)
- {
- BIO *in;
- X509 *x=NULL;
- X509_NAME *xn=NULL;
- int ret=1;
- int (*oldcmp)(const X509_NAME * const *a, const X509_NAME * const *b);
-
- oldcmp=sk_X509_NAME_set_cmp_func(stack,xname_cmp);
-
- in=BIO_new(BIO_s_file_internal());
-
- if (in == NULL)
- {
- SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (!BIO_read_filename(in,file))
- goto err;
-
- for (;;)
- {
- if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
- break;
- if ((xn=X509_get_subject_name(x)) == NULL) goto err;
- xn=X509_NAME_dup(xn);
- if (xn == NULL) goto err;
- if (sk_X509_NAME_find(stack,xn) >= 0)
- X509_NAME_free(xn);
- else
- sk_X509_NAME_push(stack,xn);
- }
-
- if (0)
- {
-err:
- ret=0;
- }
- if(in != NULL)
- BIO_free(in);
- if(x != NULL)
- X509_free(x);
-
- sk_X509_NAME_set_cmp_func(stack,oldcmp);
-
- return ret;
- }
-
-/*!
- * Add a directory of certs to a stack.
- * \param stack the stack to append to.
- * \param dir the directory to append from. All files in this directory will be
- * examined as potential certs. Any that are acceptable to
- * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will be
- * included.
- * \return 1 for success, 0 for failure. Note that in the case of failure some
- * certs may have been added to \c stack.
- */
-
-#ifndef WIN32
-#ifndef VMS /* XXXX This may be fixed in the future */
-#ifndef MAC_OS_pre_X
-
-int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
- const char *dir)
- {
- DIR *d;
- struct dirent *dstruct;
- int ret = 0;
-
- CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
- d = opendir(dir);
-
- /* Note that a side effect is that the CAs will be sorted by name */
- if(!d)
- {
- SYSerr(SYS_F_OPENDIR, get_last_sys_error());
- ERR_add_error_data(3, "opendir('", dir, "')");
- SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
- goto err;
- }
-
- while((dstruct=readdir(d)))
- {
- char buf[1024];
- int r;
-
- if(strlen(dir)+strlen(dstruct->d_name)+2 > sizeof buf)
- {
- SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
- goto err;
- }
-
- r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,dstruct->d_name);
- if (r <= 0 || r >= sizeof buf)
- goto err;
- if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
- goto err;
- }
- ret = 1;
-
-err:
- CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
- return ret;
- }
-
-#endif
-#endif
-#endif
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
deleted file mode 100644
index f63163f26c..0000000000
--- a/src/lib/libssl/ssl_ciph.c
+++ /dev/null
@@ -1,1071 +0,0 @@
-/* ssl/ssl_ciph.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-#include "ssl_locl.h"
-
-#define SSL_ENC_DES_IDX 0
-#define SSL_ENC_3DES_IDX 1
-#define SSL_ENC_RC4_IDX 2
-#define SSL_ENC_RC2_IDX 3
-#define SSL_ENC_IDEA_IDX 4
-#define SSL_ENC_eFZA_IDX 5
-#define SSL_ENC_NULL_IDX 6
-#define SSL_ENC_NUM_IDX 7
-
-static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
- NULL,NULL,NULL,NULL,NULL,NULL,
- };
-
-static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
-
-#define SSL_MD_MD5_IDX 0
-#define SSL_MD_SHA1_IDX 1
-#define SSL_MD_NUM_IDX 2
-static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
- NULL,NULL,
- };
-
-#define CIPHER_ADD 1
-#define CIPHER_KILL 2
-#define CIPHER_DEL 3
-#define CIPHER_ORD 4
-#define CIPHER_SPECIAL 5
-
-typedef struct cipher_order_st
- {
- SSL_CIPHER *cipher;
- int active;
- int dead;
- struct cipher_order_st *next,*prev;
- } CIPHER_ORDER;
-
-static const SSL_CIPHER cipher_aliases[]={
- /* Don't include eNULL unless specifically enabled */
- {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */
- {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0},
- {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0},
- {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0},
- {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,0,0,0,SSL_MKEY_MASK,0},
- {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,0,0,0,SSL_MKEY_MASK,0},
- {0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0},
- {0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0},
-
- {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0},
- {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0},
- {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,0,0,0,SSL_AUTH_MASK,0},
- {0,SSL_TXT_aNULL,0,SSL_aNULL,0,0,0,0,SSL_AUTH_MASK,0},
- {0,SSL_TXT_aDH, 0,SSL_aDH, 0,0,0,0,SSL_AUTH_MASK,0},
- {0,SSL_TXT_DSS, 0,SSL_DSS, 0,0,0,0,SSL_AUTH_MASK,0},
-
- {0,SSL_TXT_DES, 0,SSL_DES, 0,0,0,0,SSL_ENC_MASK,0},
- {0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0},
- {0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0},
- {0,SSL_TXT_RC2, 0,SSL_RC2, 0,0,0,0,SSL_ENC_MASK,0},
- {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
- {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
- {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
-
- {0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0},
- {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0},
- {0,SSL_TXT_SHA, 0,SSL_SHA, 0,0,0,0,SSL_MAC_MASK,0},
-
- {0,SSL_TXT_NULL,0,SSL_NULL, 0,0,0,0,SSL_ENC_MASK,0},
- {0,SSL_TXT_RSA, 0,SSL_RSA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
- {0,SSL_TXT_ADH, 0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
- {0,SSL_TXT_FZA, 0,SSL_FZA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0},
-
- {0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,0,0,0,SSL_SSL_MASK,0},
- {0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,0,0,0,SSL_SSL_MASK,0},
- {0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,0,0,0,SSL_SSL_MASK,0},
-
- {0,SSL_TXT_EXP ,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
- {0,SSL_TXT_EXPORT,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
- {0,SSL_TXT_EXP40, 0, 0, SSL_EXP40, 0,0,0,0,SSL_STRONG_MASK},
- {0,SSL_TXT_EXP56, 0, 0, SSL_EXP56, 0,0,0,0,SSL_STRONG_MASK},
- {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK},
- {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK},
- {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK},
- };
-
-static int init_ciphers=1;
-
-static void load_ciphers(void)
- {
- init_ciphers=0;
- ssl_cipher_methods[SSL_ENC_DES_IDX]=
- EVP_get_cipherbyname(SN_des_cbc);
- ssl_cipher_methods[SSL_ENC_3DES_IDX]=
- EVP_get_cipherbyname(SN_des_ede3_cbc);
- ssl_cipher_methods[SSL_ENC_RC4_IDX]=
- EVP_get_cipherbyname(SN_rc4);
- ssl_cipher_methods[SSL_ENC_RC2_IDX]=
- EVP_get_cipherbyname(SN_rc2_cbc);
- ssl_cipher_methods[SSL_ENC_IDEA_IDX]=
- EVP_get_cipherbyname(SN_idea_cbc);
-
- ssl_digest_methods[SSL_MD_MD5_IDX]=
- EVP_get_digestbyname(SN_md5);
- ssl_digest_methods[SSL_MD_SHA1_IDX]=
- EVP_get_digestbyname(SN_sha1);
- }
-
-int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
- const EVP_MD **md, SSL_COMP **comp)
- {
- int i;
- SSL_CIPHER *c;
-
- c=s->cipher;
- if (c == NULL) return(0);
- if (comp != NULL)
- {
- SSL_COMP ctmp;
-
- if (s->compress_meth == 0)
- *comp=NULL;
- else if (ssl_comp_methods == NULL)
- {
- /* bad */
- *comp=NULL;
- }
- else
- {
-
- ctmp.id=s->compress_meth;
- i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
- if (i >= 0)
- *comp=sk_SSL_COMP_value(ssl_comp_methods,i);
- else
- *comp=NULL;
- }
- }
-
- if ((enc == NULL) || (md == NULL)) return(0);
-
- switch (c->algorithms & SSL_ENC_MASK)
- {
- case SSL_DES:
- i=SSL_ENC_DES_IDX;
- break;
- case SSL_3DES:
- i=SSL_ENC_3DES_IDX;
- break;
- case SSL_RC4:
- i=SSL_ENC_RC4_IDX;
- break;
- case SSL_RC2:
- i=SSL_ENC_RC2_IDX;
- break;
- case SSL_IDEA:
- i=SSL_ENC_IDEA_IDX;
- break;
- case SSL_eNULL:
- i=SSL_ENC_NULL_IDX;
- break;
- default:
- i= -1;
- break;
- }
-
- if ((i < 0) || (i > SSL_ENC_NUM_IDX))
- *enc=NULL;
- else
- {
- if (i == SSL_ENC_NULL_IDX)
- *enc=EVP_enc_null();
- else
- *enc=ssl_cipher_methods[i];
- }
-
- switch (c->algorithms & SSL_MAC_MASK)
- {
- case SSL_MD5:
- i=SSL_MD_MD5_IDX;
- break;
- case SSL_SHA1:
- i=SSL_MD_SHA1_IDX;
- break;
- default:
- i= -1;
- break;
- }
- if ((i < 0) || (i > SSL_MD_NUM_IDX))
- *md=NULL;
- else
- *md=ssl_digest_methods[i];
-
- if ((*enc != NULL) && (*md != NULL))
- return(1);
- else
- return(0);
- }
-
-#define ITEM_SEP(a) \
- (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
-
-static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
- CIPHER_ORDER **tail)
- {
- if (curr == *tail) return;
- if (curr == *head)
- *head=curr->next;
- if (curr->prev != NULL)
- curr->prev->next=curr->next;
- if (curr->next != NULL) /* should always be true */
- curr->next->prev=curr->prev;
- (*tail)->next=curr;
- curr->prev= *tail;
- curr->next=NULL;
- *tail=curr;
- }
-
-static unsigned long ssl_cipher_get_disabled(void)
- {
- unsigned long mask;
-
- mask = SSL_kFZA;
-#ifdef NO_RSA
- mask |= SSL_aRSA|SSL_kRSA;
-#endif
-#ifdef NO_DSA
- mask |= SSL_aDSS;
-#endif
-#ifdef NO_DH
- mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
-#endif
-
-#ifdef SSL_FORBID_ENULL
- mask |= SSL_eNULL;
-#endif
-
- mask |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0;
- mask |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0;
- mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0;
- mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
- mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
- mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
-
- mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
- mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
-
- return(mask);
- }
-
-static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
- int num_of_ciphers, unsigned long mask, CIPHER_ORDER *list,
- CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
- {
- int i, list_num;
- SSL_CIPHER *c;
-
- /*
- * We have num_of_ciphers descriptions compiled in, depending on the
- * method selected (SSLv2 and/or SSLv3, TLSv1 etc).
- * These will later be sorted in a linked list with at most num
- * entries.
- */
-
- /* Get the initial list of ciphers */
- list_num = 0; /* actual count of ciphers */
- for (i = 0; i < num_of_ciphers; i++)
- {
- c = ssl_method->get_cipher(i);
- /* drop those that use any of that is not available */
- if ((c != NULL) && c->valid && !(c->algorithms & mask))
- {
- list[list_num].cipher = c;
- list[list_num].next = NULL;
- list[list_num].prev = NULL;
- list[list_num].active = 0;
- list_num++;
- /*
- if (!sk_push(ca_list,(char *)c)) goto err;
- */
- }
- }
-
- /*
- * Prepare linked list from list entries
- */
- for (i = 1; i < list_num - 1; i++)
- {
- list[i].prev = &(list[i-1]);
- list[i].next = &(list[i+1]);
- }
- if (list_num > 0)
- {
- (*head_p) = &(list[0]);
- (*head_p)->prev = NULL;
- (*head_p)->next = &(list[1]);
- (*tail_p) = &(list[list_num - 1]);
- (*tail_p)->prev = &(list[list_num - 2]);
- (*tail_p)->next = NULL;
- }
- }
-
-static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
- int num_of_group_aliases, unsigned long mask,
- CIPHER_ORDER *head)
- {
- CIPHER_ORDER *ciph_curr;
- SSL_CIPHER **ca_curr;
- int i;
-
- /*
- * First, add the real ciphers as already collected
- */
- ciph_curr = head;
- ca_curr = ca_list;
- while (ciph_curr != NULL)
- {
- *ca_curr = ciph_curr->cipher;
- ca_curr++;
- ciph_curr = ciph_curr->next;
- }
-
- /*
- * Now we add the available ones from the cipher_aliases[] table.
- * They represent either an algorithm, that must be fully
- * supported (not match any bit in mask) or represent a cipher
- * strength value (will be added in any case because algorithms=0).
- */
- for (i = 0; i < num_of_group_aliases; i++)
- {
- if ((i == 0) || /* always fetch "ALL" */
- !(cipher_aliases[i].algorithms & mask))
- {
- *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
- ca_curr++;
- }
- }
-
- *ca_curr = NULL; /* end of list */
- }
-
-static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask,
- unsigned long algo_strength, unsigned long mask_strength,
- int rule, int strength_bits, CIPHER_ORDER *list,
- CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
- {
- CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2;
- SSL_CIPHER *cp;
- unsigned long ma, ma_s;
-
-#ifdef CIPHER_DEBUG
- printf("Applying rule %d with %08lx %08lx %08lx %08lx (%d)\n",
- rule, algorithms, mask, algo_strength, mask_strength,
- strength_bits);
-#endif
-
- curr = head = *head_p;
- curr2 = head;
- tail2 = tail = *tail_p;
- for (;;)
- {
- if ((curr == NULL) || (curr == tail2)) break;
- curr = curr2;
- curr2 = curr->next;
-
- cp = curr->cipher;
-
- /*
- * Selection criteria is either the number of strength_bits
- * or the algorithm used.
- */
- if (strength_bits == -1)
- {
- ma = mask & cp->algorithms;
- ma_s = mask_strength & cp->algo_strength;
-
-#ifdef CIPHER_DEBUG
- printf("\nName: %s:\nAlgo = %08lx Algo_strength = %08lx\nMask = %08lx Mask_strength %08lx\n", cp->name, cp->algorithms, cp->algo_strength, mask, mask_strength);
- printf("ma = %08lx ma_s %08lx, ma&algo=%08lx, ma_s&algos=%08lx\n", ma, ma_s, ma&algorithms, ma_s&algo_strength);
-#endif
- /*
- * Select: if none of the mask bit was met from the
- * cipher or not all of the bits were met, the
- * selection does not apply.
- */
- if (((ma == 0) && (ma_s == 0)) ||
- ((ma & algorithms) != ma) ||
- ((ma_s & algo_strength) != ma_s))
- continue; /* does not apply */
- }
- else if (strength_bits != cp->strength_bits)
- continue; /* does not apply */
-
-#ifdef CIPHER_DEBUG
- printf("Action = %d\n", rule);
-#endif
-
- /* add the cipher if it has not been added yet. */
- if (rule == CIPHER_ADD)
- {
- if (!curr->active)
- {
- ll_append_tail(&head, curr, &tail);
- curr->active = 1;
- }
- }
- /* Move the added cipher to this location */
- else if (rule == CIPHER_ORD)
- {
- if (curr->active)
- {
- ll_append_tail(&head, curr, &tail);
- }
- }
- else if (rule == CIPHER_DEL)
- curr->active = 0;
- else if (rule == CIPHER_KILL)
- {
- if (head == curr)
- head = curr->next;
- else
- curr->prev->next = curr->next;
- if (tail == curr)
- tail = curr->prev;
- curr->active = 0;
- if (curr->next != NULL)
- curr->next->prev = curr->prev;
- if (curr->prev != NULL)
- curr->prev->next = curr->next;
- curr->next = NULL;
- curr->prev = NULL;
- }
- }
-
- *head_p = head;
- *tail_p = tail;
- }
-
-static int ssl_cipher_strength_sort(CIPHER_ORDER *list, CIPHER_ORDER **head_p,
- CIPHER_ORDER **tail_p)
- {
- int max_strength_bits, i, *number_uses;
- CIPHER_ORDER *curr;
-
- /*
- * This routine sorts the ciphers with descending strength. The sorting
- * must keep the pre-sorted sequence, so we apply the normal sorting
- * routine as '+' movement to the end of the list.
- */
- max_strength_bits = 0;
- curr = *head_p;
- while (curr != NULL)
- {
- if (curr->active &&
- (curr->cipher->strength_bits > max_strength_bits))
- max_strength_bits = curr->cipher->strength_bits;
- curr = curr->next;
- }
-
- number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
- if (!number_uses)
- {
- SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
-
- /*
- * Now find the strength_bits values actually used
- */
- curr = *head_p;
- while (curr != NULL)
- {
- if (curr->active)
- number_uses[curr->cipher->strength_bits]++;
- curr = curr->next;
- }
- /*
- * Go through the list of used strength_bits values in descending
- * order.
- */
- for (i = max_strength_bits; i >= 0; i--)
- if (number_uses[i] > 0)
- ssl_cipher_apply_rule(0, 0, 0, 0, CIPHER_ORD, i,
- list, head_p, tail_p);
-
- OPENSSL_free(number_uses);
- return(1);
- }
-
-static int ssl_cipher_process_rulestr(const char *rule_str,
- CIPHER_ORDER *list, CIPHER_ORDER **head_p,
- CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list)
- {
- unsigned long algorithms, mask, algo_strength, mask_strength;
- const char *l, *start, *buf;
- int j, multi, found, rule, retval, ok, buflen;
- char ch;
-
- retval = 1;
- l = rule_str;
- for (;;)
- {
- ch = *l;
-
- if (ch == '\0')
- break; /* done */
- if (ch == '-')
- { rule = CIPHER_DEL; l++; }
- else if (ch == '+')
- { rule = CIPHER_ORD; l++; }
- else if (ch == '!')
- { rule = CIPHER_KILL; l++; }
- else if (ch == '@')
- { rule = CIPHER_SPECIAL; l++; }
- else
- { rule = CIPHER_ADD; }
-
- if (ITEM_SEP(ch))
- {
- l++;
- continue;
- }
-
- algorithms = mask = algo_strength = mask_strength = 0;
-
- start=l;
- for (;;)
- {
- ch = *l;
- buf = l;
- buflen = 0;
-#ifndef CHARSET_EBCDIC
- while ( ((ch >= 'A') && (ch <= 'Z')) ||
- ((ch >= '0') && (ch <= '9')) ||
- ((ch >= 'a') && (ch <= 'z')) ||
- (ch == '-'))
-#else
- while ( isalnum(ch) || (ch == '-'))
-#endif
- {
- ch = *(++l);
- buflen++;
- }
-
- if (buflen == 0)
- {
- /*
- * We hit something we cannot deal with,
- * it is no command or separator nor
- * alphanumeric, so we call this an error.
- */
- SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
- SSL_R_INVALID_COMMAND);
- retval = found = 0;
- l++;
- break;
- }
-
- if (rule == CIPHER_SPECIAL)
- {
- found = 0; /* unused -- avoid compiler warning */
- break; /* special treatment */
- }
-
- /* check for multi-part specification */
- if (ch == '+')
- {
- multi=1;
- l++;
- }
- else
- multi=0;
-
- /*
- * Now search for the cipher alias in the ca_list. Be careful
- * with the strncmp, because the "buflen" limitation
- * will make the rule "ADH:SOME" and the cipher
- * "ADH-MY-CIPHER" look like a match for buflen=3.
- * So additionally check whether the cipher name found
- * has the correct length. We can save a strlen() call:
- * just checking for the '\0' at the right place is
- * sufficient, we have to strncmp() anyway.
- */
- j = found = 0;
- while (ca_list[j])
- {
- if ((ca_list[j]->name[buflen] == '\0') &&
- !strncmp(buf, ca_list[j]->name, buflen))
- {
- found = 1;
- break;
- }
- else
- j++;
- }
- if (!found)
- break; /* ignore this entry */
-
- algorithms |= ca_list[j]->algorithms;
- mask |= ca_list[j]->mask;
- algo_strength |= ca_list[j]->algo_strength;
- mask_strength |= ca_list[j]->mask_strength;
-
- if (!multi) break;
- }
-
- /*
- * Ok, we have the rule, now apply it
- */
- if (rule == CIPHER_SPECIAL)
- { /* special command */
- ok = 0;
- if ((buflen == 8) &&
- !strncmp(buf, "STRENGTH", 8))
- ok = ssl_cipher_strength_sort(list,
- head_p, tail_p);
- else
- SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
- SSL_R_INVALID_COMMAND);
- if (ok == 0)
- retval = 0;
- /*
- * We do not support any "multi" options
- * together with "@", so throw away the
- * rest of the command, if any left, until
- * end or ':' is found.
- */
- while ((*l != '\0') && ITEM_SEP(*l))
- l++;
- }
- else if (found)
- {
- ssl_cipher_apply_rule(algorithms, mask,
- algo_strength, mask_strength, rule, -1,
- list, head_p, tail_p);
- }
- else
- {
- while ((*l != '\0') && ITEM_SEP(*l))
- l++;
- }
- if (*l == '\0') break; /* done */
- }
-
- return(retval);
- }
-
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
- STACK_OF(SSL_CIPHER) **cipher_list,
- STACK_OF(SSL_CIPHER) **cipher_list_by_id,
- const char *rule_str)
- {
- int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
- unsigned long disabled_mask;
- STACK_OF(SSL_CIPHER) *cipherstack;
- const char *rule_p;
- CIPHER_ORDER *list = NULL, *head = NULL, *tail = NULL, *curr;
- SSL_CIPHER **ca_list = NULL;
-
- /*
- * Return with error if nothing to do.
- */
- if (rule_str == NULL) return(NULL);
-
- if (init_ciphers) load_ciphers();
-
- /*
- * To reduce the work to do we only want to process the compiled
- * in algorithms, so we first get the mask of disabled ciphers.
- */
- disabled_mask = ssl_cipher_get_disabled();
-
- /*
- * Now we have to collect the available ciphers from the compiled
- * in ciphers. We cannot get more than the number compiled in, so
- * it is used for allocation.
- */
- num_of_ciphers = ssl_method->num_ciphers();
- list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
- if (list == NULL)
- {
- SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
- return(NULL); /* Failure */
- }
-
- ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask,
- list, &head, &tail);
-
- /*
- * We also need cipher aliases for selecting based on the rule_str.
- * There might be two types of entries in the rule_str: 1) names
- * of ciphers themselves 2) aliases for groups of ciphers.
- * For 1) we need the available ciphers and for 2) the cipher
- * groups of cipher_aliases added together in one list (otherwise
- * we would be happy with just the cipher_aliases table).
- */
- num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
- num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
- ca_list =
- (SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
- if (ca_list == NULL)
- {
- OPENSSL_free(list);
- SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
- return(NULL); /* Failure */
- }
- ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mask,
- head);
-
- /*
- * If the rule_string begins with DEFAULT, apply the default rule
- * before using the (possibly available) additional rules.
- */
- ok = 1;
- rule_p = rule_str;
- if (strncmp(rule_str,"DEFAULT",7) == 0)
- {
- ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
- list, &head, &tail, ca_list);
- rule_p += 7;
- if (*rule_p == ':')
- rule_p++;
- }
-
- if (ok && (strlen(rule_p) > 0))
- ok = ssl_cipher_process_rulestr(rule_p, list, &head, &tail,
- ca_list);
-
- OPENSSL_free(ca_list); /* Not needed anymore */
-
- if (!ok)
- { /* Rule processing failure */
- OPENSSL_free(list);
- return(NULL);
- }
- /*
- * Allocate new "cipherstack" for the result, return with error
- * if we cannot get one.
- */
- if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL)
- {
- OPENSSL_free(list);
- return(NULL);
- }
-
- /*
- * The cipher selection for the list is done. The ciphers are added
- * to the resulting precedence to the STACK_OF(SSL_CIPHER).
- */
- for (curr = head; curr != NULL; curr = curr->next)
- {
- if (curr->active)
- {
- sk_SSL_CIPHER_push(cipherstack, curr->cipher);
-#ifdef CIPHER_DEBUG
- printf("<%s>\n",curr->cipher->name);
-#endif
- }
- }
- OPENSSL_free(list); /* Not needed any longer */
-
- /*
- * The following passage is a little bit odd. If pointer variables
- * were supplied to hold STACK_OF(SSL_CIPHER) return information,
- * the old memory pointed to is free()ed. Then, however, the
- * cipher_list entry will be assigned just a copy of the returned
- * cipher stack. For cipher_list_by_id a copy of the cipher stack
- * will be created. See next comment...
- */
- if (cipher_list != NULL)
- {
- if (*cipher_list != NULL)
- sk_SSL_CIPHER_free(*cipher_list);
- *cipher_list = cipherstack;
- }
-
- if (cipher_list_by_id != NULL)
- {
- if (*cipher_list_by_id != NULL)
- sk_SSL_CIPHER_free(*cipher_list_by_id);
- *cipher_list_by_id = sk_SSL_CIPHER_dup(cipherstack);
- }
-
- /*
- * Now it is getting really strange. If something failed during
- * the previous pointer assignment or if one of the pointers was
- * not requested, the error condition is met. That might be
- * discussable. The strange thing is however that in this case
- * the memory "ret" pointed to is "free()ed" and hence the pointer
- * cipher_list becomes wild. The memory reserved for
- * cipher_list_by_id however is not "free()ed" and stays intact.
- */
- if ( (cipher_list_by_id == NULL) ||
- (*cipher_list_by_id == NULL) ||
- (cipher_list == NULL) ||
- (*cipher_list == NULL))
- {
- sk_SSL_CIPHER_free(cipherstack);
- return(NULL);
- }
-
- sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
-
- return(cipherstack);
- }
-
-char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
- {
- int is_export,pkl,kl;
- char *ver,*exp;
- char *kx,*au,*enc,*mac;
- unsigned long alg,alg2,alg_s;
- static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
-
- alg=cipher->algorithms;
- alg_s=cipher->algo_strength;
- alg2=cipher->algorithm2;
-
- is_export=SSL_C_IS_EXPORT(cipher);
- pkl=SSL_C_EXPORT_PKEYLENGTH(cipher);
- kl=SSL_C_EXPORT_KEYLENGTH(cipher);
- exp=is_export?" export":"";
-
- if (alg & SSL_SSLV2)
- ver="SSLv2";
- else if (alg & SSL_SSLV3)
- ver="SSLv3";
- else
- ver="unknown";
-
- switch (alg&SSL_MKEY_MASK)
- {
- case SSL_kRSA:
- kx=is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA";
- break;
- case SSL_kDHr:
- kx="DH/RSA";
- break;
- case SSL_kDHd:
- kx="DH/DSS";
- break;
- case SSL_kFZA:
- kx="Fortezza";
- break;
- case SSL_kEDH:
- kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";
- break;
- default:
- kx="unknown";
- }
-
- switch (alg&SSL_AUTH_MASK)
- {
- case SSL_aRSA:
- au="RSA";
- break;
- case SSL_aDSS:
- au="DSS";
- break;
- case SSL_aDH:
- au="DH";
- break;
- case SSL_aFZA:
- case SSL_aNULL:
- au="None";
- break;
- default:
- au="unknown";
- break;
- }
-
- switch (alg&SSL_ENC_MASK)
- {
- case SSL_DES:
- enc=(is_export && kl == 5)?"DES(40)":"DES(56)";
- break;
- case SSL_3DES:
- enc="3DES(168)";
- break;
- case SSL_RC4:
- enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)")
- :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)");
- break;
- case SSL_RC2:
- enc=is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)";
- break;
- case SSL_IDEA:
- enc="IDEA(128)";
- break;
- case SSL_eFZA:
- enc="Fortezza";
- break;
- case SSL_eNULL:
- enc="None";
- break;
- default:
- enc="unknown";
- break;
- }
-
- switch (alg&SSL_MAC_MASK)
- {
- case SSL_MD5:
- mac="MD5";
- break;
- case SSL_SHA1:
- mac="SHA1";
- break;
- default:
- mac="unknown";
- break;
- }
-
- if (buf == NULL)
- {
- len=128;
- buf=OPENSSL_malloc(len);
- if (buf == NULL) return("OPENSSL_malloc Error");
- }
- else if (len < 128)
- return("Buffer too small");
-
- BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp);
- return(buf);
- }
-
-char *SSL_CIPHER_get_version(SSL_CIPHER *c)
- {
- int i;
-
- if (c == NULL) return("(NONE)");
- i=(int)(c->id>>24L);
- if (i == 3)
- return("TLSv1/SSLv3");
- else if (i == 2)
- return("SSLv2");
- else
- return("unknown");
- }
-
-/* return the actual cipher being used */
-const char *SSL_CIPHER_get_name(SSL_CIPHER *c)
- {
- if (c != NULL)
- return(c->name);
- return("(NONE)");
- }
-
-/* number of bits for symmetric cipher */
-int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits)
- {
- int ret=0;
-
- if (c != NULL)
- {
- if (alg_bits != NULL) *alg_bits = c->alg_bits;
- ret = c->strength_bits;
- }
- return(ret);
- }
-
-SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
- {
- SSL_COMP *ctmp;
- int i,nn;
-
- if ((n == 0) || (sk == NULL)) return(NULL);
- nn=sk_SSL_COMP_num(sk);
- for (i=0; i<nn; i++)
- {
- ctmp=sk_SSL_COMP_value(sk,i);
- if (ctmp->id == n)
- return(ctmp);
- }
- return(NULL);
- }
-
-static int sk_comp_cmp(const SSL_COMP * const *a,
- const SSL_COMP * const *b)
- {
- return((*a)->id-(*b)->id);
- }
-
-STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
- {
- return(ssl_comp_methods);
- }
-
-int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
- {
- SSL_COMP *comp;
- STACK_OF(SSL_COMP) *sk;
-
- comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
- comp->id=id;
- comp->method=cm;
- if (ssl_comp_methods == NULL)
- sk=ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
- else
- sk=ssl_comp_methods;
- if ((sk == NULL) || !sk_SSL_COMP_push(sk,comp))
- {
- SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- else
- return(1);
- }
-
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
deleted file mode 100644
index 1ae3333407..0000000000
--- a/src/lib/libssl/ssl_err.c
+++ /dev/null
@@ -1,435 +0,0 @@
-/* ssl/ssl_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-/* BEGIN ERROR CODES */
-#ifndef NO_ERR
-static ERR_STRING_DATA SSL_str_functs[]=
- {
-{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0), "CLIENT_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_CLIENT_HELLO,0), "CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"},
-{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0), "d2i_SSL_SESSION"},
-{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0), "DO_SSL3_WRITE"},
-{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0), "GET_CLIENT_FINISHED"},
-{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0), "GET_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0), "GET_CLIENT_MASTER_KEY"},
-{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0), "GET_SERVER_FINISHED"},
-{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0), "GET_SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0), "GET_SERVER_VERIFY"},
-{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0), "i2d_SSL_SESSION"},
-{ERR_PACK(0,SSL_F_READ_N,0), "READ_N"},
-{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0), "REQUEST_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SERVER_HELLO,0), "SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0), "SSL23_ACCEPT"},
-{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0), "SSL23_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_SSL23_CONNECT,0), "SSL23_CONNECT"},
-{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0), "SSL23_GET_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0), "SSL23_GET_SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_SSL23_PEEK,0), "SSL23_PEEK"},
-{ERR_PACK(0,SSL_F_SSL23_READ,0), "SSL23_READ"},
-{ERR_PACK(0,SSL_F_SSL23_WRITE,0), "SSL23_WRITE"},
-{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"},
-{ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"},
-{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"},
-{ERR_PACK(0,SSL_F_SSL2_PEEK,0), "SSL2_PEEK"},
-{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"},
-{ERR_PACK(0,SSL_F_SSL2_READ_INTERNAL,0), "SSL2_READ_INTERNAL"},
-{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0), "SSL2_SET_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL2_WRITE,0), "SSL2_WRITE"},
-{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0), "SSL3_ACCEPT"},
-{ERR_PACK(0,SSL_F_SSL3_CALLBACK_CTRL,0), "SSL3_CALLBACK_CTRL"},
-{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0), "SSL3_CHANGE_CIPHER_STATE"},
-{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0), "SSL3_CHECK_CERT_AND_ALGORITHM"},
-{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0), "SSL3_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_SSL3_CONNECT,0), "SSL3_CONNECT"},
-{ERR_PACK(0,SSL_F_SSL3_CTRL,0), "SSL3_CTRL"},
-{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0), "SSL3_CTX_CTRL"},
-{ERR_PACK(0,SSL_F_SSL3_ENC,0), "SSL3_ENC"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0), "SSL3_GET_CERTIFICATE_REQUEST"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0), "SSL3_GET_CERT_VERIFY"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0), "SSL3_GET_CLIENT_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0), "SSL3_GET_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0), "SSL3_GET_CLIENT_KEY_EXCHANGE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0), "SSL3_GET_FINISHED"},
-{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0), "SSL3_GET_KEY_EXCHANGE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0), "SSL3_GET_MESSAGE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0), "SSL3_GET_RECORD"},
-{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0), "SSL3_GET_SERVER_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0), "SSL3_GET_SERVER_DONE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0), "SSL3_GET_SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0), "SSL3_OUTPUT_CERT_CHAIN"},
-{ERR_PACK(0,SSL_F_SSL3_PEEK,0), "SSL3_PEEK"},
-{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0), "SSL3_READ_BYTES"},
-{ERR_PACK(0,SSL_F_SSL3_READ_N,0), "SSL3_READ_N"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0), "SSL3_SEND_CERTIFICATE_REQUEST"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0), "SSL3_SEND_CLIENT_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0), "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0), "SSL3_SEND_CLIENT_VERIFY"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0), "SSL3_SEND_SERVER_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0), "SSL3_SEND_SERVER_KEY_EXCHANGE"},
-{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0), "SSL3_SETUP_BUFFERS"},
-{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0), "SSL3_SETUP_KEY_BLOCK"},
-{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0), "SSL3_WRITE_BYTES"},
-{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0), "SSL3_WRITE_PENDING"},
-{ERR_PACK(0,SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,0), "SSL_add_dir_cert_subjects_to_stack"},
-{ERR_PACK(0,SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,0), "SSL_add_file_cert_subjects_to_stack"},
-{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0), "SSL_BAD_METHOD"},
-{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0), "SSL_BYTES_TO_CIPHER_LIST"},
-{ERR_PACK(0,SSL_F_SSL_CERT_DUP,0), "SSL_CERT_DUP"},
-{ERR_PACK(0,SSL_F_SSL_CERT_INST,0), "SSL_CERT_INST"},
-{ERR_PACK(0,SSL_F_SSL_CERT_INSTANTIATE,0), "SSL_CERT_INSTANTIATE"},
-{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0), "SSL_CERT_NEW"},
-{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0), "SSL_check_private_key"},
-{ERR_PACK(0,SSL_F_SSL_CIPHER_PROCESS_RULESTR,0), "SSL_CIPHER_PROCESS_RULESTR"},
-{ERR_PACK(0,SSL_F_SSL_CIPHER_STRENGTH_SORT,0), "SSL_CIPHER_STRENGTH_SORT"},
-{ERR_PACK(0,SSL_F_SSL_CLEAR,0), "SSL_clear"},
-{ERR_PACK(0,SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,0), "SSL_COMP_add_compression_method"},
-{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0), "SSL_CREATE_CIPHER_LIST"},
-{ERR_PACK(0,SSL_F_SSL_CTRL,0), "SSL_ctrl"},
-{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"},
-{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0), "SSL_CTX_new"},
-{ERR_PACK(0,SSL_F_SSL_CTX_SET_PURPOSE,0), "SSL_CTX_set_purpose"},
-{ERR_PACK(0,SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,0), "SSL_CTX_set_session_id_context"},
-{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0), "SSL_CTX_set_ssl_version"},
-{ERR_PACK(0,SSL_F_SSL_CTX_SET_TRUST,0), "SSL_CTX_set_trust"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0), "SSL_CTX_use_certificate"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0), "SSL_CTX_use_certificate_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,0), "SSL_CTX_use_certificate_chain_file"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0), "SSL_CTX_use_certificate_file"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0), "SSL_CTX_use_PrivateKey"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0), "SSL_CTX_use_PrivateKey_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0), "SSL_CTX_use_PrivateKey_file"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0), "SSL_CTX_use_RSAPrivateKey"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0), "SSL_CTX_use_RSAPrivateKey_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0), "SSL_CTX_use_RSAPrivateKey_file"},
-{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0), "SSL_do_handshake"},
-{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0), "SSL_GET_NEW_SESSION"},
-{ERR_PACK(0,SSL_F_SSL_GET_PREV_SESSION,0), "SSL_GET_PREV_SESSION"},
-{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0), "SSL_GET_SERVER_SEND_CERT"},
-{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0), "SSL_GET_SIGN_PKEY"},
-{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0), "SSL_INIT_WBIO_BUFFER"},
-{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0), "SSL_load_client_CA_file"},
-{ERR_PACK(0,SSL_F_SSL_NEW,0), "SSL_new"},
-{ERR_PACK(0,SSL_F_SSL_READ,0), "SSL_read"},
-{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0), "SSL_RSA_PRIVATE_DECRYPT"},
-{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0), "SSL_RSA_PUBLIC_ENCRYPT"},
-{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0), "SSL_SESSION_new"},
-{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0), "SSL_SESSION_print_fp"},
-{ERR_PACK(0,SSL_F_SSL_SESS_CERT_NEW,0), "SSL_SESS_CERT_NEW"},
-{ERR_PACK(0,SSL_F_SSL_SET_CERT,0), "SSL_SET_CERT"},
-{ERR_PACK(0,SSL_F_SSL_SET_FD,0), "SSL_set_fd"},
-{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0), "SSL_SET_PKEY"},
-{ERR_PACK(0,SSL_F_SSL_SET_PURPOSE,0), "SSL_set_purpose"},
-{ERR_PACK(0,SSL_F_SSL_SET_RFD,0), "SSL_set_rfd"},
-{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0), "SSL_set_session"},
-{ERR_PACK(0,SSL_F_SSL_SET_SESSION_ID_CONTEXT,0), "SSL_set_session_id_context"},
-{ERR_PACK(0,SSL_F_SSL_SET_TRUST,0), "SSL_set_trust"},
-{ERR_PACK(0,SSL_F_SSL_SET_WFD,0), "SSL_set_wfd"},
-{ERR_PACK(0,SSL_F_SSL_SHUTDOWN,0), "SSL_shutdown"},
-{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0), "SSL_UNDEFINED_FUNCTION"},
-{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0), "SSL_use_certificate"},
-{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0), "SSL_use_certificate_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0), "SSL_use_certificate_file"},
-{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0), "SSL_use_PrivateKey"},
-{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0), "SSL_use_PrivateKey_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0), "SSL_use_PrivateKey_file"},
-{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0), "SSL_use_RSAPrivateKey"},
-{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0), "SSL_use_RSAPrivateKey_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0), "SSL_use_RSAPrivateKey_file"},
-{ERR_PACK(0,SSL_F_SSL_VERIFY_CERT_CHAIN,0), "SSL_VERIFY_CERT_CHAIN"},
-{ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"},
-{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0), "TLS1_CHANGE_CIPHER_STATE"},
-{ERR_PACK(0,SSL_F_TLS1_ENC,0), "TLS1_ENC"},
-{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0), "TLS1_SETUP_KEY_BLOCK"},
-{ERR_PACK(0,SSL_F_WRITE_PENDING,0), "WRITE_PENDING"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA SSL_str_reasons[]=
- {
-{SSL_R_APP_DATA_IN_HANDSHAKE ,"app data in handshake"},
-{SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT,"attempt to reuse session in different context"},
-{SSL_R_BAD_ALERT_RECORD ,"bad alert record"},
-{SSL_R_BAD_AUTHENTICATION_TYPE ,"bad authentication type"},
-{SSL_R_BAD_CHANGE_CIPHER_SPEC ,"bad change cipher spec"},
-{SSL_R_BAD_CHECKSUM ,"bad checksum"},
-{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ,"bad data returned by callback"},
-{SSL_R_BAD_DECOMPRESSION ,"bad decompression"},
-{SSL_R_BAD_DH_G_LENGTH ,"bad dh g length"},
-{SSL_R_BAD_DH_PUB_KEY_LENGTH ,"bad dh pub key length"},
-{SSL_R_BAD_DH_P_LENGTH ,"bad dh p length"},
-{SSL_R_BAD_DIGEST_LENGTH ,"bad digest length"},
-{SSL_R_BAD_DSA_SIGNATURE ,"bad dsa signature"},
-{SSL_R_BAD_HELLO_REQUEST ,"bad hello request"},
-{SSL_R_BAD_LENGTH ,"bad length"},
-{SSL_R_BAD_MAC_DECODE ,"bad mac decode"},
-{SSL_R_BAD_MESSAGE_TYPE ,"bad message type"},
-{SSL_R_BAD_PACKET_LENGTH ,"bad packet length"},
-{SSL_R_BAD_PROTOCOL_VERSION_NUMBER ,"bad protocol version number"},
-{SSL_R_BAD_RESPONSE_ARGUMENT ,"bad response argument"},
-{SSL_R_BAD_RSA_DECRYPT ,"bad rsa decrypt"},
-{SSL_R_BAD_RSA_ENCRYPT ,"bad rsa encrypt"},
-{SSL_R_BAD_RSA_E_LENGTH ,"bad rsa e length"},
-{SSL_R_BAD_RSA_MODULUS_LENGTH ,"bad rsa modulus length"},
-{SSL_R_BAD_RSA_SIGNATURE ,"bad rsa signature"},
-{SSL_R_BAD_SIGNATURE ,"bad signature"},
-{SSL_R_BAD_SSL_FILETYPE ,"bad ssl filetype"},
-{SSL_R_BAD_SSL_SESSION_ID_LENGTH ,"bad ssl session id length"},
-{SSL_R_BAD_STATE ,"bad state"},
-{SSL_R_BAD_WRITE_RETRY ,"bad write retry"},
-{SSL_R_BIO_NOT_SET ,"bio not set"},
-{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG ,"block cipher pad is wrong"},
-{SSL_R_BN_LIB ,"bn lib"},
-{SSL_R_CA_DN_LENGTH_MISMATCH ,"ca dn length mismatch"},
-{SSL_R_CA_DN_TOO_LONG ,"ca dn too long"},
-{SSL_R_CCS_RECEIVED_EARLY ,"ccs received early"},
-{SSL_R_CERTIFICATE_VERIFY_FAILED ,"certificate verify failed"},
-{SSL_R_CERT_LENGTH_MISMATCH ,"cert length mismatch"},
-{SSL_R_CHALLENGE_IS_DIFFERENT ,"challenge is different"},
-{SSL_R_CIPHER_CODE_WRONG_LENGTH ,"cipher code wrong length"},
-{SSL_R_CIPHER_OR_HASH_UNAVAILABLE ,"cipher or hash unavailable"},
-{SSL_R_CIPHER_TABLE_SRC_ERROR ,"cipher table src error"},
-{SSL_R_COMPRESSED_LENGTH_TOO_LONG ,"compressed length too long"},
-{SSL_R_COMPRESSION_FAILURE ,"compression failure"},
-{SSL_R_COMPRESSION_LIBRARY_ERROR ,"compression library error"},
-{SSL_R_CONNECTION_ID_IS_DIFFERENT ,"connection id is different"},
-{SSL_R_CONNECTION_TYPE_NOT_SET ,"connection type not set"},
-{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"},
-{SSL_R_DATA_LENGTH_TOO_LONG ,"data length too long"},
-{SSL_R_DECRYPTION_FAILED ,"decryption failed"},
-{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"},
-{SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"},
-{SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"},
-{SSL_R_ERROR_GENERATING_TMP_RSA_KEY ,"error generating tmp rsa key"},
-{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"},
-{SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"},
-{SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"},
-{SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"},
-{SSL_R_HTTPS_PROXY_REQUEST ,"https proxy request"},
-{SSL_R_HTTP_REQUEST ,"http request"},
-{SSL_R_INTERNAL_ERROR ,"internal error"},
-{SSL_R_INVALID_CHALLENGE_LENGTH ,"invalid challenge length"},
-{SSL_R_INVALID_COMMAND ,"invalid command"},
-{SSL_R_INVALID_PURPOSE ,"invalid purpose"},
-{SSL_R_INVALID_TRUST ,"invalid trust"},
-{SSL_R_LENGTH_MISMATCH ,"length mismatch"},
-{SSL_R_LENGTH_TOO_SHORT ,"length too short"},
-{SSL_R_LIBRARY_BUG ,"library bug"},
-{SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"},
-{SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"},
-{SSL_R_MISSING_DH_KEY ,"missing dh key"},
-{SSL_R_MISSING_DH_RSA_CERT ,"missing dh rsa cert"},
-{SSL_R_MISSING_DSA_SIGNING_CERT ,"missing dsa signing cert"},
-{SSL_R_MISSING_EXPORT_TMP_DH_KEY ,"missing export tmp dh key"},
-{SSL_R_MISSING_EXPORT_TMP_RSA_KEY ,"missing export tmp rsa key"},
-{SSL_R_MISSING_RSA_CERTIFICATE ,"missing rsa certificate"},
-{SSL_R_MISSING_RSA_ENCRYPTING_CERT ,"missing rsa encrypting cert"},
-{SSL_R_MISSING_RSA_SIGNING_CERT ,"missing rsa signing cert"},
-{SSL_R_MISSING_TMP_DH_KEY ,"missing tmp dh key"},
-{SSL_R_MISSING_TMP_RSA_KEY ,"missing tmp rsa key"},
-{SSL_R_MISSING_TMP_RSA_PKEY ,"missing tmp rsa pkey"},
-{SSL_R_MISSING_VERIFY_MESSAGE ,"missing verify message"},
-{SSL_R_NON_SSLV2_INITIAL_PACKET ,"non sslv2 initial packet"},
-{SSL_R_NO_CERTIFICATES_RETURNED ,"no certificates returned"},
-{SSL_R_NO_CERTIFICATE_ASSIGNED ,"no certificate assigned"},
-{SSL_R_NO_CERTIFICATE_RETURNED ,"no certificate returned"},
-{SSL_R_NO_CERTIFICATE_SET ,"no certificate set"},
-{SSL_R_NO_CERTIFICATE_SPECIFIED ,"no certificate specified"},
-{SSL_R_NO_CIPHERS_AVAILABLE ,"no ciphers available"},
-{SSL_R_NO_CIPHERS_PASSED ,"no ciphers passed"},
-{SSL_R_NO_CIPHERS_SPECIFIED ,"no ciphers specified"},
-{SSL_R_NO_CIPHER_LIST ,"no cipher list"},
-{SSL_R_NO_CIPHER_MATCH ,"no cipher match"},
-{SSL_R_NO_CLIENT_CERT_RECEIVED ,"no client cert received"},
-{SSL_R_NO_COMPRESSION_SPECIFIED ,"no compression specified"},
-{SSL_R_NO_METHOD_SPECIFIED ,"no method specified"},
-{SSL_R_NO_PRIVATEKEY ,"no privatekey"},
-{SSL_R_NO_PRIVATE_KEY_ASSIGNED ,"no private key assigned"},
-{SSL_R_NO_PROTOCOLS_AVAILABLE ,"no protocols available"},
-{SSL_R_NO_PUBLICKEY ,"no publickey"},
-{SSL_R_NO_SHARED_CIPHER ,"no shared cipher"},
-{SSL_R_NO_VERIFY_CALLBACK ,"no verify callback"},
-{SSL_R_NULL_SSL_CTX ,"null ssl ctx"},
-{SSL_R_NULL_SSL_METHOD_PASSED ,"null ssl method passed"},
-{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ,"old session cipher not returned"},
-{SSL_R_PACKET_LENGTH_TOO_LONG ,"packet length too long"},
-{SSL_R_PATH_TOO_LONG ,"path too long"},
-{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"},
-{SSL_R_PEER_ERROR ,"peer error"},
-{SSL_R_PEER_ERROR_CERTIFICATE ,"peer error certificate"},
-{SSL_R_PEER_ERROR_NO_CERTIFICATE ,"peer error no certificate"},
-{SSL_R_PEER_ERROR_NO_CIPHER ,"peer error no cipher"},
-{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"},
-{SSL_R_PRE_MAC_LENGTH_TOO_LONG ,"pre mac length too long"},
-{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"},
-{SSL_R_PROTOCOL_IS_SHUTDOWN ,"protocol is shutdown"},
-{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR ,"public key encrypt error"},
-{SSL_R_PUBLIC_KEY_IS_NOT_RSA ,"public key is not rsa"},
-{SSL_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"},
-{SSL_R_READ_BIO_NOT_SET ,"read bio not set"},
-{SSL_R_READ_WRONG_PACKET_TYPE ,"read wrong packet type"},
-{SSL_R_RECORD_LENGTH_MISMATCH ,"record length mismatch"},
-{SSL_R_RECORD_TOO_LARGE ,"record too large"},
-{SSL_R_RECORD_TOO_SMALL ,"record too small"},
-{SSL_R_REQUIRED_CIPHER_MISSING ,"required cipher missing"},
-{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO ,"reuse cert length not zero"},
-{SSL_R_REUSE_CERT_TYPE_NOT_ZERO ,"reuse cert type not zero"},
-{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO ,"reuse cipher list not zero"},
-{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED ,"session id context uninitialized"},
-{SSL_R_SHORT_READ ,"short read"},
-{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
-{SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"},
-{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"},
-{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"},
-{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"},
-{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED ,"sslv3 alert certificate expired"},
-{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED ,"sslv3 alert certificate revoked"},
-{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN ,"sslv3 alert certificate unknown"},
-{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"},
-{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE ,"sslv3 alert handshake failure"},
-{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER ,"sslv3 alert illegal parameter"},
-{SSL_R_SSLV3_ALERT_NO_CERTIFICATE ,"sslv3 alert no certificate"},
-{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"},
-{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"},
-{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER ,"sslv3 alert peer error no cipher"},
-{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"},
-{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE ,"sslv3 alert unexpected message"},
-{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"},
-{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"},
-{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"},
-{SSL_R_SSL_HANDSHAKE_FAILURE ,"ssl handshake failure"},
-{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ,"ssl library has no ciphers"},
-{SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG ,"ssl session id context too long"},
-{SSL_R_SSL_SESSION_ID_IS_DIFFERENT ,"ssl session id is different"},
-{SSL_R_TLSV1_ALERT_ACCESS_DENIED ,"tlsv1 alert access denied"},
-{SSL_R_TLSV1_ALERT_DECODE_ERROR ,"tlsv1 alert decode error"},
-{SSL_R_TLSV1_ALERT_DECRYPTION_FAILED ,"tlsv1 alert decryption failed"},
-{SSL_R_TLSV1_ALERT_DECRYPT_ERROR ,"tlsv1 alert decrypt error"},
-{SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION ,"tlsv1 alert export restriction"},
-{SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ,"tlsv1 alert insufficient security"},
-{SSL_R_TLSV1_ALERT_INTERNAL_ERROR ,"tlsv1 alert internal error"},
-{SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ,"tlsv1 alert no renegotiation"},
-{SSL_R_TLSV1_ALERT_PROTOCOL_VERSION ,"tlsv1 alert protocol version"},
-{SSL_R_TLSV1_ALERT_RECORD_OVERFLOW ,"tlsv1 alert record overflow"},
-{SSL_R_TLSV1_ALERT_UNKNOWN_CA ,"tlsv1 alert unknown ca"},
-{SSL_R_TLSV1_ALERT_USER_CANCELLED ,"tlsv1 alert user cancelled"},
-{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"},
-{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"},
-{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"},
-{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER ,"tried to use unsupported cipher"},
-{SSL_R_UNABLE_TO_DECODE_DH_CERTS ,"unable to decode dh certs"},
-{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY ,"unable to extract public key"},
-{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS ,"unable to find dh parameters"},
-{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"},
-{SSL_R_UNABLE_TO_FIND_SSL_METHOD ,"unable to find ssl method"},
-{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES ,"unable to load ssl2 md5 routines"},
-{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES ,"unable to load ssl3 md5 routines"},
-{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"},
-{SSL_R_UNEXPECTED_MESSAGE ,"unexpected message"},
-{SSL_R_UNEXPECTED_RECORD ,"unexpected record"},
-{SSL_R_UNINITIALIZED ,"uninitialized"},
-{SSL_R_UNKNOWN_ALERT_TYPE ,"unknown alert type"},
-{SSL_R_UNKNOWN_CERTIFICATE_TYPE ,"unknown certificate type"},
-{SSL_R_UNKNOWN_CIPHER_RETURNED ,"unknown cipher returned"},
-{SSL_R_UNKNOWN_CIPHER_TYPE ,"unknown cipher type"},
-{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE ,"unknown key exchange type"},
-{SSL_R_UNKNOWN_PKEY_TYPE ,"unknown pkey type"},
-{SSL_R_UNKNOWN_PROTOCOL ,"unknown protocol"},
-{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE ,"unknown remote error type"},
-{SSL_R_UNKNOWN_SSL_VERSION ,"unknown ssl version"},
-{SSL_R_UNKNOWN_STATE ,"unknown state"},
-{SSL_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
-{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"},
-{SSL_R_UNSUPPORTED_OPTION ,"unsupported option"},
-{SSL_R_UNSUPPORTED_PROTOCOL ,"unsupported protocol"},
-{SSL_R_UNSUPPORTED_SSL_VERSION ,"unsupported ssl version"},
-{SSL_R_WRITE_BIO_NOT_SET ,"write bio not set"},
-{SSL_R_WRONG_CIPHER_RETURNED ,"wrong cipher returned"},
-{SSL_R_WRONG_MESSAGE_TYPE ,"wrong message type"},
-{SSL_R_WRONG_NUMBER_OF_KEY_BITS ,"wrong number of key bits"},
-{SSL_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
-{SSL_R_WRONG_SIGNATURE_SIZE ,"wrong signature size"},
-{SSL_R_WRONG_SSL_VERSION ,"wrong ssl version"},
-{SSL_R_WRONG_VERSION_NUMBER ,"wrong version number"},
-{SSL_R_X509_LIB ,"x509 lib"},
-{SSL_R_X509_VERIFICATION_SETUP_PROBLEMS ,"x509 verification setup problems"},
-{0,NULL}
- };
-
-#endif
-
-void ERR_load_SSL_strings(void)
- {
- static int init=1;
-
- if (init)
- {
- init=0;
-#ifndef NO_ERR
- ERR_load_strings(ERR_LIB_SSL,SSL_str_functs);
- ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons);
-#endif
-
- }
- }
diff --git a/src/lib/libssl/ssl_err2.c b/src/lib/libssl/ssl_err2.c
deleted file mode 100644
index cc089a612b..0000000000
--- a/src/lib/libssl/ssl_err2.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* ssl/ssl_err2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-void SSL_load_error_strings(void)
- {
-#ifndef NO_ERR
- ERR_load_crypto_strings();
- ERR_load_SSL_strings();
-#endif
- }
-
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
deleted file mode 100644
index 1fe85b6cb7..0000000000
--- a/src/lib/libssl/ssl_lib.c
+++ /dev/null
@@ -1,2074 +0,0 @@
-/*! \file ssl/ssl_lib.c
- * \brief Version independent SSL functions.
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-
-#include <assert.h>
-#include <stdio.h>
-#include <openssl/objects.h>
-#include <openssl/lhash.h>
-#include <openssl/x509v3.h>
-#include "ssl_locl.h"
-
-const char *SSL_version_str=OPENSSL_VERSION_TEXT;
-
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ssl_meth=NULL;
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ssl_ctx_meth=NULL;
-static int ssl_meth_num=0;
-static int ssl_ctx_meth_num=0;
-
-OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
- /* evil casts, but these functions are only called if there's a library bug */
- (int (*)(SSL *,int))ssl_undefined_function,
- (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
- ssl_undefined_function,
- (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
- (int (*)(SSL*, int))ssl_undefined_function,
- (int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function
- };
-
-int SSL_clear(SSL *s)
- {
- int state;
-
- if (s->method == NULL)
- {
- SSLerr(SSL_F_SSL_CLEAR,SSL_R_NO_METHOD_SPECIFIED);
- return(0);
- }
-
- s->error=0;
- s->hit=0;
- s->shutdown=0;
-
-#if 0 /* Disabled since version 1.10 of this file (early return not
- * needed because SSL_clear is not called when doing renegotiation) */
- /* This is set if we are doing dynamic renegotiation so keep
- * the old cipher. It is sort of a SSL_clear_lite :-) */
- if (s->new_session) return(1);
-#else
- if (s->new_session)
- {
- SSLerr(SSL_F_SSL_CLEAR,SSL_R_INTERNAL_ERROR);
- return 0;
- }
-#endif
-
- state=s->state; /* Keep to check if we throw away the session-id */
- s->type=0;
-
- s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT);
-
- s->version=s->method->version;
- s->client_version=s->version;
- s->rwstate=SSL_NOTHING;
- s->rstate=SSL_ST_READ_HEADER;
-#if 0
- s->read_ahead=s->ctx->read_ahead;
-#endif
-
- if (s->init_buf != NULL)
- {
- BUF_MEM_free(s->init_buf);
- s->init_buf=NULL;
- }
-
- ssl_clear_cipher_ctx(s);
-
- if (ssl_clear_bad_session(s))
- {
- SSL_SESSION_free(s->session);
- s->session=NULL;
- }
-
- s->first_packet=0;
-
-#if 1
- /* Check to see if we were changed into a different method, if
- * so, revert back if we are not doing session-id reuse. */
- if ((s->session == NULL) && (s->method != s->ctx->method))
- {
- s->method->ssl_free(s);
- s->method=s->ctx->method;
- if (!s->method->ssl_new(s))
- return(0);
- }
- else
-#endif
- s->method->ssl_clear(s);
- return(1);
- }
-
-/** Used to change an SSL_CTXs default SSL method type */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth)
- {
- STACK_OF(SSL_CIPHER) *sk;
-
- ctx->method=meth;
-
- sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
- &(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST);
- if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
- {
- SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
- return(0);
- }
- return(1);
- }
-
-SSL *SSL_new(SSL_CTX *ctx)
- {
- SSL *s;
-
- if (ctx == NULL)
- {
- SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX);
- return(NULL);
- }
- if (ctx->method == NULL)
- {
- SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
- return(NULL);
- }
-
- s=(SSL *)OPENSSL_malloc(sizeof(SSL));
- if (s == NULL) goto err;
- memset(s,0,sizeof(SSL));
-
- if (ctx->cert != NULL)
- {
- /* Earlier library versions used to copy the pointer to
- * the CERT, not its contents; only when setting new
- * parameters for the per-SSL copy, ssl_cert_new would be
- * called (and the direct reference to the per-SSL_CTX
- * settings would be lost, but those still were indirectly
- * accessed for various purposes, and for that reason they
- * used to be known as s->ctx->default_cert).
- * Now we don't look at the SSL_CTX's CERT after having
- * duplicated it once. */
-
- s->cert = ssl_cert_dup(ctx->cert);
- if (s->cert == NULL)
- goto err;
- }
- else
- s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
- s->sid_ctx_length=ctx->sid_ctx_length;
- memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
- s->verify_mode=ctx->verify_mode;
- s->verify_depth=ctx->verify_depth;
- s->verify_callback=ctx->default_verify_callback;
- s->purpose = ctx->purpose;
- s->trust = ctx->trust;
- CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
- s->ctx=ctx;
-
- s->verify_result=X509_V_OK;
-
- s->method=ctx->method;
-
- if (!s->method->ssl_new(s))
- goto err;
-
- s->quiet_shutdown=ctx->quiet_shutdown;
- s->references=1;
- s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1;
- s->options=ctx->options;
- s->mode=ctx->mode;
- s->read_ahead=ctx->read_ahead; /* used to happen in SSL_clear */
- SSL_clear(s);
-
- CRYPTO_new_ex_data(ssl_meth,s,&s->ex_data);
-
- return(s);
-err:
- if (s != NULL)
- {
- if (s->cert != NULL)
- ssl_cert_free(s->cert);
- if (s->ctx != NULL)
- SSL_CTX_free(s->ctx); /* decrement reference count */
- OPENSSL_free(s);
- }
- SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
-
-int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
- unsigned int sid_ctx_len)
- {
- if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
- {
- SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
- return 0;
- }
- ctx->sid_ctx_length=sid_ctx_len;
- memcpy(ctx->sid_ctx,sid_ctx,sid_ctx_len);
-
- return 1;
- }
-
-int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
- unsigned int sid_ctx_len)
- {
- if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
- {
- SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
- return 0;
- }
- ssl->sid_ctx_length=sid_ctx_len;
- memcpy(ssl->sid_ctx,sid_ctx,sid_ctx_len);
-
- return 1;
- }
-
-int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
-{
- if(X509_PURPOSE_get_by_id(purpose) == -1) {
- SSLerr(SSL_F_SSL_CTX_SET_PURPOSE, SSL_R_INVALID_PURPOSE);
- return 0;
- }
- s->purpose = purpose;
- return 1;
-}
-
-int SSL_set_purpose(SSL *s, int purpose)
-{
- if(X509_PURPOSE_get_by_id(purpose) == -1) {
- SSLerr(SSL_F_SSL_SET_PURPOSE, SSL_R_INVALID_PURPOSE);
- return 0;
- }
- s->purpose = purpose;
- return 1;
-}
-
-int SSL_CTX_set_trust(SSL_CTX *s, int trust)
-{
- if(X509_TRUST_get_by_id(trust) == -1) {
- SSLerr(SSL_F_SSL_CTX_SET_TRUST, SSL_R_INVALID_TRUST);
- return 0;
- }
- s->trust = trust;
- return 1;
-}
-
-int SSL_set_trust(SSL *s, int trust)
-{
- if(X509_TRUST_get_by_id(trust) == -1) {
- SSLerr(SSL_F_SSL_SET_TRUST, SSL_R_INVALID_TRUST);
- return 0;
- }
- s->trust = trust;
- return 1;
-}
-
-void SSL_free(SSL *s)
- {
- int i;
-
- if(s == NULL)
- return;
-
- i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL);
-#ifdef REF_PRINT
- REF_PRINT("SSL",s);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"SSL_free, bad reference count\n");
- abort(); /* ok */
- }
-#endif
-
- CRYPTO_free_ex_data(ssl_meth,(char *)s,&s->ex_data);
-
- if (s->bbio != NULL)
- {
- /* If the buffering BIO is in place, pop it off */
- if (s->bbio == s->wbio)
- {
- s->wbio=BIO_pop(s->wbio);
- }
- BIO_free(s->bbio);
- s->bbio=NULL;
- }
- if (s->rbio != NULL)
- BIO_free_all(s->rbio);
- if ((s->wbio != NULL) && (s->wbio != s->rbio))
- BIO_free_all(s->wbio);
-
- if (s->init_buf != NULL) BUF_MEM_free(s->init_buf);
-
- /* add extra stuff */
- if (s->cipher_list != NULL) sk_SSL_CIPHER_free(s->cipher_list);
- if (s->cipher_list_by_id != NULL) sk_SSL_CIPHER_free(s->cipher_list_by_id);
-
- /* Make the next call work :-) */
- if (s->session != NULL)
- {
- ssl_clear_bad_session(s);
- SSL_SESSION_free(s->session);
- }
-
- ssl_clear_cipher_ctx(s);
-
- if (s->cert != NULL) ssl_cert_free(s->cert);
- /* Free up if allocated */
-
- if (s->ctx) SSL_CTX_free(s->ctx);
-
- if (s->client_CA != NULL)
- sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free);
-
- if (s->method != NULL) s->method->ssl_free(s);
-
- OPENSSL_free(s);
- }
-
-void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
- {
- /* If the output buffering BIO is still in place, remove it
- */
- if (s->bbio != NULL)
- {
- if (s->wbio == s->bbio)
- {
- s->wbio=s->wbio->next_bio;
- s->bbio->next_bio=NULL;
- }
- }
- if ((s->rbio != NULL) && (s->rbio != rbio))
- BIO_free_all(s->rbio);
- if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
- BIO_free_all(s->wbio);
- s->rbio=rbio;
- s->wbio=wbio;
- }
-
-BIO *SSL_get_rbio(SSL *s)
- { return(s->rbio); }
-
-BIO *SSL_get_wbio(SSL *s)
- { return(s->wbio); }
-
-int SSL_get_fd(SSL *s)
- {
- int ret= -1;
- BIO *b,*r;
-
- b=SSL_get_rbio(s);
- r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
- if (r != NULL)
- BIO_get_fd(r,&ret);
- return(ret);
- }
-
-#ifndef NO_SOCK
-int SSL_set_fd(SSL *s,int fd)
- {
- int ret=0;
- BIO *bio=NULL;
-
- bio=BIO_new(BIO_s_socket());
-
- if (bio == NULL)
- {
- SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB);
- goto err;
- }
- BIO_set_fd(bio,fd,BIO_NOCLOSE);
- SSL_set_bio(s,bio,bio);
- ret=1;
-err:
- return(ret);
- }
-
-int SSL_set_wfd(SSL *s,int fd)
- {
- int ret=0;
- BIO *bio=NULL;
-
- if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
- || ((int)BIO_get_fd(s->rbio,NULL) != fd))
- {
- bio=BIO_new(BIO_s_socket());
-
- if (bio == NULL)
- { SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
- BIO_set_fd(bio,fd,BIO_NOCLOSE);
- SSL_set_bio(s,SSL_get_rbio(s),bio);
- }
- else
- SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s));
- ret=1;
-err:
- return(ret);
- }
-
-int SSL_set_rfd(SSL *s,int fd)
- {
- int ret=0;
- BIO *bio=NULL;
-
- if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
- || ((int)BIO_get_fd(s->wbio,NULL) != fd))
- {
- bio=BIO_new(BIO_s_socket());
-
- if (bio == NULL)
- {
- SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
- goto err;
- }
- BIO_set_fd(bio,fd,BIO_NOCLOSE);
- SSL_set_bio(s,bio,SSL_get_wbio(s));
- }
- else
- SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s));
- ret=1;
-err:
- return(ret);
- }
-#endif
-
-
-/* return length of latest Finished message we sent, copy to 'buf' */
-size_t SSL_get_finished(SSL *s, void *buf, size_t count)
- {
- size_t ret = 0;
-
- if (s->s3 != NULL)
- {
- ret = s->s3->tmp.finish_md_len;
- if (count > ret)
- count = ret;
- memcpy(buf, s->s3->tmp.finish_md, count);
- }
- return ret;
- }
-
-/* return length of latest Finished message we expected, copy to 'buf' */
-size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count)
- {
- size_t ret = 0;
-
- if (s->s3 != NULL)
- {
- ret = s->s3->tmp.peer_finish_md_len;
- if (count > ret)
- count = ret;
- memcpy(buf, s->s3->tmp.peer_finish_md, count);
- }
- return ret;
- }
-
-
-int SSL_get_verify_mode(SSL *s)
- {
- return(s->verify_mode);
- }
-
-int SSL_get_verify_depth(SSL *s)
- {
- return(s->verify_depth);
- }
-
-int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *)
- {
- return(s->verify_callback);
- }
-
-int SSL_CTX_get_verify_mode(SSL_CTX *ctx)
- {
- return(ctx->verify_mode);
- }
-
-int SSL_CTX_get_verify_depth(SSL_CTX *ctx)
- {
- return(ctx->verify_depth);
- }
-
-int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *)
- {
- return(ctx->default_verify_callback);
- }
-
-void SSL_set_verify(SSL *s,int mode,
- int (*callback)(int ok,X509_STORE_CTX *ctx))
- {
- s->verify_mode=mode;
- if (callback != NULL)
- s->verify_callback=callback;
- }
-
-void SSL_set_verify_depth(SSL *s,int depth)
- {
- s->verify_depth=depth;
- }
-
-void SSL_set_read_ahead(SSL *s,int yes)
- {
- s->read_ahead=yes;
- }
-
-int SSL_get_read_ahead(SSL *s)
- {
- return(s->read_ahead);
- }
-
-int SSL_pending(SSL *s)
- {
- return(s->method->ssl_pending(s));
- }
-
-X509 *SSL_get_peer_certificate(SSL *s)
- {
- X509 *r;
-
- if ((s == NULL) || (s->session == NULL))
- r=NULL;
- else
- r=s->session->peer;
-
- if (r == NULL) return(r);
-
- CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509);
-
- return(r);
- }
-
-STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s)
- {
- STACK_OF(X509) *r;
-
- if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL))
- r=NULL;
- else
- r=s->session->sess_cert->cert_chain;
-
- /* If we are a client, cert_chain includes the peer's own
- * certificate; if we are a server, it does not. */
-
- return(r);
- }
-
-/* Now in theory, since the calling process own 't' it should be safe to
- * modify. We need to be able to read f without being hassled */
-void SSL_copy_session_id(SSL *t,SSL *f)
- {
- CERT *tmp;
-
- /* Do we need to to SSL locking? */
- SSL_set_session(t,SSL_get_session(f));
-
- /* what if we are setup as SSLv2 but want to talk SSLv3 or
- * vice-versa */
- if (t->method != f->method)
- {
- t->method->ssl_free(t); /* cleanup current */
- t->method=f->method; /* change method */
- t->method->ssl_new(t); /* setup new */
- }
-
- tmp=t->cert;
- if (f->cert != NULL)
- {
- CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT);
- t->cert=f->cert;
- }
- else
- t->cert=NULL;
- if (tmp != NULL) ssl_cert_free(tmp);
- SSL_set_session_id_context(t,f->sid_ctx,f->sid_ctx_length);
- }
-
-/* Fix this so it checks all the valid key/cert options */
-int SSL_CTX_check_private_key(SSL_CTX *ctx)
- {
- if ( (ctx == NULL) ||
- (ctx->cert == NULL) ||
- (ctx->cert->key->x509 == NULL))
- {
- SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
- return(0);
- }
- if (ctx->cert->key->privatekey == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
- return(0);
- }
- return(X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey));
- }
-
-/* Fix this function so that it takes an optional type parameter */
-int SSL_check_private_key(SSL *ssl)
- {
- if (ssl == NULL)
- {
- SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
- if (ssl->cert == NULL)
- {
- SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
- return 0;
- }
- if (ssl->cert->key->x509 == NULL)
- {
- SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
- return(0);
- }
- if (ssl->cert->key->privatekey == NULL)
- {
- SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
- return(0);
- }
- return(X509_check_private_key(ssl->cert->key->x509,
- ssl->cert->key->privatekey));
- }
-
-int SSL_accept(SSL *s)
- {
- if (s->handshake_func == 0)
- /* Not properly initialized yet */
- SSL_set_accept_state(s);
-
- return(s->method->ssl_accept(s));
- }
-
-int SSL_connect(SSL *s)
- {
- if (s->handshake_func == 0)
- /* Not properly initialized yet */
- SSL_set_connect_state(s);
-
- return(s->method->ssl_connect(s));
- }
-
-long SSL_get_default_timeout(SSL *s)
- {
- return(s->method->get_timeout());
- }
-
-int SSL_read(SSL *s,void *buf,int num)
- {
- if (s->handshake_func == 0)
- {
- SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
- return -1;
- }
-
- if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
- {
- s->rwstate=SSL_NOTHING;
- return(0);
- }
- return(s->method->ssl_read(s,buf,num));
- }
-
-int SSL_peek(SSL *s,void *buf,int num)
- {
- if (s->handshake_func == 0)
- {
- SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
- return -1;
- }
-
- if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
- {
- return(0);
- }
- return(s->method->ssl_peek(s,buf,num));
- }
-
-int SSL_write(SSL *s,const void *buf,int num)
- {
- if (s->handshake_func == 0)
- {
- SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
- return -1;
- }
-
- if (s->shutdown & SSL_SENT_SHUTDOWN)
- {
- s->rwstate=SSL_NOTHING;
- SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN);
- return(-1);
- }
- return(s->method->ssl_write(s,buf,num));
- }
-
-int SSL_shutdown(SSL *s)
- {
- /* Note that this function behaves differently from what one might
- * expect. Return values are 0 for no success (yet),
- * 1 for success; but calling it once is usually not enough,
- * even if blocking I/O is used (see ssl3_shutdown).
- */
-
- if (s->handshake_func == 0)
- {
- SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
- return -1;
- }
-
- if ((s != NULL) && !SSL_in_init(s))
- return(s->method->ssl_shutdown(s));
- else
- return(1);
- }
-
-int SSL_renegotiate(SSL *s)
- {
- s->new_session=1;
- return(s->method->ssl_renegotiate(s));
- }
-
-long SSL_ctrl(SSL *s,int cmd,long larg,char *parg)
- {
- long l;
-
- switch (cmd)
- {
- case SSL_CTRL_GET_READ_AHEAD:
- return(s->read_ahead);
- case SSL_CTRL_SET_READ_AHEAD:
- l=s->read_ahead;
- s->read_ahead=larg;
- return(l);
- case SSL_CTRL_OPTIONS:
- return(s->options|=larg);
- case SSL_CTRL_MODE:
- return(s->mode|=larg);
- default:
- return(s->method->ssl_ctrl(s,cmd,larg,parg));
- }
- }
-
-long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)())
- {
- switch(cmd)
- {
- default:
- return(s->method->ssl_callback_ctrl(s,cmd,fp));
- }
- }
-
-struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx)
- {
- return ctx->sessions;
- }
-
-long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,char *parg)
- {
- long l;
-
- switch (cmd)
- {
- case SSL_CTRL_GET_READ_AHEAD:
- return(ctx->read_ahead);
- case SSL_CTRL_SET_READ_AHEAD:
- l=ctx->read_ahead;
- ctx->read_ahead=larg;
- return(l);
-
- case SSL_CTRL_SET_SESS_CACHE_SIZE:
- l=ctx->session_cache_size;
- ctx->session_cache_size=larg;
- return(l);
- case SSL_CTRL_GET_SESS_CACHE_SIZE:
- return(ctx->session_cache_size);
- case SSL_CTRL_SET_SESS_CACHE_MODE:
- l=ctx->session_cache_mode;
- ctx->session_cache_mode=larg;
- return(l);
- case SSL_CTRL_GET_SESS_CACHE_MODE:
- return(ctx->session_cache_mode);
-
- case SSL_CTRL_SESS_NUMBER:
- return(ctx->sessions->num_items);
- case SSL_CTRL_SESS_CONNECT:
- return(ctx->stats.sess_connect);
- case SSL_CTRL_SESS_CONNECT_GOOD:
- return(ctx->stats.sess_connect_good);
- case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
- return(ctx->stats.sess_connect_renegotiate);
- case SSL_CTRL_SESS_ACCEPT:
- return(ctx->stats.sess_accept);
- case SSL_CTRL_SESS_ACCEPT_GOOD:
- return(ctx->stats.sess_accept_good);
- case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
- return(ctx->stats.sess_accept_renegotiate);
- case SSL_CTRL_SESS_HIT:
- return(ctx->stats.sess_hit);
- case SSL_CTRL_SESS_CB_HIT:
- return(ctx->stats.sess_cb_hit);
- case SSL_CTRL_SESS_MISSES:
- return(ctx->stats.sess_miss);
- case SSL_CTRL_SESS_TIMEOUTS:
- return(ctx->stats.sess_timeout);
- case SSL_CTRL_SESS_CACHE_FULL:
- return(ctx->stats.sess_cache_full);
- case SSL_CTRL_OPTIONS:
- return(ctx->options|=larg);
- case SSL_CTRL_MODE:
- return(ctx->mode|=larg);
- default:
- return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
- }
- }
-
-long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
- {
- switch(cmd)
- {
- default:
- return(ctx->method->ssl_ctx_callback_ctrl(ctx,cmd,fp));
- }
- }
-
-int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
- {
- long l;
-
- l=a->id-b->id;
- if (l == 0L)
- return(0);
- else
- return((l > 0)?1:-1);
- }
-
-int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
- const SSL_CIPHER * const *bp)
- {
- long l;
-
- l=(*ap)->id-(*bp)->id;
- if (l == 0L)
- return(0);
- else
- return((l > 0)?1:-1);
- }
-
-/** return a STACK of the ciphers available for the SSL and in order of
- * preference */
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s)
- {
- if ((s != NULL) && (s->cipher_list != NULL))
- {
- return(s->cipher_list);
- }
- else if ((s->ctx != NULL) &&
- (s->ctx->cipher_list != NULL))
- {
- return(s->ctx->cipher_list);
- }
- return(NULL);
- }
-
-/** return a STACK of the ciphers available for the SSL and in order of
- * algorithm id */
-STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
- {
- if ((s != NULL) && (s->cipher_list_by_id != NULL))
- {
- return(s->cipher_list_by_id);
- }
- else if ((s != NULL) && (s->ctx != NULL) &&
- (s->ctx->cipher_list_by_id != NULL))
- {
- return(s->ctx->cipher_list_by_id);
- }
- return(NULL);
- }
-
-/** The old interface to get the same thing as SSL_get_ciphers() */
-const char *SSL_get_cipher_list(SSL *s,int n)
- {
- SSL_CIPHER *c;
- STACK_OF(SSL_CIPHER) *sk;
-
- if (s == NULL) return(NULL);
- sk=SSL_get_ciphers(s);
- if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
- return(NULL);
- c=sk_SSL_CIPHER_value(sk,n);
- if (c == NULL) return(NULL);
- return(c->name);
- }
-
-/** specify the ciphers to be used by default by the SSL_CTX */
-int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
- {
- STACK_OF(SSL_CIPHER) *sk;
-
- sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
- &ctx->cipher_list_by_id,str);
-/* XXXX */
- return((sk == NULL)?0:1);
- }
-
-/** specify the ciphers to be used by the SSL */
-int SSL_set_cipher_list(SSL *s,const char *str)
- {
- STACK_OF(SSL_CIPHER) *sk;
-
- sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
- &s->cipher_list_by_id,str);
-/* XXXX */
- return((sk == NULL)?0:1);
- }
-
-/* works well for SSLv2, not so good for SSLv3 */
-char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
- {
- char *p;
- const char *cp;
- STACK_OF(SSL_CIPHER) *sk;
- SSL_CIPHER *c;
- int i;
-
- if ((s->session == NULL) || (s->session->ciphers == NULL) ||
- (len < 2))
- return(NULL);
-
- p=buf;
- sk=s->session->ciphers;
- for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
- {
- /* Decrement for either the ':' or a '\0' */
- len--;
- c=sk_SSL_CIPHER_value(sk,i);
- for (cp=c->name; *cp; )
- {
- if (len-- == 0)
- {
- *p='\0';
- return(buf);
- }
- else
- *(p++)= *(cp++);
- }
- *(p++)=':';
- }
- p[-1]='\0';
- return(buf);
- }
-
-int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
- {
- int i,j=0;
- SSL_CIPHER *c;
- unsigned char *q;
-
- if (sk == NULL) return(0);
- q=p;
-
- for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
- {
- c=sk_SSL_CIPHER_value(sk,i);
- j=ssl_put_cipher_by_char(s,c,p);
- p+=j;
- }
- return(p-q);
- }
-
-STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
- STACK_OF(SSL_CIPHER) **skp)
- {
- SSL_CIPHER *c;
- STACK_OF(SSL_CIPHER) *sk;
- int i,n;
-
- n=ssl_put_cipher_by_char(s,NULL,NULL);
- if ((num%n) != 0)
- {
- SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
- return(NULL);
- }
- if ((skp == NULL) || (*skp == NULL))
- sk=sk_SSL_CIPHER_new_null(); /* change perhaps later */
- else
- {
- sk= *skp;
- sk_SSL_CIPHER_zero(sk);
- }
-
- for (i=0; i<num; i+=n)
- {
- c=ssl_get_cipher_by_char(s,p);
- p+=n;
- if (c != NULL)
- {
- if (!sk_SSL_CIPHER_push(sk,c))
- {
- SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
- }
-
- if (skp != NULL)
- *skp=sk;
- return(sk);
-err:
- if ((skp == NULL) || (*skp == NULL))
- sk_SSL_CIPHER_free(sk);
- return(NULL);
- }
-
-unsigned long SSL_SESSION_hash(SSL_SESSION *a)
- {
- unsigned long l;
-
- l=(unsigned long)
- ((unsigned int) a->session_id[0] )|
- ((unsigned int) a->session_id[1]<< 8L)|
- ((unsigned long)a->session_id[2]<<16L)|
- ((unsigned long)a->session_id[3]<<24L);
- return(l);
- }
-
-int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b)
- {
- if (a->ssl_version != b->ssl_version)
- return(1);
- if (a->session_id_length != b->session_id_length)
- return(1);
- return(memcmp(a->session_id,b->session_id,a->session_id_length));
- }
-
-SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
- {
- SSL_CTX *ret=NULL;
-
- if (meth == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED);
- return(NULL);
- }
-
- if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
- {
- SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
- goto err;
- }
- ret=(SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
- if (ret == NULL)
- goto err;
-
- memset(ret,0,sizeof(SSL_CTX));
-
- ret->method=meth;
-
- ret->cert_store=NULL;
- ret->session_cache_mode=SSL_SESS_CACHE_SERVER;
- ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
- ret->session_cache_head=NULL;
- ret->session_cache_tail=NULL;
-
- /* We take the system default */
- ret->session_timeout=meth->get_timeout();
-
- ret->new_session_cb=NULL;
- ret->remove_session_cb=NULL;
- ret->get_session_cb=NULL;
-
- memset((char *)&ret->stats,0,sizeof(ret->stats));
-
- ret->references=1;
- ret->quiet_shutdown=0;
-
-/* ret->cipher=NULL;*/
-/* ret->s2->challenge=NULL;
- ret->master_key=NULL;
- ret->key_arg=NULL;
- ret->s2->conn_id=NULL; */
-
- ret->info_callback=NULL;
-
- ret->app_verify_callback=NULL;
- ret->app_verify_arg=NULL;
-
- ret->read_ahead=0;
- ret->verify_mode=SSL_VERIFY_NONE;
- ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
- ret->default_verify_callback=NULL;
- if ((ret->cert=ssl_cert_new()) == NULL)
- goto err;
-
- ret->default_passwd_callback=NULL;
- ret->default_passwd_callback_userdata=NULL;
- ret->client_cert_cb=NULL;
-
- ret->sessions=lh_new(SSL_SESSION_hash,SSL_SESSION_cmp);
- if (ret->sessions == NULL) goto err;
- ret->cert_store=X509_STORE_new();
- if (ret->cert_store == NULL) goto err;
-
- ssl_create_cipher_list(ret->method,
- &ret->cipher_list,&ret->cipher_list_by_id,
- SSL_DEFAULT_CIPHER_LIST);
- if (ret->cipher_list == NULL
- || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
- {
- SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS);
- goto err2;
- }
-
- if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
- goto err2;
- }
- if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
- goto err2;
- }
- if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
- goto err2;
- }
-
- if ((ret->client_CA=sk_X509_NAME_new_null()) == NULL)
- goto err;
-
- CRYPTO_new_ex_data(ssl_ctx_meth,(char *)ret,&ret->ex_data);
-
- ret->extra_certs=NULL;
- ret->comp_methods=SSL_COMP_get_compression_methods();
-
- return(ret);
-err:
- SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
-err2:
- if (ret != NULL) SSL_CTX_free(ret);
- return(NULL);
- }
-
-static void SSL_COMP_free(SSL_COMP *comp)
- { OPENSSL_free(comp); }
-
-void SSL_CTX_free(SSL_CTX *a)
- {
- int i;
-
- if (a == NULL) return;
-
- i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX);
-#ifdef REF_PRINT
- REF_PRINT("SSL_CTX",a);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"SSL_CTX_free, bad reference count\n");
- abort(); /* ok */
- }
-#endif
- CRYPTO_free_ex_data(ssl_ctx_meth,(char *)a,&a->ex_data);
-
- if (a->sessions != NULL)
- {
- SSL_CTX_flush_sessions(a,0);
- lh_free(a->sessions);
- }
- if (a->cert_store != NULL)
- X509_STORE_free(a->cert_store);
- if (a->cipher_list != NULL)
- sk_SSL_CIPHER_free(a->cipher_list);
- if (a->cipher_list_by_id != NULL)
- sk_SSL_CIPHER_free(a->cipher_list_by_id);
- if (a->cert != NULL)
- ssl_cert_free(a->cert);
- if (a->client_CA != NULL)
- sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free);
- if (a->extra_certs != NULL)
- sk_X509_pop_free(a->extra_certs,X509_free);
- if (a->comp_methods != NULL)
- sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free);
- OPENSSL_free(a);
- }
-
-void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
- {
- ctx->default_passwd_callback=cb;
- }
-
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,void *u)
- {
- ctx->default_passwd_callback_userdata=u;
- }
-
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,int (*cb)(),char *arg)
- {
- /* now
- * int (*cb)(X509_STORE_CTX *),
- * but should be
- * int (*cb)(X509_STORE_CTX *, void *arg)
- */
- ctx->app_verify_callback=cb;
- ctx->app_verify_arg=arg; /* never used */
- }
-
-void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
- {
- ctx->verify_mode=mode;
- ctx->default_verify_callback=cb;
- /* This needs cleaning up EAY EAY EAY */
- X509_STORE_set_verify_cb_func(ctx->cert_store,cb);
- }
-
-void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
- {
- ctx->verify_depth=depth;
- }
-
-void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
- {
- CERT_PKEY *cpk;
- int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
- int rsa_enc_export,dh_rsa_export,dh_dsa_export;
- int rsa_tmp_export,dh_tmp_export,kl;
- unsigned long mask,emask;
-
- if (c == NULL) return;
-
- kl=SSL_C_EXPORT_PKEYLENGTH(cipher);
-
-#ifndef NO_RSA
- rsa_tmp=(c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
- rsa_tmp_export=(c->rsa_tmp_cb != NULL ||
- (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
-#else
- rsa_tmp=rsa_tmp_export=0;
-#endif
-#ifndef NO_DH
- dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
- dh_tmp_export=(c->dh_tmp_cb != NULL ||
- (dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
-#else
- dh_tmp=dh_tmp_export=0;
-#endif
-
- cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
- rsa_enc= (cpk->x509 != NULL && cpk->privatekey != NULL);
- rsa_enc_export=(rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
- cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]);
- rsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
- cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]);
- dsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
- cpk= &(c->pkeys[SSL_PKEY_DH_RSA]);
- dh_rsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
- dh_rsa_export=(dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
- cpk= &(c->pkeys[SSL_PKEY_DH_DSA]);
-/* FIX THIS EAY EAY EAY */
- dh_dsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
- dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
-
- mask=0;
- emask=0;
-
-#ifdef CIPHER_DEBUG
- printf("rt=%d rte=%d dht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
- rsa_tmp,rsa_tmp_export,dh_tmp,
- rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa);
-#endif
-
- if (rsa_enc || (rsa_tmp && rsa_sign))
- mask|=SSL_kRSA;
- if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
- emask|=SSL_kRSA;
-
-#if 0
- /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
- if ( (dh_tmp || dh_rsa || dh_dsa) &&
- (rsa_enc || rsa_sign || dsa_sign))
- mask|=SSL_kEDH;
- if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
- (rsa_enc || rsa_sign || dsa_sign))
- emask|=SSL_kEDH;
-#endif
-
- if (dh_tmp_export)
- emask|=SSL_kEDH;
-
- if (dh_tmp)
- mask|=SSL_kEDH;
-
- if (dh_rsa) mask|=SSL_kDHr;
- if (dh_rsa_export) emask|=SSL_kDHr;
-
- if (dh_dsa) mask|=SSL_kDHd;
- if (dh_dsa_export) emask|=SSL_kDHd;
-
- if (rsa_enc || rsa_sign)
- {
- mask|=SSL_aRSA;
- emask|=SSL_aRSA;
- }
-
- if (dsa_sign)
- {
- mask|=SSL_aDSS;
- emask|=SSL_aDSS;
- }
-
- mask|=SSL_aNULL;
- emask|=SSL_aNULL;
-
- c->mask=mask;
- c->export_mask=emask;
- c->valid=1;
- }
-
-/* THIS NEEDS CLEANING UP */
-X509 *ssl_get_server_send_cert(SSL *s)
- {
- unsigned long alg,mask,kalg;
- CERT *c;
- int i,is_export;
-
- c=s->cert;
- ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
- alg=s->s3->tmp.new_cipher->algorithms;
- is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
- mask=is_export?c->export_mask:c->mask;
- kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
-
- if (kalg & SSL_kDHr)
- i=SSL_PKEY_DH_RSA;
- else if (kalg & SSL_kDHd)
- i=SSL_PKEY_DH_DSA;
- else if (kalg & SSL_aDSS)
- i=SSL_PKEY_DSA_SIGN;
- else if (kalg & SSL_aRSA)
- {
- if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
- i=SSL_PKEY_RSA_SIGN;
- else
- i=SSL_PKEY_RSA_ENC;
- }
- else /* if (kalg & SSL_aNULL) */
- {
- SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,SSL_R_INTERNAL_ERROR);
- return(NULL);
- }
- if (c->pkeys[i].x509 == NULL) return(NULL);
- return(c->pkeys[i].x509);
- }
-
-EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
- {
- unsigned long alg;
- CERT *c;
-
- alg=cipher->algorithms;
- c=s->cert;
-
- if ((alg & SSL_aDSS) &&
- (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
- return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
- else if (alg & SSL_aRSA)
- {
- if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
- return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
- else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
- return(c->pkeys[SSL_PKEY_RSA_ENC].privatekey);
- else
- return(NULL);
- }
- else /* if (alg & SSL_aNULL) */
- {
- SSLerr(SSL_F_SSL_GET_SIGN_PKEY,SSL_R_INTERNAL_ERROR);
- return(NULL);
- }
- }
-
-void ssl_update_cache(SSL *s,int mode)
- {
- int i;
-
- /* If the session_id_length is 0, we are not supposed to cache it,
- * and it would be rather hard to do anyway :-) */
- if (s->session->session_id_length == 0) return;
-
- if ((s->ctx->session_cache_mode & mode)
- && (!s->hit)
- && SSL_CTX_add_session(s->ctx,s->session)
- && (s->ctx->new_session_cb != NULL))
- {
- CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
- if (!s->ctx->new_session_cb(s,s->session))
- SSL_SESSION_free(s->session);
- }
-
- /* auto flush every 255 connections */
- i=s->ctx->session_cache_mode;
- if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
- ((i & mode) == mode))
- {
- if ( (((mode & SSL_SESS_CACHE_CLIENT)
- ?s->ctx->stats.sess_connect_good
- :s->ctx->stats.sess_accept_good) & 0xff) == 0xff)
- {
- SSL_CTX_flush_sessions(s->ctx,time(NULL));
- }
- }
- }
-
-SSL_METHOD *SSL_get_ssl_method(SSL *s)
- {
- return(s->method);
- }
-
-int SSL_set_ssl_method(SSL *s,SSL_METHOD *meth)
- {
- int conn= -1;
- int ret=1;
-
- if (s->method != meth)
- {
- if (s->handshake_func != NULL)
- conn=(s->handshake_func == s->method->ssl_connect);
-
- if (s->method->version == meth->version)
- s->method=meth;
- else
- {
- s->method->ssl_free(s);
- s->method=meth;
- ret=s->method->ssl_new(s);
- }
-
- if (conn == 1)
- s->handshake_func=meth->ssl_connect;
- else if (conn == 0)
- s->handshake_func=meth->ssl_accept;
- }
- return(ret);
- }
-
-int SSL_get_error(SSL *s,int i)
- {
- int reason;
- unsigned long l;
- BIO *bio;
-
- if (i > 0) return(SSL_ERROR_NONE);
-
- /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
- * etc, where we do encode the error */
- if ((l=ERR_peek_error()) != 0)
- {
- if (ERR_GET_LIB(l) == ERR_LIB_SYS)
- return(SSL_ERROR_SYSCALL);
- else
- return(SSL_ERROR_SSL);
- }
-
- if ((i < 0) && SSL_want_read(s))
- {
- bio=SSL_get_rbio(s);
- if (BIO_should_read(bio))
- return(SSL_ERROR_WANT_READ);
- else if (BIO_should_write(bio))
- /* This one doesn't make too much sense ... We never try
- * to write to the rbio, and an application program where
- * rbio and wbio are separate couldn't even know what it
- * should wait for.
- * However if we ever set s->rwstate incorrectly
- * (so that we have SSL_want_read(s) instead of
- * SSL_want_write(s)) and rbio and wbio *are* the same,
- * this test works around that bug; so it might be safer
- * to keep it. */
- return(SSL_ERROR_WANT_WRITE);
- else if (BIO_should_io_special(bio))
- {
- reason=BIO_get_retry_reason(bio);
- if (reason == BIO_RR_CONNECT)
- return(SSL_ERROR_WANT_CONNECT);
- else
- return(SSL_ERROR_SYSCALL); /* unknown */
- }
- }
-
- if ((i < 0) && SSL_want_write(s))
- {
- bio=SSL_get_wbio(s);
- if (BIO_should_write(bio))
- return(SSL_ERROR_WANT_WRITE);
- else if (BIO_should_read(bio))
- /* See above (SSL_want_read(s) with BIO_should_write(bio)) */
- return(SSL_ERROR_WANT_READ);
- else if (BIO_should_io_special(bio))
- {
- reason=BIO_get_retry_reason(bio);
- if (reason == BIO_RR_CONNECT)
- return(SSL_ERROR_WANT_CONNECT);
- else
- return(SSL_ERROR_SYSCALL);
- }
- }
- if ((i < 0) && SSL_want_x509_lookup(s))
- {
- return(SSL_ERROR_WANT_X509_LOOKUP);
- }
-
- if (i == 0)
- {
- if (s->version == SSL2_VERSION)
- {
- /* assume it is the socket being closed */
- return(SSL_ERROR_ZERO_RETURN);
- }
- else
- {
- if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
- (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
- return(SSL_ERROR_ZERO_RETURN);
- }
- }
- return(SSL_ERROR_SYSCALL);
- }
-
-int SSL_do_handshake(SSL *s)
- {
- int ret=1;
-
- if (s->handshake_func == NULL)
- {
- SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET);
- return(-1);
- }
-
- s->method->ssl_renegotiate_check(s);
-
- if (SSL_in_init(s) || SSL_in_before(s))
- {
- ret=s->handshake_func(s);
- }
- return(ret);
- }
-
-/* For the next 2 functions, SSL_clear() sets shutdown and so
- * one of these calls will reset it */
-void SSL_set_accept_state(SSL *s)
- {
- s->server=1;
- s->shutdown=0;
- s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE;
- s->handshake_func=s->method->ssl_accept;
- /* clear the current cipher */
- ssl_clear_cipher_ctx(s);
- }
-
-void SSL_set_connect_state(SSL *s)
- {
- s->server=0;
- s->shutdown=0;
- s->state=SSL_ST_CONNECT|SSL_ST_BEFORE;
- s->handshake_func=s->method->ssl_connect;
- /* clear the current cipher */
- ssl_clear_cipher_ctx(s);
- }
-
-int ssl_undefined_function(SSL *s)
- {
- SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return(0);
- }
-
-SSL_METHOD *ssl_bad_method(int ver)
- {
- SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return(NULL);
- }
-
-const char *SSL_get_version(SSL *s)
- {
- if (s->version == TLS1_VERSION)
- return("TLSv1");
- else if (s->version == SSL3_VERSION)
- return("SSLv3");
- else if (s->version == SSL2_VERSION)
- return("SSLv2");
- else
- return("unknown");
- }
-
-SSL *SSL_dup(SSL *s)
- {
- STACK_OF(X509_NAME) *sk;
- X509_NAME *xn;
- SSL *ret;
- int i;
-
- if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL)
- return(NULL);
-
- if (s->session != NULL)
- {
- /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
- SSL_copy_session_id(ret,s);
- }
- else
- {
- /* No session has been established yet, so we have to expect
- * that s->cert or ret->cert will be changed later --
- * they should not both point to the same object,
- * and thus we can't use SSL_copy_session_id. */
-
- ret->method = s->method;
- ret->method->ssl_new(ret);
-
- if (s->cert != NULL)
- {
- if (ret->cert != NULL)
- {
- ssl_cert_free(ret->cert);
- }
- ret->cert = ssl_cert_dup(s->cert);
- if (ret->cert == NULL)
- goto err;
- }
-
- SSL_set_session_id_context(ret,
- s->sid_ctx, s->sid_ctx_length);
- }
-
- SSL_set_read_ahead(ret,SSL_get_read_ahead(s));
- SSL_set_verify(ret,SSL_get_verify_mode(s),
- SSL_get_verify_callback(s));
- SSL_set_verify_depth(ret,SSL_get_verify_depth(s));
-
- SSL_set_info_callback(ret,SSL_get_info_callback(s));
-
- ret->debug=s->debug;
- ret->options=s->options;
-
- /* copy app data, a little dangerous perhaps */
- if (!CRYPTO_dup_ex_data(ssl_meth,&ret->ex_data,&s->ex_data))
- goto err;
-
- /* setup rbio, and wbio */
- if (s->rbio != NULL)
- {
- if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
- goto err;
- }
- if (s->wbio != NULL)
- {
- if (s->wbio != s->rbio)
- {
- if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
- goto err;
- }
- else
- ret->wbio=ret->rbio;
- }
-
- /* dup the cipher_list and cipher_list_by_id stacks */
- if (s->cipher_list != NULL)
- {
- if ((ret->cipher_list=sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
- goto err;
- }
- if (s->cipher_list_by_id != NULL)
- if ((ret->cipher_list_by_id=sk_SSL_CIPHER_dup(s->cipher_list_by_id))
- == NULL)
- goto err;
-
- /* Dup the client_CA list */
- if (s->client_CA != NULL)
- {
- if ((sk=sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
- ret->client_CA=sk;
- for (i=0; i<sk_X509_NAME_num(sk); i++)
- {
- xn=sk_X509_NAME_value(sk,i);
- if (sk_X509_NAME_set(sk,i,X509_NAME_dup(xn)) == NULL)
- {
- X509_NAME_free(xn);
- goto err;
- }
- }
- }
-
- ret->shutdown=s->shutdown;
- ret->state=s->state;
- ret->handshake_func=s->handshake_func;
- ret->server=s->server;
-
- if (0)
- {
-err:
- if (ret != NULL) SSL_free(ret);
- ret=NULL;
- }
- return(ret);
- }
-
-void ssl_clear_cipher_ctx(SSL *s)
- {
- if (s->enc_read_ctx != NULL)
- {
- EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
- OPENSSL_free(s->enc_read_ctx);
- s->enc_read_ctx=NULL;
- }
- if (s->enc_write_ctx != NULL)
- {
- EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
- OPENSSL_free(s->enc_write_ctx);
- s->enc_write_ctx=NULL;
- }
- if (s->expand != NULL)
- {
- COMP_CTX_free(s->expand);
- s->expand=NULL;
- }
- if (s->compress != NULL)
- {
- COMP_CTX_free(s->compress);
- s->compress=NULL;
- }
- }
-
-/* Fix this function so that it takes an optional type parameter */
-X509 *SSL_get_certificate(SSL *s)
- {
- if (s->cert != NULL)
- return(s->cert->key->x509);
- else
- return(NULL);
- }
-
-/* Fix this function so that it takes an optional type parameter */
-EVP_PKEY *SSL_get_privatekey(SSL *s)
- {
- if (s->cert != NULL)
- return(s->cert->key->privatekey);
- else
- return(NULL);
- }
-
-SSL_CIPHER *SSL_get_current_cipher(SSL *s)
- {
- if ((s->session != NULL) && (s->session->cipher != NULL))
- return(s->session->cipher);
- return(NULL);
- }
-
-int ssl_init_wbio_buffer(SSL *s,int push)
- {
- BIO *bbio;
-
- if (s->bbio == NULL)
- {
- bbio=BIO_new(BIO_f_buffer());
- if (bbio == NULL) return(0);
- s->bbio=bbio;
- }
- else
- {
- bbio=s->bbio;
- if (s->bbio == s->wbio)
- s->wbio=BIO_pop(s->wbio);
- }
- (void)BIO_reset(bbio);
-/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
- if (!BIO_set_read_buffer_size(bbio,1))
- {
- SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB);
- return(0);
- }
- if (push)
- {
- if (s->wbio != bbio)
- s->wbio=BIO_push(bbio,s->wbio);
- }
- else
- {
- if (s->wbio == bbio)
- s->wbio=BIO_pop(bbio);
- }
- return(1);
- }
-
-void ssl_free_wbio_buffer(SSL *s)
- {
- if (s->bbio == NULL) return;
-
- if (s->bbio == s->wbio)
- {
- /* remove buffering */
- s->wbio=BIO_pop(s->wbio);
-#ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids adding one more preprocessor symbol */
- assert(s->wbio != NULL);
-#endif
- }
- BIO_free(s->bbio);
- s->bbio=NULL;
- }
-
-void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode)
- {
- ctx->quiet_shutdown=mode;
- }
-
-int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx)
- {
- return(ctx->quiet_shutdown);
- }
-
-void SSL_set_quiet_shutdown(SSL *s,int mode)
- {
- s->quiet_shutdown=mode;
- }
-
-int SSL_get_quiet_shutdown(SSL *s)
- {
- return(s->quiet_shutdown);
- }
-
-void SSL_set_shutdown(SSL *s,int mode)
- {
- s->shutdown=mode;
- }
-
-int SSL_get_shutdown(SSL *s)
- {
- return(s->shutdown);
- }
-
-int SSL_version(SSL *s)
- {
- return(s->version);
- }
-
-SSL_CTX *SSL_get_SSL_CTX(SSL *ssl)
- {
- return(ssl->ctx);
- }
-
-#ifndef NO_STDIO
-int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
- {
- return(X509_STORE_set_default_paths(ctx->cert_store));
- }
-
-int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
- const char *CApath)
- {
- return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
- }
-#endif
-
-void SSL_set_info_callback(SSL *ssl,void (*cb)())
- {
- ssl->info_callback=cb;
- }
-
-void (*SSL_get_info_callback(SSL *ssl))(void)
- {
- return((void (*)())ssl->info_callback);
- }
-
-int SSL_state(SSL *ssl)
- {
- return(ssl->state);
- }
-
-void SSL_set_verify_result(SSL *ssl,long arg)
- {
- ssl->verify_result=arg;
- }
-
-long SSL_get_verify_result(SSL *ssl)
- {
- return(ssl->verify_result);
- }
-
-int SSL_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
- {
- ssl_meth_num++;
- return(CRYPTO_get_ex_new_index(ssl_meth_num-1,
- &ssl_meth,argl,argp,new_func,dup_func,free_func));
- }
-
-int SSL_set_ex_data(SSL *s,int idx,void *arg)
- {
- return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
- }
-
-void *SSL_get_ex_data(SSL *s,int idx)
- {
- return(CRYPTO_get_ex_data(&s->ex_data,idx));
- }
-
-int SSL_CTX_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
- {
- ssl_ctx_meth_num++;
- return(CRYPTO_get_ex_new_index(ssl_ctx_meth_num-1,
- &ssl_ctx_meth,argl,argp,new_func,dup_func,free_func));
- }
-
-int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg)
- {
- return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
- }
-
-void *SSL_CTX_get_ex_data(SSL_CTX *s,int idx)
- {
- return(CRYPTO_get_ex_data(&s->ex_data,idx));
- }
-
-int ssl_ok(SSL *s)
- {
- return(1);
- }
-
-X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx)
- {
- return(ctx->cert_store);
- }
-
-void SSL_CTX_set_cert_store(SSL_CTX *ctx,X509_STORE *store)
- {
- if (ctx->cert_store != NULL)
- X509_STORE_free(ctx->cert_store);
- ctx->cert_store=store;
- }
-
-int SSL_want(SSL *s)
- {
- return(s->rwstate);
- }
-
-/*!
- * \brief Set the callback for generating temporary RSA keys.
- * \param ctx the SSL context.
- * \param cb the callback
- */
-
-#ifndef NO_RSA
-void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
- int is_export,
- int keylength))
- {
- SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
- }
-
-void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
- int is_export,
- int keylength))
- {
- SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
- }
-#endif
-
-#ifdef DOXYGEN
-/*!
- * \brief The RSA temporary key callback function.
- * \param ssl the SSL session.
- * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
- * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
- * of the required key in bits.
- * \return the temporary RSA key.
- * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
- */
-
-RSA *cb(SSL *ssl,int is_export,int keylength)
- {}
-#endif
-
-/*!
- * \brief Set the callback for generating temporary DH keys.
- * \param ctx the SSL context.
- * \param dh the callback
- */
-
-#ifndef NO_DH
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
- int keylength))
- {
- SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
- }
-
-void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
- int keylength))
- {
- SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
- }
-#endif
-
-#if defined(_WINDLL) && defined(WIN16)
-#include "../crypto/bio/bss_file.c"
-#endif
-
-IMPLEMENT_STACK_OF(SSL_CIPHER)
-IMPLEMENT_STACK_OF(SSL_COMP)
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
deleted file mode 100644
index 516d3cc5ae..0000000000
--- a/src/lib/libssl/ssl_locl.h
+++ /dev/null
@@ -1,609 +0,0 @@
-/* ssl/ssl_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SSL_LOCL_H
-#define HEADER_SSL_LOCL_H
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#include <errno.h>
-
-#include "openssl/e_os.h"
-
-#include <openssl/buffer.h>
-#include <openssl/comp.h>
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-#include <openssl/evp.h>
-#include <openssl/stack.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-#define PKCS1_CHECK
-
-#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
- l|=(((unsigned long)(*((c)++)))<< 8), \
- l|=(((unsigned long)(*((c)++)))<<16), \
- l|=(((unsigned long)(*((c)++)))<<24))
-
-/* NOTE - c is not incremented as per c2l */
-#define c2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c))))<<24; \
- case 7: l2|=((unsigned long)(*(--(c))))<<16; \
- case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
- case 5: l2|=((unsigned long)(*(--(c)))); \
- case 4: l1 =((unsigned long)(*(--(c))))<<24; \
- case 3: l1|=((unsigned long)(*(--(c))))<<16; \
- case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
- case 1: l1|=((unsigned long)(*(--(c)))); \
- } \
- }
-
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24)&0xff))
-
-#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
- l|=((unsigned long)(*((c)++)))<<16, \
- l|=((unsigned long)(*((c)++)))<< 8, \
- l|=((unsigned long)(*((c)++))))
-
-#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#define l2cn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
- } \
- }
-
-#define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \
- (((unsigned int)(c[1])) )),c+=2)
-#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
- c[1]=(unsigned char)(((s) )&0xff)),c+=2)
-
-#define n2l3(c,l) ((l =(((unsigned long)(c[0]))<<16)| \
- (((unsigned long)(c[1]))<< 8)| \
- (((unsigned long)(c[2])) )),c+=3)
-
-#define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \
- c[1]=(unsigned char)(((l)>> 8)&0xff), \
- c[2]=(unsigned char)(((l) )&0xff)),c+=3)
-
-/* LOCAL STUFF */
-
-#define SSL_DECRYPT 0
-#define SSL_ENCRYPT 1
-
-#define TWO_BYTE_BIT 0x80
-#define SEC_ESC_BIT 0x40
-#define TWO_BYTE_MASK 0x7fff
-#define THREE_BYTE_MASK 0x3fff
-
-#define INC32(a) ((a)=((a)+1)&0xffffffffL)
-#define DEC32(a) ((a)=((a)-1)&0xffffffffL)
-#define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */
-
-/*
- * Define the Bitmasks for SSL_CIPHER.algorithms.
- * This bits are used packed as dense as possible. If new methods/ciphers
- * etc will be added, the bits a likely to change, so this information
- * is for internal library use only, even though SSL_CIPHER.algorithms
- * can be publicly accessed.
- * Use the according functions for cipher management instead.
- *
- * The bit mask handling in the selection and sorting scheme in
- * ssl_create_cipher_list() has only limited capabilities, reflecting
- * that the different entities within are mutually exclusive:
- * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
- */
-#define SSL_MKEY_MASK 0x0000001FL
-#define SSL_kRSA 0x00000001L /* RSA key exchange */
-#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */
-#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */
-#define SSL_kFZA 0x00000008L
-#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */
-#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
-
-#define SSL_AUTH_MASK 0x000003e0L
-#define SSL_aRSA 0x00000020L /* Authenticate with RSA */
-#define SSL_aDSS 0x00000040L /* Authenticate with DSS */
-#define SSL_DSS SSL_aDSS
-#define SSL_aFZA 0x00000080L
-#define SSL_aNULL 0x00000100L /* no Authenticate, ADH */
-#define SSL_aDH 0x00000200L /* no Authenticate, ADH */
-
-#define SSL_NULL (SSL_eNULL)
-#define SSL_ADH (SSL_kEDH|SSL_aNULL)
-#define SSL_RSA (SSL_kRSA|SSL_aRSA)
-#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH)
-#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
-
-#define SSL_ENC_MASK 0x0001Fc00L
-#define SSL_DES 0x00000400L
-#define SSL_3DES 0x00000800L
-#define SSL_RC4 0x00001000L
-#define SSL_RC2 0x00002000L
-#define SSL_IDEA 0x00004000L
-#define SSL_eFZA 0x00008000L
-#define SSL_eNULL 0x00010000L
-
-#define SSL_MAC_MASK 0x00060000L
-#define SSL_MD5 0x00020000L
-#define SSL_SHA1 0x00040000L
-#define SSL_SHA (SSL_SHA1)
-
-#define SSL_SSL_MASK 0x00180000L
-#define SSL_SSLV2 0x00080000L
-#define SSL_SSLV3 0x00100000L
-#define SSL_TLSV1 SSL_SSLV3 /* for now */
-
-/* we have used 001fffff - 11 bits left to go */
-
-/*
- * Export and cipher strength information. For each cipher we have to decide
- * whether it is exportable or not. This information is likely to change
- * over time, since the export control rules are no static technical issue.
- *
- * Independent of the export flag the cipher strength is sorted into classes.
- * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
- * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
- * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
- * since SSL_EXP64 could be similar to SSL_LOW.
- * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
- * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
- * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
- * be possible.
- */
-#define SSL_EXP_MASK 0x00000003L
-#define SSL_NOT_EXP 0x00000001L
-#define SSL_EXPORT 0x00000002L
-
-#define SSL_STRONG_MASK 0x0000007cL
-#define SSL_EXP40 0x00000004L
-#define SSL_MICRO (SSL_EXP40)
-#define SSL_EXP56 0x00000008L
-#define SSL_MINI (SSL_EXP56)
-#define SSL_LOW 0x00000010L
-#define SSL_MEDIUM 0x00000020L
-#define SSL_HIGH 0x00000040L
-
-/* we have used 0000007f - 25 bits left to go */
-
-/*
- * Macros to check the export status and cipher strength for export ciphers.
- * Even though the macros for EXPORT and EXPORT40/56 have similar names,
- * their meaning is different:
- * *_EXPORT macros check the 'exportable' status.
- * *_EXPORT40/56 macros are used to check whether a certain cipher strength
- * is given.
- * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct
- * algorithm structure element to be passed (algorithms, algo_strength) and no
- * typechecking can be done as they are all of type unsigned long, their
- * direct usage is discouraged.
- * Use the SSL_C_* macros instead.
- */
-#define SSL_IS_EXPORT(a) ((a)&SSL_EXPORT)
-#define SSL_IS_EXPORT56(a) ((a)&SSL_EXP56)
-#define SSL_IS_EXPORT40(a) ((a)&SSL_EXP40)
-#define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algo_strength)
-#define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algo_strength)
-#define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength)
-
-#define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \
- ((a)&SSL_ENC_MASK) == SSL_DES ? 8 : 7)
-#define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
-#define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithms, \
- (c)->algo_strength)
-#define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
-
-
-#define SSL_ALL 0xffffffffL
-#define SSL_ALL_CIPHERS (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\
- SSL_MAC_MASK)
-#define SSL_ALL_STRENGTHS (SSL_EXP_MASK|SSL_STRONG_MASK)
-
-/* Mostly for SSLv3 */
-#define SSL_PKEY_RSA_ENC 0
-#define SSL_PKEY_RSA_SIGN 1
-#define SSL_PKEY_DSA_SIGN 2
-#define SSL_PKEY_DH_RSA 3
-#define SSL_PKEY_DH_DSA 4
-#define SSL_PKEY_NUM 5
-
-/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
- * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
- * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
- * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN
- * SSL_aRSA <- RSA_ENC | RSA_SIGN
- * SSL_aDSS <- DSA_SIGN
- */
-
-/*
-#define CERT_INVALID 0
-#define CERT_PUBLIC_KEY 1
-#define CERT_PRIVATE_KEY 2
-*/
-
-typedef struct cert_pkey_st
- {
- X509 *x509;
- EVP_PKEY *privatekey;
- } CERT_PKEY;
-
-typedef struct cert_st
- {
- /* Current active set */
- CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
- * Probably it would make more sense to store
- * an index, not a pointer. */
-
- /* The following masks are for the key and auth
- * algorithms that are supported by the certs below */
- int valid;
- unsigned long mask;
- unsigned long export_mask;
-#ifndef NO_RSA
- RSA *rsa_tmp;
- RSA *(*rsa_tmp_cb)(SSL *ssl,int is_export,int keysize);
-#endif
-#ifndef NO_DH
- DH *dh_tmp;
- DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize);
-#endif
-
- CERT_PKEY pkeys[SSL_PKEY_NUM];
-
- int references; /* >1 only if SSL_copy_session_id is used */
- } CERT;
-
-
-typedef struct sess_cert_st
- {
- STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
-
- /* The 'peer_...' members are used only by clients. */
- int peer_cert_type;
-
- CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
- CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
- /* Obviously we don't have the private keys of these,
- * so maybe we shouldn't even use the CERT_PKEY type here. */
-
-#ifndef NO_RSA
- RSA *peer_rsa_tmp; /* not used for SSL 2 */
-#endif
-#ifndef NO_DH
- DH *peer_dh_tmp; /* not used for SSL 2 */
-#endif
-
- int references; /* actually always 1 at the moment */
- } SESS_CERT;
-
-
-/*#define MAC_DEBUG */
-
-/*#define ERR_DEBUG */
-/*#define ABORT_DEBUG */
-/*#define PKT_DEBUG 1 */
-/*#define DES_DEBUG */
-/*#define DES_OFB_DEBUG */
-/*#define SSL_DEBUG */
-/*#define RSA_DEBUG */
-/*#define IDEA_DEBUG */
-
-#define FP_ICC (int (*)(const void *,const void *))
-#define ssl_put_cipher_by_char(ssl,ciph,ptr) \
- ((ssl)->method->put_cipher_by_char((ciph),(ptr)))
-#define ssl_get_cipher_by_char(ssl,ptr) \
- ((ssl)->method->get_cipher_by_char(ptr))
-
-/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
- * It is a bit of a mess of functions, but hell, think of it as
- * an opaque structure :-) */
-typedef struct ssl3_enc_method
- {
- int (*enc)(SSL *, int);
- int (*mac)(SSL *, unsigned char *, int);
- int (*setup_key_block)(SSL *);
- int (*generate_master_secret)(SSL *, unsigned char *, unsigned char *, int);
- int (*change_cipher_state)(SSL *, int);
- int (*final_finish_mac)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *, int, unsigned char *);
- int finish_mac_length;
- int (*cert_verify_mac)(SSL *, EVP_MD_CTX *, unsigned char *);
- const char *client_finished_label;
- int client_finished_label_len;
- const char *server_finished_label;
- int server_finished_label_len;
- int (*alert_value)(int);
- } SSL3_ENC_METHOD;
-
-/* Used for holding the relevant compression methods loaded into SSL_CTX */
-typedef struct ssl3_comp_st
- {
- int comp_id; /* The identifier byte for this compression type */
- char *name; /* Text name used for the compression type */
- COMP_METHOD *method; /* The method :-) */
- } SSL3_COMP;
-
-OPENSSL_EXTERN SSL3_ENC_METHOD ssl3_undef_enc_method;
-OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
-OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
-
-#ifdef VMS
-#undef SSL_COMP_get_compression_methods
-#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
-#endif
-
-
-SSL_METHOD *ssl_bad_method(int ver);
-SSL_METHOD *sslv2_base_method(void);
-SSL_METHOD *sslv23_base_method(void);
-SSL_METHOD *sslv3_base_method(void);
-
-void ssl_clear_cipher_ctx(SSL *s);
-int ssl_clear_bad_session(SSL *s);
-CERT *ssl_cert_new(void);
-CERT *ssl_cert_dup(CERT *cert);
-int ssl_cert_inst(CERT **o);
-void ssl_cert_free(CERT *c);
-SESS_CERT *ssl_sess_cert_new(void);
-void ssl_sess_cert_free(SESS_CERT *sc);
-int ssl_set_peer_cert_type(SESS_CERT *c, int type);
-int ssl_get_new_session(SSL *s, int session);
-int ssl_get_prev_session(SSL *s, unsigned char *session,int len);
-int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b);
-int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
- const SSL_CIPHER * const *bp);
-STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
- STACK_OF(SSL_CIPHER) **skp);
-int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p);
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
- STACK_OF(SSL_CIPHER) **pref,
- STACK_OF(SSL_CIPHER) **sorted,
- const char *rule_str);
-void ssl_update_cache(SSL *s, int mode);
-int ssl_cipher_get_evp(SSL_SESSION *s,const EVP_CIPHER **enc,const EVP_MD **md,
- SSL_COMP **comp);
-int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk);
-int ssl_undefined_function(SSL *s);
-X509 *ssl_get_server_send_cert(SSL *);
-EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
-int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
-void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher);
-STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
-int ssl_verify_alarm_type(long type);
-
-int ssl2_enc_init(SSL *s, int client);
-void ssl2_generate_key_material(SSL *s);
-void ssl2_enc(SSL *s,int send_data);
-void ssl2_mac(SSL *s,unsigned char *mac,int send_data);
-SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
-int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
-int ssl2_part_read(SSL *s, unsigned long f, int i);
-int ssl2_do_write(SSL *s);
-int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data);
-void ssl2_return_error(SSL *s,int reason);
-void ssl2_write_error(SSL *s);
-int ssl2_num_ciphers(void);
-SSL_CIPHER *ssl2_get_cipher(unsigned int u);
-int ssl2_new(SSL *s);
-void ssl2_free(SSL *s);
-int ssl2_accept(SSL *s);
-int ssl2_connect(SSL *s);
-int ssl2_read(SSL *s, void *buf, int len);
-int ssl2_peek(SSL *s, void *buf, int len);
-int ssl2_write(SSL *s, const void *buf, int len);
-int ssl2_shutdown(SSL *s);
-void ssl2_clear(SSL *s);
-long ssl2_ctrl(SSL *s,int cmd, long larg, char *parg);
-long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg);
-long ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)());
-long ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
-int ssl2_pending(SSL *s);
-
-SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
-int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
-void ssl3_init_finished_mac(SSL *s);
-int ssl3_send_server_certificate(SSL *s);
-int ssl3_get_finished(SSL *s,int state_a,int state_b);
-int ssl3_setup_key_block(SSL *s);
-int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b);
-int ssl3_change_cipher_state(SSL *s,int which);
-void ssl3_cleanup_key_block(SSL *s);
-int ssl3_do_write(SSL *s,int type);
-void ssl3_send_alert(SSL *s,int level, int desc);
-int ssl3_generate_master_secret(SSL *s, unsigned char *out,
- unsigned char *p, int len);
-int ssl3_get_req_cert_type(SSL *s,unsigned char *p);
-long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
-int ssl3_send_finished(SSL *s, int a, int b, const char *sender,int slen);
-int ssl3_num_ciphers(void);
-SSL_CIPHER *ssl3_get_cipher(unsigned int u);
-int ssl3_renegotiate(SSL *ssl);
-int ssl3_renegotiate_check(SSL *ssl);
-int ssl3_dispatch_alert(SSL *s);
-int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
-int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
-int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
- const char *sender, int slen,unsigned char *p);
-int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
-void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
-int ssl3_enc(SSL *s, int send_data);
-int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
-unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
-SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *have,
- STACK_OF(SSL_CIPHER) *pref);
-int ssl3_setup_buffers(SSL *s);
-int ssl3_new(SSL *s);
-void ssl3_free(SSL *s);
-int ssl3_accept(SSL *s);
-int ssl3_connect(SSL *s);
-int ssl3_read(SSL *s, void *buf, int len);
-int ssl3_peek(SSL *s, void *buf, int len);
-int ssl3_write(SSL *s, const void *buf, int len);
-int ssl3_shutdown(SSL *s);
-void ssl3_clear(SSL *s);
-long ssl3_ctrl(SSL *s,int cmd, long larg, char *parg);
-long ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg);
-long ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)());
-long ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
-int ssl3_pending(SSL *s);
-
-int ssl23_accept(SSL *s);
-int ssl23_connect(SSL *s);
-int ssl23_read_bytes(SSL *s, int n);
-int ssl23_write_bytes(SSL *s);
-
-int tls1_new(SSL *s);
-void tls1_free(SSL *s);
-void tls1_clear(SSL *s);
-long tls1_ctrl(SSL *s,int cmd, long larg, char *parg);
-long tls1_callback_ctrl(SSL *s,int cmd, void (*fp)());
-SSL_METHOD *tlsv1_base_method(void );
-
-int ssl_init_wbio_buffer(SSL *s, int push);
-void ssl_free_wbio_buffer(SSL *s);
-
-int tls1_change_cipher_state(SSL *s, int which);
-int tls1_setup_key_block(SSL *s);
-int tls1_enc(SSL *s, int snd);
-int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
- const char *str, int slen, unsigned char *p);
-int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
-int tls1_mac(SSL *ssl, unsigned char *md, int snd);
-int tls1_generate_master_secret(SSL *s, unsigned char *out,
- unsigned char *p, int len);
-int tls1_alert_code(int code);
-int ssl3_alert_code(int code);
-int ssl_ok(SSL *s);
-
-SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
-STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
-
-
-#endif
diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c
deleted file mode 100644
index 6ec7a5cdb1..0000000000
--- a/src/lib/libssl/ssl_rsa.c
+++ /dev/null
@@ -1,815 +0,0 @@
-/* ssl/ssl_rsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/bio.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include "ssl_locl.h"
-
-static int ssl_set_cert(CERT *c, X509 *x509);
-static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
-int SSL_use_certificate(SSL *ssl, X509 *x)
- {
- if (x == NULL)
- {
- SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
- if (!ssl_cert_inst(&ssl->cert))
- {
- SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- return(ssl_set_cert(ssl->cert,x));
- }
-
-#ifndef NO_STDIO
-int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
- {
- int j;
- BIO *in;
- int ret=0;
- X509 *x=NULL;
-
- in=BIO_new(BIO_s_file_internal());
- if (in == NULL)
- {
- SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
- goto end;
- }
-
- if (BIO_read_filename(in,file) <= 0)
- {
- SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
- goto end;
- }
- if (type == SSL_FILETYPE_ASN1)
- {
- j=ERR_R_ASN1_LIB;
- x=d2i_X509_bio(in,NULL);
- }
- else if (type == SSL_FILETYPE_PEM)
- {
- j=ERR_R_PEM_LIB;
- x=PEM_read_bio_X509(in,NULL,ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
- }
- else
- {
- SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
- goto end;
- }
-
- if (x == NULL)
- {
- SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,j);
- goto end;
- }
-
- ret=SSL_use_certificate(ssl,x);
-end:
- if (x != NULL) X509_free(x);
- if (in != NULL) BIO_free(in);
- return(ret);
- }
-#endif
-
-int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len)
- {
- X509 *x;
- int ret;
-
- x=d2i_X509(NULL,&d,(long)len);
- if (x == NULL)
- {
- SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
- return(0);
- }
-
- ret=SSL_use_certificate(ssl,x);
- X509_free(x);
- return(ret);
- }
-
-#ifndef NO_RSA
-int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
- {
- EVP_PKEY *pkey;
- int ret;
-
- if (rsa == NULL)
- {
- SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
- if (!ssl_cert_inst(&ssl->cert))
- {
- SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- if ((pkey=EVP_PKEY_new()) == NULL)
- {
- SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
- return(0);
- }
-
- CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
- EVP_PKEY_assign_RSA(pkey,rsa);
-
- ret=ssl_set_pkey(ssl->cert,pkey);
- EVP_PKEY_free(pkey);
- return(ret);
- }
-#endif
-
-static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
- {
- int i,ok=0,bad=0;
-
- i=ssl_cert_type(NULL,pkey);
- if (i < 0)
- {
- SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
- return(0);
- }
-
- if (c->pkeys[i].x509 != NULL)
- {
- EVP_PKEY *pktmp;
- pktmp = X509_get_pubkey(c->pkeys[i].x509);
- EVP_PKEY_copy_parameters(pktmp,pkey);
- EVP_PKEY_free(pktmp);
- ERR_clear_error();
-
-#ifndef NO_RSA
- /* Don't check the public/private key, this is mostly
- * for smart cards. */
- if ((pkey->type == EVP_PKEY_RSA) &&
- (RSA_flags(pkey->pkey.rsa) &
- RSA_METHOD_FLAG_NO_CHECK))
- ok=1;
- else
-#endif
- if (!X509_check_private_key(c->pkeys[i].x509,pkey))
- {
- if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
- {
- i=(i == SSL_PKEY_DH_RSA)?
- SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
-
- if (c->pkeys[i].x509 == NULL)
- ok=1;
- else
- {
- if (!X509_check_private_key(
- c->pkeys[i].x509,pkey))
- bad=1;
- else
- ok=1;
- }
- }
- else
- bad=1;
- }
- else
- ok=1;
- }
- else
- ok=1;
-
- if (bad)
- {
- X509_free(c->pkeys[i].x509);
- c->pkeys[i].x509=NULL;
- return(0);
- }
-
- if (c->pkeys[i].privatekey != NULL)
- EVP_PKEY_free(c->pkeys[i].privatekey);
- CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
- c->pkeys[i].privatekey=pkey;
- c->key= &(c->pkeys[i]);
-
- c->valid=0;
- return(1);
- }
-
-#ifndef NO_RSA
-#ifndef NO_STDIO
-int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
- {
- int j,ret=0;
- BIO *in;
- RSA *rsa=NULL;
-
- in=BIO_new(BIO_s_file_internal());
- if (in == NULL)
- {
- SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
- goto end;
- }
-
- if (BIO_read_filename(in,file) <= 0)
- {
- SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
- goto end;
- }
- if (type == SSL_FILETYPE_ASN1)
- {
- j=ERR_R_ASN1_LIB;
- rsa=d2i_RSAPrivateKey_bio(in,NULL);
- }
- else if (type == SSL_FILETYPE_PEM)
- {
- j=ERR_R_PEM_LIB;
- rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
- ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
- }
- else
- {
- SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
- goto end;
- }
- if (rsa == NULL)
- {
- SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,j);
- goto end;
- }
- ret=SSL_use_RSAPrivateKey(ssl,rsa);
- RSA_free(rsa);
-end:
- if (in != NULL) BIO_free(in);
- return(ret);
- }
-#endif
-
-int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
- {
- int ret;
- unsigned char *p;
- RSA *rsa;
-
- p=d;
- if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
- {
- SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
- return(0);
- }
-
- ret=SSL_use_RSAPrivateKey(ssl,rsa);
- RSA_free(rsa);
- return(ret);
- }
-#endif /* !NO_RSA */
-
-int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
- {
- int ret;
-
- if (pkey == NULL)
- {
- SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
- if (!ssl_cert_inst(&ssl->cert))
- {
- SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- ret=ssl_set_pkey(ssl->cert,pkey);
- return(ret);
- }
-
-#ifndef NO_STDIO
-int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
- {
- int j,ret=0;
- BIO *in;
- EVP_PKEY *pkey=NULL;
-
- in=BIO_new(BIO_s_file_internal());
- if (in == NULL)
- {
- SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
- goto end;
- }
-
- if (BIO_read_filename(in,file) <= 0)
- {
- SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
- goto end;
- }
- if (type == SSL_FILETYPE_PEM)
- {
- j=ERR_R_PEM_LIB;
- pkey=PEM_read_bio_PrivateKey(in,NULL,
- ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
- }
- else
- {
- SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
- goto end;
- }
- if (pkey == NULL)
- {
- SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j);
- goto end;
- }
- ret=SSL_use_PrivateKey(ssl,pkey);
- EVP_PKEY_free(pkey);
-end:
- if (in != NULL) BIO_free(in);
- return(ret);
- }
-#endif
-
-int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long len)
- {
- int ret;
- unsigned char *p;
- EVP_PKEY *pkey;
-
- p=d;
- if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
- {
- SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
- return(0);
- }
-
- ret=SSL_use_PrivateKey(ssl,pkey);
- EVP_PKEY_free(pkey);
- return(ret);
- }
-
-int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
- {
- if (x == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
- if (!ssl_cert_inst(&ctx->cert))
- {
- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- return(ssl_set_cert(ctx->cert, x));
- }
-
-static int ssl_set_cert(CERT *c, X509 *x)
- {
- EVP_PKEY *pkey;
- int i,ok=0,bad=0;
-
- pkey=X509_get_pubkey(x);
- if (pkey == NULL)
- {
- SSLerr(SSL_F_SSL_SET_CERT,SSL_R_X509_LIB);
- return(0);
- }
-
- i=ssl_cert_type(x,pkey);
- if (i < 0)
- {
- SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
- EVP_PKEY_free(pkey);
- return(0);
- }
-
- if (c->pkeys[i].privatekey != NULL)
- {
- EVP_PKEY_copy_parameters(pkey,c->pkeys[i].privatekey);
- ERR_clear_error();
-
-#ifndef NO_RSA
- /* Don't check the public/private key, this is mostly
- * for smart cards. */
- if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
- (RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
- RSA_METHOD_FLAG_NO_CHECK))
- ok=1;
- else
-#endif
- {
- if (!X509_check_private_key(x,c->pkeys[i].privatekey))
- {
- if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
- {
- i=(i == SSL_PKEY_DH_RSA)?
- SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
-
- if (c->pkeys[i].privatekey == NULL)
- ok=1;
- else
- {
- if (!X509_check_private_key(x,
- c->pkeys[i].privatekey))
- bad=1;
- else
- ok=1;
- }
- }
- else
- bad=1;
- }
- else
- ok=1;
- } /* NO_RSA */
- }
- else
- ok=1;
-
- EVP_PKEY_free(pkey);
- if (bad)
- {
- EVP_PKEY_free(c->pkeys[i].privatekey);
- c->pkeys[i].privatekey=NULL;
- }
-
- if (c->pkeys[i].x509 != NULL)
- X509_free(c->pkeys[i].x509);
- CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
- c->pkeys[i].x509=x;
- c->key= &(c->pkeys[i]);
-
- c->valid=0;
- return(1);
- }
-
-#ifndef NO_STDIO
-int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
- {
- int j;
- BIO *in;
- int ret=0;
- X509 *x=NULL;
-
- in=BIO_new(BIO_s_file_internal());
- if (in == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
- goto end;
- }
-
- if (BIO_read_filename(in,file) <= 0)
- {
- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
- goto end;
- }
- if (type == SSL_FILETYPE_ASN1)
- {
- j=ERR_R_ASN1_LIB;
- x=d2i_X509_bio(in,NULL);
- }
- else if (type == SSL_FILETYPE_PEM)
- {
- j=ERR_R_PEM_LIB;
- x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
- }
- else
- {
- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
- goto end;
- }
-
- if (x == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,j);
- goto end;
- }
-
- ret=SSL_CTX_use_certificate(ctx,x);
-end:
- if (x != NULL) X509_free(x);
- if (in != NULL) BIO_free(in);
- return(ret);
- }
-#endif
-
-int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d)
- {
- X509 *x;
- int ret;
-
- x=d2i_X509(NULL,&d,(long)len);
- if (x == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
- return(0);
- }
-
- ret=SSL_CTX_use_certificate(ctx,x);
- X509_free(x);
- return(ret);
- }
-
-#ifndef NO_RSA
-int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
- {
- int ret;
- EVP_PKEY *pkey;
-
- if (rsa == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
- if (!ssl_cert_inst(&ctx->cert))
- {
- SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- if ((pkey=EVP_PKEY_new()) == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
- return(0);
- }
-
- CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
- EVP_PKEY_assign_RSA(pkey,rsa);
-
- ret=ssl_set_pkey(ctx->cert, pkey);
- EVP_PKEY_free(pkey);
- return(ret);
- }
-
-#ifndef NO_STDIO
-int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
- {
- int j,ret=0;
- BIO *in;
- RSA *rsa=NULL;
-
- in=BIO_new(BIO_s_file_internal());
- if (in == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
- goto end;
- }
-
- if (BIO_read_filename(in,file) <= 0)
- {
- SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
- goto end;
- }
- if (type == SSL_FILETYPE_ASN1)
- {
- j=ERR_R_ASN1_LIB;
- rsa=d2i_RSAPrivateKey_bio(in,NULL);
- }
- else if (type == SSL_FILETYPE_PEM)
- {
- j=ERR_R_PEM_LIB;
- rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
- ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
- }
- else
- {
- SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
- goto end;
- }
- if (rsa == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,j);
- goto end;
- }
- ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
- RSA_free(rsa);
-end:
- if (in != NULL) BIO_free(in);
- return(ret);
- }
-#endif
-
-int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len)
- {
- int ret;
- unsigned char *p;
- RSA *rsa;
-
- p=d;
- if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
- return(0);
- }
-
- ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
- RSA_free(rsa);
- return(ret);
- }
-#endif /* !NO_RSA */
-
-int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
- {
- if (pkey == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
- if (!ssl_cert_inst(&ctx->cert))
- {
- SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- return(ssl_set_pkey(ctx->cert,pkey));
- }
-
-#ifndef NO_STDIO
-int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
- {
- int j,ret=0;
- BIO *in;
- EVP_PKEY *pkey=NULL;
-
- in=BIO_new(BIO_s_file_internal());
- if (in == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
- goto end;
- }
-
- if (BIO_read_filename(in,file) <= 0)
- {
- SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
- goto end;
- }
- if (type == SSL_FILETYPE_PEM)
- {
- j=ERR_R_PEM_LIB;
- pkey=PEM_read_bio_PrivateKey(in,NULL,
- ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
- }
- else
- {
- SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
- goto end;
- }
- if (pkey == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,j);
- goto end;
- }
- ret=SSL_CTX_use_PrivateKey(ctx,pkey);
- EVP_PKEY_free(pkey);
-end:
- if (in != NULL) BIO_free(in);
- return(ret);
- }
-#endif
-
-int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d,
- long len)
- {
- int ret;
- unsigned char *p;
- EVP_PKEY *pkey;
-
- p=d;
- if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
- return(0);
- }
-
- ret=SSL_CTX_use_PrivateKey(ctx,pkey);
- EVP_PKEY_free(pkey);
- return(ret);
- }
-
-
-#ifndef NO_STDIO
-/* Read a file that contains our certificate in "PEM" format,
- * possibly followed by a sequence of CA certificates that should be
- * sent to the peer in the Certificate message.
- */
-int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
- {
- BIO *in;
- int ret=0;
- X509 *x=NULL;
-
- in=BIO_new(BIO_s_file_internal());
- if (in == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_BUF_LIB);
- goto end;
- }
-
- if (BIO_read_filename(in,file) <= 0)
- {
- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_SYS_LIB);
- goto end;
- }
-
- x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
- if (x == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_PEM_LIB);
- goto end;
- }
-
- ret=SSL_CTX_use_certificate(ctx,x);
- if (ERR_peek_error() != 0)
- ret = 0; /* Key/certificate mismatch doesn't imply ret==0 ... */
- if (ret)
- {
- /* If we could set up our certificate, now proceed to
- * the CA certificates.
- */
- X509 *ca;
- int r;
- unsigned long err;
-
- if (ctx->extra_certs != NULL)
- {
- sk_X509_pop_free(ctx->extra_certs, X509_free);
- ctx->extra_certs = NULL;
- }
-
- while ((ca = PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata))
- != NULL)
- {
- r = SSL_CTX_add_extra_chain_cert(ctx, ca);
- if (!r)
- {
- X509_free(ca);
- ret = 0;
- goto end;
- }
- /* Note that we must not free r if it was successfully
- * added to the chain (while we must free the main
- * certificate, since its reference count is increased
- * by SSL_CTX_use_certificate). */
- }
- /* When the while loop ends, it's usually just EOF. */
- err = ERR_peek_error();
- if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
- (void) ERR_get_error();
- else
- ret = 0; /* some real error */
- }
-
-end:
- if (x != NULL) X509_free(x);
- if (in != NULL) BIO_free(in);
- return(ret);
- }
-#endif
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
deleted file mode 100644
index 7064262def..0000000000
--- a/src/lib/libssl/ssl_sess.c
+++ /dev/null
@@ -1,681 +0,0 @@
-/* ssl/ssl_sess.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/lhash.h>
-#include <openssl/rand.h>
-#include "ssl_locl.h"
-
-static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
-static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
-static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
-static int ssl_session_num=0;
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ssl_session_meth=NULL;
-
-SSL_SESSION *SSL_get_session(SSL *ssl)
-/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
- {
- return(ssl->session);
- }
-
-SSL_SESSION *SSL_get1_session(SSL *ssl)
-/* variant of SSL_get_session: caller really gets something */
- {
- SSL_SESSION *sess;
- /* Need to lock this all up rather than just use CRYPTO_add so that
- * somebody doesn't free ssl->session between when we check it's
- * non-null and when we up the reference count. */
- CRYPTO_r_lock(CRYPTO_LOCK_SSL_SESSION);
- sess = ssl->session;
- if(sess)
- sess->references++;
- CRYPTO_r_unlock(CRYPTO_LOCK_SSL_SESSION);
- return(sess);
- }
-
-int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
- {
- ssl_session_num++;
- return(CRYPTO_get_ex_new_index(ssl_session_num-1,
- &ssl_session_meth,
- argl,argp,new_func,dup_func,free_func));
- }
-
-int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
- {
- return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
- }
-
-void *SSL_SESSION_get_ex_data(SSL_SESSION *s, int idx)
- {
- return(CRYPTO_get_ex_data(&s->ex_data,idx));
- }
-
-SSL_SESSION *SSL_SESSION_new(void)
- {
- SSL_SESSION *ss;
-
- ss=(SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
- if (ss == NULL)
- {
- SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- memset(ss,0,sizeof(SSL_SESSION));
-
- ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
- ss->references=1;
- ss->timeout=60*5+4; /* 5 minute timeout by default */
- ss->time=time(NULL);
- ss->prev=NULL;
- ss->next=NULL;
- ss->compress_meth=0;
- CRYPTO_new_ex_data(ssl_session_meth,ss,&ss->ex_data);
- return(ss);
- }
-
-int ssl_get_new_session(SSL *s, int session)
- {
- /* This gets used by clients and servers. */
-
- SSL_SESSION *ss=NULL;
-
- if ((ss=SSL_SESSION_new()) == NULL) return(0);
-
- /* If the context has a default timeout, use it */
- if (s->ctx->session_timeout == 0)
- ss->timeout=SSL_get_default_timeout(s);
- else
- ss->timeout=s->ctx->session_timeout;
-
- if (s->session != NULL)
- {
- SSL_SESSION_free(s->session);
- s->session=NULL;
- }
-
- if (session)
- {
- if (s->version == SSL2_VERSION)
- {
- ss->ssl_version=SSL2_VERSION;
- ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
- }
- else if (s->version == SSL3_VERSION)
- {
- ss->ssl_version=SSL3_VERSION;
- ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
- }
- else if (s->version == TLS1_VERSION)
- {
- ss->ssl_version=TLS1_VERSION;
- ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
- }
- else
- {
- SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);
- SSL_SESSION_free(ss);
- return(0);
- }
-
- for (;;)
- {
- SSL_SESSION *r;
-
- RAND_pseudo_bytes(ss->session_id,ss->session_id_length);
- CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
- r=(SSL_SESSION *)lh_retrieve(s->ctx->sessions, ss);
- CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
- if (r == NULL) break;
- /* else - woops a session_id match */
- /* XXX We should also check the external cache --
- * but the probability of a collision is negligible, and
- * we could not prevent the concurrent creation of sessions
- * with identical IDs since we currently don't have means
- * to atomically check whether a session ID already exists
- * and make a reservation for it if it does not
- * (this problem applies to the internal cache as well).
- */
- }
- }
- else
- {
- ss->session_id_length=0;
- }
-
- memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);
- ss->sid_ctx_length=s->sid_ctx_length;
- s->session=ss;
- ss->ssl_version=s->version;
- ss->verify_result = X509_V_OK;
-
- return(1);
- }
-
-int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
- {
- /* This is used only by servers. */
-
- SSL_SESSION *ret=NULL,data;
- int fatal = 0;
-
- data.ssl_version=s->version;
- data.session_id_length=len;
- if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
- goto err;
- memcpy(data.session_id,session_id,len);
-
- if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
- {
- CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
- ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,&data);
- if (ret != NULL)
- /* don't allow other threads to steal it: */
- CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
- CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
- }
-
- if (ret == NULL)
- {
- int copy=1;
-
- s->ctx->stats.sess_miss++;
- ret=NULL;
- if (s->ctx->get_session_cb != NULL
- && (ret=s->ctx->get_session_cb(s,session_id,len,©))
- != NULL)
- {
- s->ctx->stats.sess_cb_hit++;
-
- /* Increment reference count now if the session callback
- * asks us to do so (note that if the session structures
- * returned by the callback are shared between threads,
- * it must handle the reference count itself [i.e. copy == 0],
- * or things won't be thread-safe). */
- if (copy)
- CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
-
- /* The following should not return 1, otherwise,
- * things are very strange */
- SSL_CTX_add_session(s->ctx,ret);
- }
- if (ret == NULL)
- goto err;
- }
-
- /* Now ret is non-NULL, and we own one of its reference counts. */
-
- if((s->verify_mode&SSL_VERIFY_PEER)
- && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length
- || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)))
- {
- /* We've found the session named by the client, but we don't
- * want to use it in this context. */
-
- if (s->sid_ctx_length == 0)
- {
- /* application should have used SSL[_CTX]_set_session_id_context
- * -- we could tolerate this and just pretend we never heard
- * of this session, but then applications could effectively
- * disable the session cache by accident without anyone noticing */
-
- SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
- fatal = 1;
- goto err;
- }
- else
- {
-#if 0 /* The client cannot always know when a session is not appropriate,
- * so we shouldn't generate an error message. */
-
- SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
-#endif
- goto err; /* treat like cache miss */
- }
- }
-
- if (ret->cipher == NULL)
- {
- unsigned char buf[5],*p;
- unsigned long l;
-
- p=buf;
- l=ret->cipher_id;
- l2n(l,p);
- if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR)
- ret->cipher=ssl_get_cipher_by_char(s,&(buf[2]));
- else
- ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
- if (ret->cipher == NULL)
- goto err;
- }
-
-
-#if 0 /* This is way too late. */
-
- /* If a thread got the session, then 'swaped', and another got
- * it and then due to a time-out decided to 'OPENSSL_free' it we could
- * be in trouble. So I'll increment it now, then double decrement
- * later - am I speaking rubbish?. */
- CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
-#endif
-
- if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
- {
- s->ctx->stats.sess_timeout++;
- /* remove it from the cache */
- SSL_CTX_remove_session(s->ctx,ret);
- goto err;
- }
-
- s->ctx->stats.sess_hit++;
-
- /* ret->time=time(NULL); */ /* rezero timeout? */
- /* again, just leave the session
- * if it is the same session, we have just incremented and
- * then decremented the reference count :-) */
- if (s->session != NULL)
- SSL_SESSION_free(s->session);
- s->session=ret;
- s->verify_result = s->session->verify_result;
- return(1);
-
- err:
- if (ret != NULL)
- SSL_SESSION_free(ret);
- if (fatal)
- return -1;
- else
- return 0;
- }
-
-int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
- {
- int ret=0;
- SSL_SESSION *s;
-
- /* add just 1 reference count for the SSL_CTX's session cache
- * even though it has two ways of access: each session is in a
- * doubly linked list and an lhash */
- CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION);
- /* if session c is in already in cache, we take back the increment later */
-
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- s=(SSL_SESSION *)lh_insert(ctx->sessions,c);
-
- /* s != NULL iff we already had a session with the given PID.
- * In this case, s == c should hold (then we did not really modify
- * ctx->sessions), or we're in trouble. */
- if (s != NULL && s != c)
- {
- /* We *are* in trouble ... */
- SSL_SESSION_list_remove(ctx,s);
- SSL_SESSION_free(s);
- /* ... so pretend the other session did not exist in cache
- * (we cannot handle two SSL_SESSION structures with identical
- * session ID in the same cache, which could happen e.g. when
- * two threads concurrently obtain the same session from an external
- * cache) */
- s = NULL;
- }
-
- /* Put at the head of the queue unless it is already in the cache */
- if (s == NULL)
- SSL_SESSION_list_add(ctx,c);
-
- if (s != NULL)
- {
- /* existing cache entry -- decrement previously incremented reference
- * count because it already takes into account the cache */
-
- SSL_SESSION_free(s); /* s == c */
- ret=0;
- }
- else
- {
- /* new cache entry -- remove old ones if cache has become too large */
-
- ret=1;
-
- if (SSL_CTX_sess_get_cache_size(ctx) > 0)
- {
- while (SSL_CTX_sess_number(ctx) >
- SSL_CTX_sess_get_cache_size(ctx))
- {
- if (!remove_session_lock(ctx,
- ctx->session_cache_tail, 0))
- break;
- else
- ctx->stats.sess_cache_full++;
- }
- }
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
- return(ret);
- }
-
-int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
-{
- return remove_session_lock(ctx, c, 1);
-}
-
-static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
- {
- SSL_SESSION *r;
- int ret=0;
-
- if ((c != NULL) && (c->session_id_length != 0))
- {
- if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- r=(SSL_SESSION *)lh_delete(ctx->sessions,c);
- if (r != NULL)
- {
- ret=1;
- SSL_SESSION_list_remove(ctx,c);
- }
-
- if(lck) CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-
- if (ret)
- {
- r->not_resumable=1;
- if (ctx->remove_session_cb != NULL)
- ctx->remove_session_cb(ctx,r);
- SSL_SESSION_free(r);
- }
- }
- else
- ret=0;
- return(ret);
- }
-
-void SSL_SESSION_free(SSL_SESSION *ss)
- {
- int i;
-
- if(ss == NULL)
- return;
-
- i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION);
-#ifdef REF_PRINT
- REF_PRINT("SSL_SESSION",ss);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"SSL_SESSION_free, bad reference count\n");
- abort(); /* ok */
- }
-#endif
-
- CRYPTO_free_ex_data(ssl_session_meth,ss,&ss->ex_data);
-
- memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH);
- memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH);
- memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH);
- if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert);
- if (ss->peer != NULL) X509_free(ss->peer);
- if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
- memset(ss,0,sizeof(*ss));
- OPENSSL_free(ss);
- }
-
-int SSL_set_session(SSL *s, SSL_SESSION *session)
- {
- int ret=0;
- SSL_METHOD *meth;
-
- if (session != NULL)
- {
- meth=s->ctx->method->get_ssl_method(session->ssl_version);
- if (meth == NULL)
- meth=s->method->get_ssl_method(session->ssl_version);
- if (meth == NULL)
- {
- SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD);
- return(0);
- }
-
- if (meth != s->method)
- {
- if (!SSL_set_ssl_method(s,meth))
- return(0);
- if (s->ctx->session_timeout == 0)
- session->timeout=SSL_get_default_timeout(s);
- else
- session->timeout=s->ctx->session_timeout;
- }
-
- /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
- CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION);
- if (s->session != NULL)
- SSL_SESSION_free(s->session);
- s->session=session;
- s->verify_result = s->session->verify_result;
- /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
- ret=1;
- }
- else
- {
- if (s->session != NULL)
- {
- SSL_SESSION_free(s->session);
- s->session=NULL;
- }
-
- meth=s->ctx->method;
- if (meth != s->method)
- {
- if (!SSL_set_ssl_method(s,meth))
- return(0);
- }
- ret=1;
- }
- return(ret);
- }
-
-long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
- {
- if (s == NULL) return(0);
- s->timeout=t;
- return(1);
- }
-
-long SSL_SESSION_get_timeout(SSL_SESSION *s)
- {
- if (s == NULL) return(0);
- return(s->timeout);
- }
-
-long SSL_SESSION_get_time(SSL_SESSION *s)
- {
- if (s == NULL) return(0);
- return(s->time);
- }
-
-long SSL_SESSION_set_time(SSL_SESSION *s, long t)
- {
- if (s == NULL) return(0);
- s->time=t;
- return(t);
- }
-
-long SSL_CTX_set_timeout(SSL_CTX *s, long t)
- {
- long l;
- if (s == NULL) return(0);
- l=s->session_timeout;
- s->session_timeout=t;
- return(l);
- }
-
-long SSL_CTX_get_timeout(SSL_CTX *s)
- {
- if (s == NULL) return(0);
- return(s->session_timeout);
- }
-
-typedef struct timeout_param_st
- {
- SSL_CTX *ctx;
- long time;
- LHASH *cache;
- } TIMEOUT_PARAM;
-
-static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p)
- {
- if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */
- {
- /* The reason we don't call SSL_CTX_remove_session() is to
- * save on locking overhead */
- lh_delete(p->cache,s);
- SSL_SESSION_list_remove(p->ctx,s);
- s->not_resumable=1;
- if (p->ctx->remove_session_cb != NULL)
- p->ctx->remove_session_cb(p->ctx,s);
- SSL_SESSION_free(s);
- }
- }
-
-void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
- {
- unsigned long i;
- TIMEOUT_PARAM tp;
-
- tp.ctx=s;
- tp.cache=s->sessions;
- if (tp.cache == NULL) return;
- tp.time=t;
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- i=tp.cache->down_load;
- tp.cache->down_load=0;
- lh_doall_arg(tp.cache,(void (*)())timeout,&tp);
- tp.cache->down_load=i;
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
- }
-
-int ssl_clear_bad_session(SSL *s)
- {
- if ( (s->session != NULL) &&
- !(s->shutdown & SSL_SENT_SHUTDOWN) &&
- !(SSL_in_init(s) || SSL_in_before(s)))
- {
- SSL_CTX_remove_session(s->ctx,s->session);
- return(1);
- }
- else
- return(0);
- }
-
-/* locked by SSL_CTX in the calling function */
-static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
- {
- if ((s->next == NULL) || (s->prev == NULL)) return;
-
- if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
- { /* last element in list */
- if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
- { /* only one element in list */
- ctx->session_cache_head=NULL;
- ctx->session_cache_tail=NULL;
- }
- else
- {
- ctx->session_cache_tail=s->prev;
- s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail);
- }
- }
- else
- {
- if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
- { /* first element in list */
- ctx->session_cache_head=s->next;
- s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
- }
- else
- { /* middle of list */
- s->next->prev=s->prev;
- s->prev->next=s->next;
- }
- }
- s->prev=s->next=NULL;
- }
-
-static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
- {
- if ((s->next != NULL) && (s->prev != NULL))
- SSL_SESSION_list_remove(ctx,s);
-
- if (ctx->session_cache_head == NULL)
- {
- ctx->session_cache_head=s;
- ctx->session_cache_tail=s;
- s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
- s->next=(SSL_SESSION *)&(ctx->session_cache_tail);
- }
- else
- {
- s->next=ctx->session_cache_head;
- s->next->prev=s;
- s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
- ctx->session_cache_head=s;
- }
- }
-
diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c
deleted file mode 100644
index 8e12461f3b..0000000000
--- a/src/lib/libssl/ssl_stat.c
+++ /dev/null
@@ -1,454 +0,0 @@
-/* ssl/ssl_stat.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-
-char *SSL_state_string_long(SSL *s)
- {
- char *str;
-
- switch (s->state)
- {
-case SSL_ST_BEFORE: str="before SSL initialization"; break;
-case SSL_ST_ACCEPT: str="before accept initialization"; break;
-case SSL_ST_CONNECT: str="before connect initialization"; break;
-case SSL_ST_OK: str="SSL negotiation finished successfully"; break;
-case SSL_ST_RENEGOTIATE: str="SSL renegotiate ciphers"; break;
-case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initialization"; break;
-case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initialization"; break;
-case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initialization"; break;
-case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initialization"; break;
-#ifndef NO_SSL2
-case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break;
-case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break;
-case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break;
-case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break;
-case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break;
-case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break;
-case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break;
-case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break;
-case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break;
-case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break;
-case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break;
-case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break;
-case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break;
-case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break;
-case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break;
-case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break;
-case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break;
-case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break;
-case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break;
-case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break;
-case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break;
-case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break;
-case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break;
-case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break;
-case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break;
-case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break;
-case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break;
-case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break;
-case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break;
-case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break;
-#endif
-
-#ifndef NO_SSL3
-/* SSLv3 additions */
-case SSL3_ST_CW_CLNT_HELLO_A: str="SSLv3 write client hello A"; break;
-case SSL3_ST_CW_CLNT_HELLO_B: str="SSLv3 write client hello B"; break;
-case SSL3_ST_CR_SRVR_HELLO_A: str="SSLv3 read server hello A"; break;
-case SSL3_ST_CR_SRVR_HELLO_B: str="SSLv3 read server hello B"; break;
-case SSL3_ST_CR_CERT_A: str="SSLv3 read server certificate A"; break;
-case SSL3_ST_CR_CERT_B: str="SSLv3 read server certificate B"; break;
-case SSL3_ST_CR_KEY_EXCH_A: str="SSLv3 read server key exchange A"; break;
-case SSL3_ST_CR_KEY_EXCH_B: str="SSLv3 read server key exchange B"; break;
-case SSL3_ST_CR_CERT_REQ_A: str="SSLv3 read server certificate request A"; break;
-case SSL3_ST_CR_CERT_REQ_B: str="SSLv3 read server certificate request B"; break;
-case SSL3_ST_CR_SRVR_DONE_A: str="SSLv3 read server done A"; break;
-case SSL3_ST_CR_SRVR_DONE_B: str="SSLv3 read server done B"; break;
-case SSL3_ST_CW_CERT_A: str="SSLv3 write client certificate A"; break;
-case SSL3_ST_CW_CERT_B: str="SSLv3 write client certificate B"; break;
-case SSL3_ST_CW_CERT_C: str="SSLv3 write client certificate C"; break;
-case SSL3_ST_CW_CERT_D: str="SSLv3 write client certificate D"; break;
-case SSL3_ST_CW_KEY_EXCH_A: str="SSLv3 write client key exchange A"; break;
-case SSL3_ST_CW_KEY_EXCH_B: str="SSLv3 write client key exchange B"; break;
-case SSL3_ST_CW_CERT_VRFY_A: str="SSLv3 write certificate verify A"; break;
-case SSL3_ST_CW_CERT_VRFY_B: str="SSLv3 write certificate verify A"; break;
-
-case SSL3_ST_CW_CHANGE_A:
-case SSL3_ST_SW_CHANGE_A: str="SSLv3 write change cipher spec A"; break;
-case SSL3_ST_CW_CHANGE_B:
-case SSL3_ST_SW_CHANGE_B: str="SSLv3 write change cipher spec B"; break;
-case SSL3_ST_CW_FINISHED_A:
-case SSL3_ST_SW_FINISHED_A: str="SSLv3 write finished A"; break;
-case SSL3_ST_CW_FINISHED_B:
-case SSL3_ST_SW_FINISHED_B: str="SSLv3 write finished A"; break;
-case SSL3_ST_CR_CHANGE_A:
-case SSL3_ST_SR_CHANGE_A: str="SSLv3 read change cipher spec A"; break;
-case SSL3_ST_CR_CHANGE_B:
-case SSL3_ST_SR_CHANGE_B: str="SSLv3 read change cipher spec B"; break;
-case SSL3_ST_CR_FINISHED_A:
-case SSL3_ST_SR_FINISHED_A: str="SSLv3 read finished A"; break;
-case SSL3_ST_CR_FINISHED_B:
-case SSL3_ST_SR_FINISHED_B: str="SSLv3 read finished B"; break;
-
-case SSL3_ST_CW_FLUSH:
-case SSL3_ST_SW_FLUSH: str="SSLv3 flush data"; break;
-
-case SSL3_ST_SR_CLNT_HELLO_A: str="SSLv3 read client hello A"; break;
-case SSL3_ST_SR_CLNT_HELLO_B: str="SSLv3 read client hello B"; break;
-case SSL3_ST_SR_CLNT_HELLO_C: str="SSLv3 read client hello C"; break;
-case SSL3_ST_SW_HELLO_REQ_A: str="SSLv3 write hello request A"; break;
-case SSL3_ST_SW_HELLO_REQ_B: str="SSLv3 write hello request B"; break;
-case SSL3_ST_SW_HELLO_REQ_C: str="SSLv3 write hello request C"; break;
-case SSL3_ST_SW_SRVR_HELLO_A: str="SSLv3 write server hello A"; break;
-case SSL3_ST_SW_SRVR_HELLO_B: str="SSLv3 write server hello B"; break;
-case SSL3_ST_SW_CERT_A: str="SSLv3 write certificate A"; break;
-case SSL3_ST_SW_CERT_B: str="SSLv3 write certificate B"; break;
-case SSL3_ST_SW_KEY_EXCH_A: str="SSLv3 write key exchange A"; break;
-case SSL3_ST_SW_KEY_EXCH_B: str="SSLv3 write key exchange B"; break;
-case SSL3_ST_SW_CERT_REQ_A: str="SSLv3 write certificate request A"; break;
-case SSL3_ST_SW_CERT_REQ_B: str="SSLv3 write certificate request B"; break;
-case SSL3_ST_SW_SRVR_DONE_A: str="SSLv3 write server done A"; break;
-case SSL3_ST_SW_SRVR_DONE_B: str="SSLv3 write server done B"; break;
-case SSL3_ST_SR_CERT_A: str="SSLv3 read client certificate A"; break;
-case SSL3_ST_SR_CERT_B: str="SSLv3 read client certificate B"; break;
-case SSL3_ST_SR_KEY_EXCH_A: str="SSLv3 read client key exchange A"; break;
-case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break;
-case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break;
-case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break;
-#endif
-
-#if !defined(NO_SSL2) && !defined(NO_SSL3)
-/* SSLv2/v3 compatibility states */
-/* client */
-case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break;
-case SSL23_ST_CW_CLNT_HELLO_B: str="SSLv2/v3 write client hello B"; break;
-case SSL23_ST_CR_SRVR_HELLO_A: str="SSLv2/v3 read server hello A"; break;
-case SSL23_ST_CR_SRVR_HELLO_B: str="SSLv2/v3 read server hello B"; break;
-/* server */
-case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break;
-case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break;
-#endif
-
-default: str="unknown state"; break;
- }
- return(str);
- }
-
-char *SSL_rstate_string_long(SSL *s)
- {
- char *str;
-
- switch (s->rstate)
- {
- case SSL_ST_READ_HEADER: str="read header"; break;
- case SSL_ST_READ_BODY: str="read body"; break;
- case SSL_ST_READ_DONE: str="read done"; break;
- default: str="unknown"; break;
- }
- return(str);
- }
-
-char *SSL_state_string(SSL *s)
- {
- char *str;
-
- switch (s->state)
- {
-case SSL_ST_BEFORE: str="PINIT "; break;
-case SSL_ST_ACCEPT: str="AINIT "; break;
-case SSL_ST_CONNECT: str="CINIT "; break;
-case SSL_ST_OK: str="SSLOK "; break;
-#ifndef NO_SSL2
-case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break;
-case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break;
-case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break;
-case SSL2_ST_SEND_CLIENT_HELLO_B: str="2SCH_B"; break;
-case SSL2_ST_GET_SERVER_HELLO_A: str="2GSH_A"; break;
-case SSL2_ST_GET_SERVER_HELLO_B: str="2GSH_B"; break;
-case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="2SCMKA"; break;
-case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="2SCMKB"; break;
-case SSL2_ST_SEND_CLIENT_FINISHED_A: str="2SCF_A"; break;
-case SSL2_ST_SEND_CLIENT_FINISHED_B: str="2SCF_B"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="2SCC_A"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="2SCC_B"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="2SCC_C"; break;
-case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="2SCC_D"; break;
-case SSL2_ST_GET_SERVER_VERIFY_A: str="2GSV_A"; break;
-case SSL2_ST_GET_SERVER_VERIFY_B: str="2GSV_B"; break;
-case SSL2_ST_GET_SERVER_FINISHED_A: str="2GSF_A"; break;
-case SSL2_ST_GET_SERVER_FINISHED_B: str="2GSF_B"; break;
-case SSL2_ST_GET_CLIENT_HELLO_A: str="2GCH_A"; break;
-case SSL2_ST_GET_CLIENT_HELLO_B: str="2GCH_B"; break;
-case SSL2_ST_GET_CLIENT_HELLO_C: str="2GCH_C"; break;
-case SSL2_ST_SEND_SERVER_HELLO_A: str="2SSH_A"; break;
-case SSL2_ST_SEND_SERVER_HELLO_B: str="2SSH_B"; break;
-case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="2GCMKA"; break;
-case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="2GCMKA"; break;
-case SSL2_ST_SEND_SERVER_VERIFY_A: str="2SSV_A"; break;
-case SSL2_ST_SEND_SERVER_VERIFY_B: str="2SSV_B"; break;
-case SSL2_ST_SEND_SERVER_VERIFY_C: str="2SSV_C"; break;
-case SSL2_ST_GET_CLIENT_FINISHED_A: str="2GCF_A"; break;
-case SSL2_ST_GET_CLIENT_FINISHED_B: str="2GCF_B"; break;
-case SSL2_ST_SEND_SERVER_FINISHED_A: str="2SSF_A"; break;
-case SSL2_ST_SEND_SERVER_FINISHED_B: str="2SSF_B"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="2SRC_A"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="2SRC_B"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="2SRC_C"; break;
-case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="2SRC_D"; break;
-case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break;
-case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break;
-#endif
-
-#ifndef NO_SSL3
-/* SSLv3 additions */
-case SSL3_ST_SW_FLUSH:
-case SSL3_ST_CW_FLUSH: str="3FLUSH"; break;
-case SSL3_ST_CW_CLNT_HELLO_A: str="3WCH_A"; break;
-case SSL3_ST_CW_CLNT_HELLO_B: str="3WCH_B"; break;
-case SSL3_ST_CR_SRVR_HELLO_A: str="3RSH_A"; break;
-case SSL3_ST_CR_SRVR_HELLO_B: str="3RSH_B"; break;
-case SSL3_ST_CR_CERT_A: str="3RSC_A"; break;
-case SSL3_ST_CR_CERT_B: str="3RSC_B"; break;
-case SSL3_ST_CR_KEY_EXCH_A: str="3RSKEA"; break;
-case SSL3_ST_CR_KEY_EXCH_B: str="3RSKEB"; break;
-case SSL3_ST_CR_CERT_REQ_A: str="3RCR_A"; break;
-case SSL3_ST_CR_CERT_REQ_B: str="3RCR_B"; break;
-case SSL3_ST_CR_SRVR_DONE_A: str="3RSD_A"; break;
-case SSL3_ST_CR_SRVR_DONE_B: str="3RSD_B"; break;
-case SSL3_ST_CW_CERT_A: str="3WCC_A"; break;
-case SSL3_ST_CW_CERT_B: str="3WCC_B"; break;
-case SSL3_ST_CW_CERT_C: str="3WCC_C"; break;
-case SSL3_ST_CW_CERT_D: str="3WCC_D"; break;
-case SSL3_ST_CW_KEY_EXCH_A: str="3WCKEA"; break;
-case SSL3_ST_CW_KEY_EXCH_B: str="3WCKEB"; break;
-case SSL3_ST_CW_CERT_VRFY_A: str="3WCV_A"; break;
-case SSL3_ST_CW_CERT_VRFY_B: str="3WCV_B"; break;
-
-case SSL3_ST_SW_CHANGE_A:
-case SSL3_ST_CW_CHANGE_A: str="3WCCSA"; break;
-case SSL3_ST_SW_CHANGE_B:
-case SSL3_ST_CW_CHANGE_B: str="3WCCSB"; break;
-case SSL3_ST_SW_FINISHED_A:
-case SSL3_ST_CW_FINISHED_A: str="3WFINA"; break;
-case SSL3_ST_SW_FINISHED_B:
-case SSL3_ST_CW_FINISHED_B: str="3WFINB"; break;
-case SSL3_ST_SR_CHANGE_A:
-case SSL3_ST_CR_CHANGE_A: str="3RCCSA"; break;
-case SSL3_ST_SR_CHANGE_B:
-case SSL3_ST_CR_CHANGE_B: str="3RCCSB"; break;
-case SSL3_ST_SR_FINISHED_A:
-case SSL3_ST_CR_FINISHED_A: str="3RFINA"; break;
-case SSL3_ST_SR_FINISHED_B:
-case SSL3_ST_CR_FINISHED_B: str="3RFINB"; break;
-
-case SSL3_ST_SW_HELLO_REQ_A: str="3WHR_A"; break;
-case SSL3_ST_SW_HELLO_REQ_B: str="3WHR_B"; break;
-case SSL3_ST_SW_HELLO_REQ_C: str="3WHR_C"; break;
-case SSL3_ST_SR_CLNT_HELLO_A: str="3RCH_A"; break;
-case SSL3_ST_SR_CLNT_HELLO_B: str="3RCH_B"; break;
-case SSL3_ST_SR_CLNT_HELLO_C: str="3RCH_C"; break;
-case SSL3_ST_SW_SRVR_HELLO_A: str="3WSH_A"; break;
-case SSL3_ST_SW_SRVR_HELLO_B: str="3WSH_B"; break;
-case SSL3_ST_SW_CERT_A: str="3WSC_A"; break;
-case SSL3_ST_SW_CERT_B: str="3WSC_B"; break;
-case SSL3_ST_SW_KEY_EXCH_A: str="3WSKEA"; break;
-case SSL3_ST_SW_KEY_EXCH_B: str="3WSKEB"; break;
-case SSL3_ST_SW_CERT_REQ_A: str="3WCR_A"; break;
-case SSL3_ST_SW_CERT_REQ_B: str="3WCR_B"; break;
-case SSL3_ST_SW_SRVR_DONE_A: str="3WSD_A"; break;
-case SSL3_ST_SW_SRVR_DONE_B: str="3WSD_B"; break;
-case SSL3_ST_SR_CERT_A: str="3RCC_A"; break;
-case SSL3_ST_SR_CERT_B: str="3RCC_B"; break;
-case SSL3_ST_SR_KEY_EXCH_A: str="3RCKEA"; break;
-case SSL3_ST_SR_KEY_EXCH_B: str="3RCKEB"; break;
-case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break;
-case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break;
-#endif
-
-#if !defined(NO_SSL2) && !defined(NO_SSL3)
-/* SSLv2/v3 compatibility states */
-/* client */
-case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break;
-case SSL23_ST_CW_CLNT_HELLO_B: str="23WCHB"; break;
-case SSL23_ST_CR_SRVR_HELLO_A: str="23RSHA"; break;
-case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break;
-/* server */
-case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break;
-case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break;
-#endif
-
-default: str="UNKWN "; break;
- }
- return(str);
- }
-
-char *SSL_alert_type_string_long(int value)
- {
- value>>=8;
- if (value == SSL3_AL_WARNING)
- return("warning");
- else if (value == SSL3_AL_FATAL)
- return("fatal");
- else
- return("unknown");
- }
-
-char *SSL_alert_type_string(int value)
- {
- value>>=8;
- if (value == SSL3_AL_WARNING)
- return("W");
- else if (value == SSL3_AL_FATAL)
- return("F");
- else
- return("U");
- }
-
-char *SSL_alert_desc_string(int value)
- {
- char *str;
-
- switch (value & 0xff)
- {
- case SSL3_AD_CLOSE_NOTIFY: str="CN"; break;
- case SSL3_AD_UNEXPECTED_MESSAGE: str="UM"; break;
- case SSL3_AD_BAD_RECORD_MAC: str="BM"; break;
- case SSL3_AD_DECOMPRESSION_FAILURE: str="DF"; break;
- case SSL3_AD_HANDSHAKE_FAILURE: str="HF"; break;
- case SSL3_AD_NO_CERTIFICATE: str="NC"; break;
- case SSL3_AD_BAD_CERTIFICATE: str="BC"; break;
- case SSL3_AD_UNSUPPORTED_CERTIFICATE: str="UC"; break;
- case SSL3_AD_CERTIFICATE_REVOKED: str="CR"; break;
- case SSL3_AD_CERTIFICATE_EXPIRED: str="CE"; break;
- case SSL3_AD_CERTIFICATE_UNKNOWN: str="CU"; break;
- case SSL3_AD_ILLEGAL_PARAMETER: str="IP"; break;
- default: str="UK"; break;
- }
- return(str);
- }
-
-char *SSL_alert_desc_string_long(int value)
- {
- char *str;
-
- switch (value & 0xff)
- {
- case SSL3_AD_CLOSE_NOTIFY:
- str="close notify";
- break;
- case SSL3_AD_UNEXPECTED_MESSAGE:
- str="unexpected_message";
- break;
- case SSL3_AD_BAD_RECORD_MAC:
- str="bad record mac";
- break;
- case SSL3_AD_DECOMPRESSION_FAILURE:
- str="decompression failure";
- break;
- case SSL3_AD_HANDSHAKE_FAILURE:
- str="handshake failure";
- break;
- case SSL3_AD_NO_CERTIFICATE:
- str="no certificate";
- break;
- case SSL3_AD_BAD_CERTIFICATE:
- str="bad certificate";
- break;
- case SSL3_AD_UNSUPPORTED_CERTIFICATE:
- str="unsupported certificate";
- break;
- case SSL3_AD_CERTIFICATE_REVOKED:
- str="certificate revoked";
- break;
- case SSL3_AD_CERTIFICATE_EXPIRED:
- str="certificate expired";
- break;
- case SSL3_AD_CERTIFICATE_UNKNOWN:
- str="certificate unknown";
- break;
- case SSL3_AD_ILLEGAL_PARAMETER:
- str="illegal parameter";
- break;
- default: str="unknown"; break;
- }
- return(str);
- }
-
-char *SSL_rstate_string(SSL *s)
- {
- char *str;
-
- switch (s->rstate)
- {
- case SSL_ST_READ_HEADER:str="RH"; break;
- case SSL_ST_READ_BODY: str="RB"; break;
- case SSL_ST_READ_DONE: str="RD"; break;
- default: str="unknown"; break;
- }
- return(str);
- }
diff --git a/src/lib/libssl/ssl_txt.c b/src/lib/libssl/ssl_txt.c
deleted file mode 100644
index 6e33eec3e4..0000000000
--- a/src/lib/libssl/ssl_txt.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/* ssl/ssl_txt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/buffer.h>
-#include "ssl_locl.h"
-
-#ifndef NO_FP_API
-int SSL_SESSION_print_fp(FILE *fp, SSL_SESSION *x)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file_internal())) == NULL)
- {
- SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=SSL_SESSION_print(b,x);
- BIO_free(b);
- return(ret);
- }
-#endif
-
-int SSL_SESSION_print(BIO *bp, SSL_SESSION *x)
- {
- unsigned int i;
- char *s;
-
- if (x == NULL) goto err;
- if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err;
- if (x->ssl_version == SSL2_VERSION)
- s="SSLv2";
- else if (x->ssl_version == SSL3_VERSION)
- s="SSLv3";
- else if (x->ssl_version == TLS1_VERSION)
- s="TLSv1";
- else
- s="unknown";
- if (BIO_printf(bp," Protocol : %s\n",s) <= 0) goto err;
-
- if (x->cipher == NULL)
- {
- if (((x->cipher_id) & 0xff000000) == 0x02000000)
- {
- if (BIO_printf(bp," Cipher : %06lX\n",x->cipher_id&0xffffff) <= 0)
- goto err;
- }
- else
- {
- if (BIO_printf(bp," Cipher : %04lX\n",x->cipher_id&0xffff) <= 0)
- goto err;
- }
- }
- else
- {
- if (BIO_printf(bp," Cipher : %s\n",((x->cipher == NULL)?"unknown":x->cipher->name)) <= 0)
- goto err;
- }
- if (BIO_puts(bp," Session-ID: ") <= 0) goto err;
- for (i=0; i<x->session_id_length; i++)
- {
- if (BIO_printf(bp,"%02X",x->session_id[i]) <= 0) goto err;
- }
- if (BIO_puts(bp,"\n Session-ID-ctx: ") <= 0) goto err;
- for (i=0; i<x->sid_ctx_length; i++)
- {
- if (BIO_printf(bp,"%02X",x->sid_ctx[i]) <= 0)
- goto err;
- }
- if (BIO_puts(bp,"\n Master-Key: ") <= 0) goto err;
- for (i=0; i<(unsigned int)x->master_key_length; i++)
- {
- if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err;
- }
- if (BIO_puts(bp,"\n Key-Arg : ") <= 0) goto err;
- if (x->key_arg_length == 0)
- {
- if (BIO_puts(bp,"None") <= 0) goto err;
- }
- else
- for (i=0; i<x->key_arg_length; i++)
- {
- if (BIO_printf(bp,"%02X",x->key_arg[i]) <= 0) goto err;
- }
- if (x->compress_meth != 0)
- {
- SSL_COMP *comp;
-
- ssl_cipher_get_evp(x,NULL,NULL,&comp);
- if (comp == NULL)
- {
- if (BIO_printf(bp,"\n Compression: %d",x->compress_meth) <= 0) goto err;
- }
- else
- {
- if (BIO_printf(bp,"\n Compression: %d (%s)", comp->id,comp->method->name) <= 0) goto err;
- }
- }
- if (x->time != 0L)
- {
- if (BIO_printf(bp, "\n Start Time: %ld",x->time) <= 0) goto err;
- }
- if (x->timeout != 0L)
- {
- if (BIO_printf(bp, "\n Timeout : %ld (sec)",x->timeout) <= 0) goto err;
- }
- if (BIO_puts(bp,"\n") <= 0) goto err;
-
- if (BIO_puts(bp, " Verify return code: ") <= 0) goto err;
- if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
- X509_verify_cert_error_string(x->verify_result)) <= 0) goto err;
-
- return(1);
-err:
- return(0);
- }
-
diff --git a/src/lib/libssl/t1_clnt.c b/src/lib/libssl/t1_clnt.c
deleted file mode 100644
index 9745630a00..0000000000
--- a/src/lib/libssl/t1_clnt.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/* ssl/t1_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include "ssl_locl.h"
-
-static SSL_METHOD *tls1_get_client_method(int ver);
-static SSL_METHOD *tls1_get_client_method(int ver)
- {
- if (ver == TLS1_VERSION)
- return(TLSv1_client_method());
- else
- return(NULL);
- }
-
-SSL_METHOD *TLSv1_client_method(void)
- {
- static int init=1;
- static SSL_METHOD TLSv1_client_data;
-
- if (init)
- {
- memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(),
- sizeof(SSL_METHOD));
- TLSv1_client_data.ssl_connect=ssl3_connect;
- TLSv1_client_data.get_ssl_method=tls1_get_client_method;
- init=0;
- }
- return(&TLSv1_client_data);
- }
-
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
deleted file mode 100644
index a0758e9261..0000000000
--- a/src/lib/libssl/t1_enc.c
+++ /dev/null
@@ -1,648 +0,0 @@
-/* ssl/t1_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/comp.h>
-#include <openssl/md5.h>
-#include <openssl/sha.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include "ssl_locl.h"
-
-static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
- int sec_len, unsigned char *seed, int seed_len,
- unsigned char *out, int olen)
- {
- int chunk,n;
- unsigned int j;
- HMAC_CTX ctx;
- HMAC_CTX ctx_tmp;
- unsigned char A1[HMAC_MAX_MD_CBLOCK];
- unsigned int A1_len;
-
- chunk=EVP_MD_size(md);
-
- HMAC_Init(&ctx,sec,sec_len,md);
- HMAC_Update(&ctx,seed,seed_len);
- HMAC_Final(&ctx,A1,&A1_len);
-
- n=0;
- for (;;)
- {
- HMAC_Init(&ctx,NULL,0,NULL); /* re-init */
- HMAC_Update(&ctx,A1,A1_len);
- memcpy(&ctx_tmp,&ctx,sizeof(ctx)); /* Copy for A2 */ /* not needed for last one */
- HMAC_Update(&ctx,seed,seed_len);
-
- if (olen > chunk)
- {
- HMAC_Final(&ctx,out,&j);
- out+=j;
- olen-=j;
- HMAC_Final(&ctx_tmp,A1,&A1_len); /* calc the next A1 value */
- }
- else /* last one */
- {
- HMAC_Final(&ctx,A1,&A1_len);
- memcpy(out,A1,olen);
- break;
- }
- }
- HMAC_cleanup(&ctx);
- HMAC_cleanup(&ctx_tmp);
- memset(A1,0,sizeof(A1));
- }
-
-static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1,
- unsigned char *label, int label_len,
- const unsigned char *sec, int slen, unsigned char *out1,
- unsigned char *out2, int olen)
- {
- int len,i;
- const unsigned char *S1,*S2;
-
- len=slen/2;
- S1=sec;
- S2= &(sec[len]);
- len+=(slen&1); /* add for odd, make longer */
-
-
- tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen);
- tls1_P_hash(sha1,S2,len,label,label_len,out2,olen);
-
- for (i=0; i<olen; i++)
- out1[i]^=out2[i];
- }
-
-static void tls1_generate_key_block(SSL *s, unsigned char *km,
- unsigned char *tmp, int num)
- {
- unsigned char *p;
- unsigned char buf[SSL3_RANDOM_SIZE*2+
- TLS_MD_MAX_CONST_SIZE];
- p=buf;
-
- memcpy(p,TLS_MD_KEY_EXPANSION_CONST,
- TLS_MD_KEY_EXPANSION_CONST_SIZE);
- p+=TLS_MD_KEY_EXPANSION_CONST_SIZE;
- memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
- p+=SSL3_RANDOM_SIZE;
- memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
- p+=SSL3_RANDOM_SIZE;
-
- tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),
- s->session->master_key,s->session->master_key_length,
- km,tmp,num);
- }
-
-int tls1_change_cipher_state(SSL *s, int which)
- {
- static const unsigned char empty[]="";
- unsigned char *p,*key_block,*mac_secret;
- unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+
- SSL3_RANDOM_SIZE*2];
- unsigned char tmp1[EVP_MAX_KEY_LENGTH];
- unsigned char tmp2[EVP_MAX_KEY_LENGTH];
- unsigned char iv1[EVP_MAX_IV_LENGTH*2];
- unsigned char iv2[EVP_MAX_IV_LENGTH*2];
- unsigned char *ms,*key,*iv,*er1,*er2;
- int client_write;
- EVP_CIPHER_CTX *dd;
- const EVP_CIPHER *c;
- const SSL_COMP *comp;
- const EVP_MD *m;
- int _exp,n,i,j,k,exp_label_len,cl;
-
- _exp=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
- c=s->s3->tmp.new_sym_enc;
- m=s->s3->tmp.new_hash;
- comp=s->s3->tmp.new_compression;
- key_block=s->s3->tmp.key_block;
-
- if (which & SSL3_CC_READ)
- {
- if ((s->enc_read_ctx == NULL) &&
- ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
- OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
- goto err;
- dd= s->enc_read_ctx;
- s->read_hash=m;
- if (s->expand != NULL)
- {
- COMP_CTX_free(s->expand);
- s->expand=NULL;
- }
- if (comp != NULL)
- {
- s->expand=COMP_CTX_new(comp->method);
- if (s->expand == NULL)
- {
- SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
- goto err2;
- }
- if (s->s3->rrec.comp == NULL)
- s->s3->rrec.comp=(unsigned char *)
- OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
- if (s->s3->rrec.comp == NULL)
- goto err;
- }
- memset(&(s->s3->read_sequence[0]),0,8);
- mac_secret= &(s->s3->read_mac_secret[0]);
- }
- else
- {
- if ((s->enc_write_ctx == NULL) &&
- ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
- OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
- goto err;
- dd= s->enc_write_ctx;
- s->write_hash=m;
- if (s->compress != NULL)
- {
- COMP_CTX_free(s->compress);
- s->compress=NULL;
- }
- if (comp != NULL)
- {
- s->compress=COMP_CTX_new(comp->method);
- if (s->compress == NULL)
- {
- SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
- goto err2;
- }
- }
- memset(&(s->s3->write_sequence[0]),0,8);
- mac_secret= &(s->s3->write_mac_secret[0]);
- }
-
- EVP_CIPHER_CTX_init(dd);
-
- p=s->s3->tmp.key_block;
- i=EVP_MD_size(m);
- cl=EVP_CIPHER_key_length(c);
- j=_exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
- cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
- /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
- k=EVP_CIPHER_iv_length(c);
- er1= &(s->s3->client_random[0]);
- er2= &(s->s3->server_random[0]);
- if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
- (which == SSL3_CHANGE_CIPHER_SERVER_READ))
- {
- ms= &(p[ 0]); n=i+i;
- key= &(p[ n]); n+=j+j;
- iv= &(p[ n]); n+=k+k;
- exp_label=(unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST;
- exp_label_len=TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
- client_write=1;
- }
- else
- {
- n=i;
- ms= &(p[ n]); n+=i+j;
- key= &(p[ n]); n+=j+k;
- iv= &(p[ n]); n+=k;
- exp_label=(unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST;
- exp_label_len=TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
- client_write=0;
- }
-
- if (n > s->s3->tmp.key_block_length)
- {
- SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_INTERNAL_ERROR);
- goto err2;
- }
-
- memcpy(mac_secret,ms,i);
-#ifdef TLS_DEBUG
-printf("which = %04X\nmac key=",which);
-{ int z; for (z=0; z<i; z++) printf("%02X%c",ms[z],((z+1)%16)?' ':'\n'); }
-#endif
- if (_exp)
- {
- /* In here I set both the read and write key/iv to the
- * same value since only the correct one will be used :-).
- */
- p=buf;
- memcpy(p,exp_label,exp_label_len);
- p+=exp_label_len;
- memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
- p+=SSL3_RANDOM_SIZE;
- memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
- p+=SSL3_RANDOM_SIZE;
- tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),key,j,
- tmp1,tmp2,EVP_CIPHER_key_length(c));
- key=tmp1;
-
- if (k > 0)
- {
- p=buf;
- memcpy(p,TLS_MD_IV_BLOCK_CONST,
- TLS_MD_IV_BLOCK_CONST_SIZE);
- p+=TLS_MD_IV_BLOCK_CONST_SIZE;
- memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
- p+=SSL3_RANDOM_SIZE;
- memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
- p+=SSL3_RANDOM_SIZE;
- tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,empty,0,
- iv1,iv2,k*2);
- if (client_write)
- iv=iv1;
- else
- iv= &(iv1[k]);
- }
- }
-
- s->session->key_arg_length=0;
-
- EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE));
-#ifdef TLS_DEBUG
-printf("which = %04X\nkey=",which);
-{ int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); }
-printf("\niv=");
-{ int z; for (z=0; z<k; z++) printf("%02X%c",iv[z],((z+1)%16)?' ':'\n'); }
-printf("\n");
-#endif
-
- memset(tmp1,0,sizeof(tmp1));
- memset(tmp2,0,sizeof(tmp1));
- memset(iv1,0,sizeof(iv1));
- memset(iv2,0,sizeof(iv2));
- return(1);
-err:
- SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
-err2:
- return(0);
- }
-
-int tls1_setup_key_block(SSL *s)
- {
- unsigned char *p1,*p2;
- const EVP_CIPHER *c;
- const EVP_MD *hash;
- int num;
- SSL_COMP *comp;
-
- if (s->s3->tmp.key_block_length != 0)
- return(1);
-
- if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp))
- {
- SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
- return(0);
- }
-
- s->s3->tmp.new_sym_enc=c;
- s->s3->tmp.new_hash=hash;
-
- num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
- num*=2;
-
- ssl3_cleanup_key_block(s);
-
- if ((p1=(unsigned char *)OPENSSL_malloc(num)) == NULL)
- goto err;
- if ((p2=(unsigned char *)OPENSSL_malloc(num)) == NULL)
- goto err;
-
- s->s3->tmp.key_block_length=num;
- s->s3->tmp.key_block=p1;
-
-
-#ifdef TLS_DEBUG
-printf("client random\n");
-{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->client_random[z],((z+1)%16)?' ':'\n'); }
-printf("server random\n");
-{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->server_random[z],((z+1)%16)?' ':'\n'); }
-printf("pre-master\n");
-{ int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); }
-#endif
- tls1_generate_key_block(s,p1,p2,num);
- memset(p2,0,num);
- OPENSSL_free(p2);
-#ifdef TLS_DEBUG
-printf("\nkey block\n");
-{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); }
-#endif
-
- return(1);
-err:
- SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
- return(0);
- }
-
-int tls1_enc(SSL *s, int send)
- {
- SSL3_RECORD *rec;
- EVP_CIPHER_CTX *ds;
- unsigned long l;
- int bs,i,ii,j,k,n=0;
- const EVP_CIPHER *enc;
-
- if (send)
- {
- if (s->write_hash != NULL)
- n=EVP_MD_size(s->write_hash);
- ds=s->enc_write_ctx;
- rec= &(s->s3->wrec);
- if (s->enc_write_ctx == NULL)
- enc=NULL;
- else
- enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
- }
- else
- {
- if (s->read_hash != NULL)
- n=EVP_MD_size(s->read_hash);
- ds=s->enc_read_ctx;
- rec= &(s->s3->rrec);
- if (s->enc_read_ctx == NULL)
- enc=NULL;
- else
- enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
- }
-
- if ((s->session == NULL) || (ds == NULL) ||
- (enc == NULL))
- {
- memmove(rec->data,rec->input,rec->length);
- rec->input=rec->data;
- }
- else
- {
- l=rec->length;
- bs=EVP_CIPHER_block_size(ds->cipher);
-
- if ((bs != 1) && send)
- {
- i=bs-((int)l%bs);
-
- /* Add weird padding of upto 256 bytes */
-
- /* we need to add 'i' padding bytes of value j */
- j=i-1;
- if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG)
- {
- if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
- j++;
- }
- for (k=(int)l; k<(int)(l+i); k++)
- rec->input[k]=j;
- l+=i;
- rec->length+=i;
- }
-
- if (!send)
- {
- if (l == 0 || l%bs != 0)
- {
- SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPT_ERROR);
- return(0);
- }
- }
-
- EVP_Cipher(ds,rec->data,rec->input,l);
-
- if ((bs != 1) && !send)
- {
- ii=i=rec->data[l-1]; /* padding_length */
- i++;
- if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
- {
- /* First packet is even in size, so check */
- if ((memcmp(s->s3->read_sequence,
- "\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1))
- s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG;
- if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
- i--;
- }
- /* TLS 1.0 does not bound the number of padding bytes by the block size.
- * All of them must have value 'padding_length'. */
- if (i > (int)rec->length)
- {
- SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
- return(0);
- }
- for (j=(int)(l-i); j<(int)l; j++)
- {
- if (rec->data[j] != ii)
- {
- SSLerr(SSL_F_TLS1_ENC,SSL_R_DECRYPTION_FAILED);
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
- return(0);
- }
- }
- rec->length-=i;
- }
- }
- return(1);
- }
-
-int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in_ctx, unsigned char *out)
- {
- unsigned int ret;
- EVP_MD_CTX ctx;
-
- EVP_MD_CTX_copy(&ctx,in_ctx);
- EVP_DigestFinal(&ctx,out,&ret);
- return((int)ret);
- }
-
-int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
- const char *str, int slen, unsigned char *out)
- {
- unsigned int i;
- EVP_MD_CTX ctx;
- unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
- unsigned char *q,buf2[12];
-
- q=buf;
- memcpy(q,str,slen);
- q+=slen;
-
- EVP_MD_CTX_copy(&ctx,in1_ctx);
- EVP_DigestFinal(&ctx,q,&i);
- q+=i;
- EVP_MD_CTX_copy(&ctx,in2_ctx);
- EVP_DigestFinal(&ctx,q,&i);
- q+=i;
-
- tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf),
- s->session->master_key,s->session->master_key_length,
- out,buf2,12);
- memset(&ctx,0,sizeof(EVP_MD_CTX));
-
- return((int)12);
- }
-
-int tls1_mac(SSL *ssl, unsigned char *md, int send)
- {
- SSL3_RECORD *rec;
- unsigned char *mac_sec,*seq;
- const EVP_MD *hash;
- unsigned int md_size;
- int i;
- HMAC_CTX hmac;
- unsigned char buf[5];
-
- if (send)
- {
- rec= &(ssl->s3->wrec);
- mac_sec= &(ssl->s3->write_mac_secret[0]);
- seq= &(ssl->s3->write_sequence[0]);
- hash=ssl->write_hash;
- }
- else
- {
- rec= &(ssl->s3->rrec);
- mac_sec= &(ssl->s3->read_mac_secret[0]);
- seq= &(ssl->s3->read_sequence[0]);
- hash=ssl->read_hash;
- }
-
- md_size=EVP_MD_size(hash);
-
- buf[0]=rec->type;
- buf[1]=TLS1_VERSION_MAJOR;
- buf[2]=TLS1_VERSION_MINOR;
- buf[3]=rec->length>>8;
- buf[4]=rec->length&0xff;
-
- /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
- HMAC_Init(&hmac,mac_sec,EVP_MD_size(hash),hash);
- HMAC_Update(&hmac,seq,8);
- HMAC_Update(&hmac,buf,5);
- HMAC_Update(&hmac,rec->input,rec->length);
- HMAC_Final(&hmac,md,&md_size);
-
-#ifdef TLS_DEBUG
-printf("sec=");
-{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
-printf("seq=");
-{int z; for (z=0; z<8; z++) printf("%02X ",seq[z]); printf("\n"); }
-printf("buf=");
-{int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); }
-printf("rec=");
-{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
-#endif
-
- for (i=7; i>=0; i--)
- {
- ++seq[i];
- if (seq[i] != 0) break;
- }
-
-#ifdef TLS_DEBUG
-{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",md[z]); printf("\n"); }
-#endif
- return(md_size);
- }
-
-int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
- int len)
- {
- unsigned char buf[SSL3_RANDOM_SIZE*2+TLS_MD_MASTER_SECRET_CONST_SIZE];
- unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
-
- /* Setup the stuff to munge */
- memcpy(buf,TLS_MD_MASTER_SECRET_CONST,
- TLS_MD_MASTER_SECRET_CONST_SIZE);
- memcpy(&(buf[TLS_MD_MASTER_SECRET_CONST_SIZE]),
- s->s3->client_random,SSL3_RANDOM_SIZE);
- memcpy(&(buf[SSL3_RANDOM_SIZE+TLS_MD_MASTER_SECRET_CONST_SIZE]),
- s->s3->server_random,SSL3_RANDOM_SIZE);
- tls1_PRF(s->ctx->md5,s->ctx->sha1,
- buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len,
- s->session->master_key,buff,SSL3_MASTER_SECRET_SIZE);
- return(SSL3_MASTER_SECRET_SIZE);
- }
-
-int tls1_alert_code(int code)
- {
- switch (code)
- {
- case SSL_AD_CLOSE_NOTIFY: return(SSL3_AD_CLOSE_NOTIFY);
- case SSL_AD_UNEXPECTED_MESSAGE: return(SSL3_AD_UNEXPECTED_MESSAGE);
- case SSL_AD_BAD_RECORD_MAC: return(SSL3_AD_BAD_RECORD_MAC);
- case SSL_AD_DECRYPTION_FAILED: return(TLS1_AD_DECRYPTION_FAILED);
- case SSL_AD_RECORD_OVERFLOW: return(TLS1_AD_RECORD_OVERFLOW);
- case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE);
- case SSL_AD_HANDSHAKE_FAILURE: return(SSL3_AD_HANDSHAKE_FAILURE);
- case SSL_AD_NO_CERTIFICATE: return(-1);
- case SSL_AD_BAD_CERTIFICATE: return(SSL3_AD_BAD_CERTIFICATE);
- case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE);
- case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED);
- case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED);
- case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN);
- case SSL_AD_ILLEGAL_PARAMETER: return(SSL3_AD_ILLEGAL_PARAMETER);
- case SSL_AD_UNKNOWN_CA: return(TLS1_AD_UNKNOWN_CA);
- case SSL_AD_ACCESS_DENIED: return(TLS1_AD_ACCESS_DENIED);
- case SSL_AD_DECODE_ERROR: return(TLS1_AD_DECODE_ERROR);
- case SSL_AD_DECRYPT_ERROR: return(TLS1_AD_DECRYPT_ERROR);
- case SSL_AD_EXPORT_RESTRICTION: return(TLS1_AD_EXPORT_RESTRICTION);
- case SSL_AD_PROTOCOL_VERSION: return(TLS1_AD_PROTOCOL_VERSION);
- case SSL_AD_INSUFFICIENT_SECURITY:return(TLS1_AD_INSUFFICIENT_SECURITY);
- case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR);
- case SSL_AD_USER_CANCELLED: return(TLS1_AD_USER_CANCELLED);
- case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION);
- default: return(-1);
- }
- }
-
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
deleted file mode 100644
index ca6c03d5af..0000000000
--- a/src/lib/libssl/t1_lib.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* ssl/t1_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-const char *tls1_version_str="TLSv1" OPENSSL_VERSION_PTEXT;
-
-static long tls1_default_timeout(void);
-
-static SSL3_ENC_METHOD TLSv1_enc_data={
- tls1_enc,
- tls1_mac,
- tls1_setup_key_block,
- tls1_generate_master_secret,
- tls1_change_cipher_state,
- tls1_final_finish_mac,
- TLS1_FINISH_MAC_LENGTH,
- tls1_cert_verify_mac,
- TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
- TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
- tls1_alert_code,
- };
-
-static SSL_METHOD TLSv1_data= {
- TLS1_VERSION,
- tls1_new,
- tls1_clear,
- tls1_free,
- ssl_undefined_function,
- ssl_undefined_function,
- ssl3_read,
- ssl3_peek,
- ssl3_write,
- ssl3_shutdown,
- ssl3_renegotiate,
- ssl3_renegotiate_check,
- ssl3_ctrl,
- ssl3_ctx_ctrl,
- ssl3_get_cipher_by_char,
- ssl3_put_cipher_by_char,
- ssl3_pending,
- ssl3_num_ciphers,
- ssl3_get_cipher,
- ssl_bad_method,
- tls1_default_timeout,
- &TLSv1_enc_data,
- ssl_undefined_function,
- ssl3_callback_ctrl,
- ssl3_ctx_callback_ctrl,
- };
-
-static long tls1_default_timeout(void)
- {
- /* 2 hours, the 24 hours mentioned in the TLSv1 spec
- * is way too long for http, the cache would over fill */
- return(60*60*2);
- }
-
-SSL_METHOD *tlsv1_base_method(void)
- {
- return(&TLSv1_data);
- }
-
-int tls1_new(SSL *s)
- {
- if (!ssl3_new(s)) return(0);
- s->method->ssl_clear(s);
- return(1);
- }
-
-void tls1_free(SSL *s)
- {
- ssl3_free(s);
- }
-
-void tls1_clear(SSL *s)
- {
- ssl3_clear(s);
- s->version=TLS1_VERSION;
- }
-
-#if 0
-long tls1_ctrl(SSL *s, int cmd, long larg, char *parg)
- {
- return(0);
- }
-
-long tls1_callback_ctrl(SSL *s, int cmd, void *(*fp)())
- {
- return(0);
- }
-#endif
diff --git a/src/lib/libssl/t1_meth.c b/src/lib/libssl/t1_meth.c
deleted file mode 100644
index 9bb36a7d1c..0000000000
--- a/src/lib/libssl/t1_meth.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* ssl/t1_meth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-static SSL_METHOD *tls1_get_method(int ver);
-static SSL_METHOD *tls1_get_method(int ver)
- {
- if (ver == TLS1_VERSION)
- return(TLSv1_method());
- else
- return(NULL);
- }
-
-SSL_METHOD *TLSv1_method(void)
- {
- static int init=1;
- static SSL_METHOD TLSv1_data;
-
- if (init)
- {
- memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
- sizeof(SSL_METHOD));
- TLSv1_data.ssl_connect=ssl3_connect;
- TLSv1_data.ssl_accept=ssl3_accept;
- TLSv1_data.get_ssl_method=tls1_get_method;
- init=0;
- }
- return(&TLSv1_data);
- }
-
diff --git a/src/lib/libssl/t1_srvr.c b/src/lib/libssl/t1_srvr.c
deleted file mode 100644
index 996b7ca8e2..0000000000
--- a/src/lib/libssl/t1_srvr.c
+++ /dev/null
@@ -1,91 +0,0 @@
-/* ssl/t1_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include "ssl_locl.h"
-
-static SSL_METHOD *tls1_get_server_method(int ver);
-static SSL_METHOD *tls1_get_server_method(int ver)
- {
- if (ver == TLS1_VERSION)
- return(TLSv1_server_method());
- else
- return(NULL);
- }
-
-SSL_METHOD *TLSv1_server_method(void)
- {
- static int init=1;
- static SSL_METHOD TLSv1_server_data;
-
- if (init)
- {
- memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(),
- sizeof(SSL_METHOD));
- TLSv1_server_data.ssl_accept=ssl3_accept;
- TLSv1_server_data.get_ssl_method=tls1_get_server_method;
- init=0;
- }
- return(&TLSv1_server_data);
- }
-
diff --git a/src/lib/libssl/test/CAss.cnf b/src/lib/libssl/test/CAss.cnf
deleted file mode 100644
index b941b7ae15..0000000000
--- a/src/lib/libssl/test/CAss.cnf
+++ /dev/null
@@ -1,25 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE = ./.rnd
-
-####################################################################
-[ req ]
-default_bits = 512
-default_keyfile = keySS.pem
-distinguished_name = req_distinguished_name
-encrypt_rsa_key = no
-default_md = sha1
-
-[ req_distinguished_name ]
-countryName = Country Name (2 letter code)
-countryName_default = AU
-countryName_value = AU
-
-organizationName = Organization Name (eg, company)
-organizationName_value = Dodgy Brothers
-
-commonName = Common Name (eg, YOUR name)
-commonName_value = Dodgy CA
diff --git a/src/lib/libssl/test/CAssdh.cnf b/src/lib/libssl/test/CAssdh.cnf
deleted file mode 100644
index 4e0a908679..0000000000
--- a/src/lib/libssl/test/CAssdh.cnf
+++ /dev/null
@@ -1,24 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DH certs - CA
-
-RANDFILE = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name = req_distinguished_name
-encrypt_rsa_key = no
-
-[ req_distinguished_name ]
-countryName = Country Name (2 letter code)
-countryName_default = CU
-countryName_value = CU
-
-organizationName = Organization Name (eg, company)
-organizationName_value = La Junta de la Revolucion
-
-commonName = Common Name (eg, YOUR name)
-commonName_value = Junta
-
diff --git a/src/lib/libssl/test/CAssdsa.cnf b/src/lib/libssl/test/CAssdsa.cnf
deleted file mode 100644
index a6b4d1810c..0000000000
--- a/src/lib/libssl/test/CAssdsa.cnf
+++ /dev/null
@@ -1,23 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DSA certs - CA
-
-RANDFILE = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name = req_distinguished_name
-encrypt_rsa_key = no
-
-[ req_distinguished_name ]
-countryName = Country Name (2 letter code)
-countryName_default = ES
-countryName_value = ES
-
-organizationName = Organization Name (eg, company)
-organizationName_value = Hermanos Locos
-
-commonName = Common Name (eg, YOUR name)
-commonName_value = Hermanos Locos CA
diff --git a/src/lib/libssl/test/CAssrsa.cnf b/src/lib/libssl/test/CAssrsa.cnf
deleted file mode 100644
index eb24a6dfc0..0000000000
--- a/src/lib/libssl/test/CAssrsa.cnf
+++ /dev/null
@@ -1,24 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# create RSA certs - CA
-
-RANDFILE = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name = req_distinguished_name
-encrypt_key = no
-
-[ req_distinguished_name ]
-countryName = Country Name (2 letter code)
-countryName_default = ES
-countryName_value = ES
-
-organizationName = Organization Name (eg, company)
-organizationName_value = Hermanos Locos
-
-commonName = Common Name (eg, YOUR name)
-commonName_value = Hermanos Locos CA
-
diff --git a/src/lib/libssl/test/Sssdsa.cnf b/src/lib/libssl/test/Sssdsa.cnf
deleted file mode 100644
index 8e170a28ef..0000000000
--- a/src/lib/libssl/test/Sssdsa.cnf
+++ /dev/null
@@ -1,27 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DSA certs - Server
-
-RANDFILE = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name = req_distinguished_name
-encrypt_rsa_key = no
-
-[ req_distinguished_name ]
-countryName = Country Name (2 letter code)
-countryName_default = ES
-countryName_value = ES
-
-organizationName = Organization Name (eg, company)
-organizationName_value = Tortilleras S.A.
-
-0.commonName = Common Name (eg, YOUR name)
-0.commonName_value = Torti
-
-1.commonName = Common Name (eg, YOUR name)
-1.commonName_value = Gordita
-
diff --git a/src/lib/libssl/test/Sssrsa.cnf b/src/lib/libssl/test/Sssrsa.cnf
deleted file mode 100644
index 8c79a03fca..0000000000
--- a/src/lib/libssl/test/Sssrsa.cnf
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# create RSA certs - Server
-
-RANDFILE = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name = req_distinguished_name
-encrypt_key = no
-
-[ req_distinguished_name ]
-countryName = Country Name (2 letter code)
-countryName_default = ES
-countryName_value = ES
-
-organizationName = Organization Name (eg, company)
-organizationName_value = Tortilleras S.A.
-
-0.commonName = Common Name (eg, YOUR name)
-0.commonName_value = Torti
-
-1.commonName = Common Name (eg, YOUR name)
-1.commonName_value = Gordita
diff --git a/src/lib/libssl/test/Uss.cnf b/src/lib/libssl/test/Uss.cnf
deleted file mode 100644
index c89692d519..0000000000
--- a/src/lib/libssl/test/Uss.cnf
+++ /dev/null
@@ -1,28 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE = ./.rnd
-
-####################################################################
-[ req ]
-default_bits = 512
-default_keyfile = keySS.pem
-distinguished_name = req_distinguished_name
-encrypt_rsa_key = no
-default_md = md2
-
-[ req_distinguished_name ]
-countryName = Country Name (2 letter code)
-countryName_default = AU
-countryName_value = AU
-
-organizationName = Organization Name (eg, company)
-organizationName_value = Dodgy Brothers
-
-0.commonName = Common Name (eg, YOUR name)
-0.commonName_value = Brother 1
-
-1.commonName = Common Name (eg, YOUR name)
-1.commonName_value = Brother 2
diff --git a/src/lib/libssl/test/VMSca-response.1 b/src/lib/libssl/test/VMSca-response.1
deleted file mode 100644
index 8b13789179..0000000000
--- a/src/lib/libssl/test/VMSca-response.1
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/src/lib/libssl/test/VMSca-response.2 b/src/lib/libssl/test/VMSca-response.2
deleted file mode 100644
index 9b48ee4cf9..0000000000
--- a/src/lib/libssl/test/VMSca-response.2
+++ /dev/null
@@ -1,2 +0,0 @@
-y
-y
diff --git a/src/lib/libssl/test/bctest b/src/lib/libssl/test/bctest
deleted file mode 100644
index bdb3218f7a..0000000000
--- a/src/lib/libssl/test/bctest
+++ /dev/null
@@ -1,111 +0,0 @@
-#!/bin/sh
-
-# This script is used by test/Makefile.ssl to check whether a sane 'bc'
-# is installed.
-# ('make test_bn' should not try to run 'bc' if it does not exist or if
-# it is a broken 'bc' version that is known to cause trouble.)
-#
-# If 'bc' works, we also test if it knows the 'print' command.
-#
-# In any case, output an appropriate command line for running (or not
-# running) bc.
-
-
-IFS=:
-try_without_dir=true
-# First we try "bc", then "$dir/bc" for each item in $PATH.
-for dir in dummy:$PATH; do
- if [ "$try_without_dir" = true ]; then
- # first iteration
- bc=bc
- try_without_dir=false
- else
- # second and later iterations
- bc="$dir/bc"
- if [ ! -f "$bc" ]; then # '-x' is not available on Ultrix
- bc=''
- fi
- fi
-
- if [ ! "$bc" = '' ]; then
- failure=none
-
-
- # Test for SunOS 5.[78] bc bug
- "$bc" >tmp.bctest <<\EOF
-obase=16
-ibase=16
-a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
-CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
-10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
-C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
-3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
-4FC3CADF855448B24A9D7640BCF473E
-b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
-9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
-8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
-3ED0E2017D60A68775B75481449
-(a/b)*b + (a%b) - a
-EOF
- if [ 0 != "`cat tmp.bctest`" ]; then
- failure=SunOStest
- fi
-
-
- if [ "$failure" = none ]; then
- # Test for SCO bc bug.
- "$bc" >tmp.bctest <<\EOF
-obase=16
-ibase=16
--FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
-9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
-11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
-1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
-AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
-F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
-B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
-02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
-85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
-A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
-E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
-8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
-04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
-89C8D71
-AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
-928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
-8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
-37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
-E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
-F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
-9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
-D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
-5296964
-EOF
- if [ "0
-0" != "`cat tmp.bctest`" ]; then
- failure=SCOtest
- fi
- fi
-
-
- if [ "$failure" = none ]; then
- # bc works; now check if it knows the 'print' command.
- if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ]
- then
- echo "$bc"
- else
- echo "sed 's/print.*//' | $bc"
- fi
- exit 0
- fi
-
- echo "$bc does not work properly ('$failure' failed). Looking for another bc ..." >&2
- fi
-done
-
-echo "No working bc found. Consider installing GNU bc." >&2
-if [ "$1" = ignore ]; then
- echo "cat >/dev/null"
- exit 0
-fi
-exit 1
diff --git a/src/lib/libssl/test/methtest.c b/src/lib/libssl/test/methtest.c
deleted file mode 100644
index 06ccb3b310..0000000000
--- a/src/lib/libssl/test/methtest.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* test/methtest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-#include "meth.h"
-#include <openssl/err.h>
-
-int main(argc,argv)
-int argc;
-char *argv[];
- {
- METHOD_CTX *top,*tmp1,*tmp2;
-
- top=METH_new(x509_lookup()); /* get a top level context */
- if (top == NULL) goto err;
-
- tmp1=METH_new(x509_by_file());
- if (top == NULL) goto err;
- METH_arg(tmp1,METH_TYPE_FILE,"cafile1");
- METH_arg(tmp1,METH_TYPE_FILE,"cafile2");
- METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1);
-
- tmp2=METH_new(x509_by_dir());
- METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts");
- METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs");
- METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs");
- METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2);
-
-/* tmp=METH_new(x509_by_issuer_dir);
- METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
- METH_push(top,METH_X509_BY_ISSUER,tmp);
-
- tmp=METH_new(x509_by_issuer_primary);
- METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
- METH_push(top,METH_X509_BY_ISSUER,tmp);
-*/
-
- METH_init(top);
- METH_control(tmp1,METH_CONTROL_DUMP,stdout);
- METH_control(tmp2,METH_CONTROL_DUMP,stdout);
- exit(0);
-err:
- ERR_load_crypto_strings();
- ERR_print_errors_fp(stderr);
- exit(1);
- return(0);
- }
diff --git a/src/lib/libssl/test/pkcs7-1.pem b/src/lib/libssl/test/pkcs7-1.pem
deleted file mode 100644
index c47b27af88..0000000000
--- a/src/lib/libssl/test/pkcs7-1.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN PKCS7-----
-MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
-SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
-AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
-eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
-MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
-bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
-ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
-FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
-9XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
-BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
-bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
-BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
-j7Kie1x339mxW/w9VZNTUDQQweHh
------END PKCS7-----
diff --git a/src/lib/libssl/test/pkcs7.pem b/src/lib/libssl/test/pkcs7.pem
deleted file mode 100644
index d55c60b94e..0000000000
--- a/src/lib/libssl/test/pkcs7.pem
+++ /dev/null
@@ -1,54 +0,0 @@
- MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
- AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
- EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
- cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
- ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
- MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
- c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
- bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
- CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
- Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
- CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
- ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
- l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
- HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
- Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
- c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
- YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
- dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
- dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
- LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
- ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
- biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
- IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
- AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
- L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
- HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
- slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
- ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
- /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
- aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
- ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
- OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
- MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
- Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
- qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
- sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
- P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
- A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
- KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
- Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
- Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
- hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
- Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
- dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
- KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
- dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
- I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
- ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
- ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
- ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
- MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
- /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
- DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
- b+xSu/jH0gAAMYAAAAAAAAAAAA==
diff --git a/src/lib/libssl/test/r160test.c b/src/lib/libssl/test/r160test.c
deleted file mode 100644
index a172e393ca..0000000000
--- a/src/lib/libssl/test/r160test.c
+++ /dev/null
@@ -1,57 +0,0 @@
-/* test/r160test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
diff --git a/src/lib/libssl/test/tcrl b/src/lib/libssl/test/tcrl
deleted file mode 100644
index acaf8f3c47..0000000000
--- a/src/lib/libssl/test/tcrl
+++ /dev/null
@@ -1,81 +0,0 @@
-#!/bin/sh
-
-PATH=../apps:$PATH
-export PATH
-
-cmd='../apps/openssl crl'
-
-if [ "$1"x != "x" ]; then
- t=$1
-else
- t=testcrl.pem
-fi
-
-echo testing crl conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/src/lib/libssl/test/test.cnf b/src/lib/libssl/test/test.cnf
deleted file mode 100644
index faad3914a8..0000000000
--- a/src/lib/libssl/test/test.cnf
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE = ./.rnd
-
-####################################################################
-[ ca ]
-default_ca = CA_default # The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir = ./demoCA # Where everything is kept
-certs = $dir/certs # Where the issued certs are kept
-crl_dir = $dir/crl # Where the issued crl are kept
-database = $dir/index.txt # database index file.
-new_certs_dir = $dir/new_certs # default place for new certs.
-
-certificate = $dir/CAcert.pem # The CA certificate
-serial = $dir/serial # The current serial number
-crl = $dir/crl.pem # The current CRL
-private_key = $dir/private/CAkey.pem# The private key
-RANDFILE = $dir/private/.rand # private random number file
-
-default_days = 365 # how long to certify for
-default_crl_days= 30 # how long before next CRL
-default_md = md5 # which md to use.
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy = policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName = match
-stateOrProvinceName = match
-organizationName = match
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-
-####################################################################
-[ req ]
-default_bits = 512
-default_keyfile = testkey.pem
-distinguished_name = req_distinguished_name
-encrypt_rsa_key = no
-
-[ req_distinguished_name ]
-countryName = Country Name (2 letter code)
-countryName_default = AU
-countryName_value = AU
-
-stateOrProvinceName = State or Province Name (full name)
-stateOrProvinceName_default = Queensland
-stateOrProvinceName_value =
-
-localityName = Locality Name (eg, city)
-localityName_value = Brisbane
-
-organizationName = Organization Name (eg, company)
-organizationName_default =
-organizationName_value = CryptSoft Pty Ltd
-
-organizationalUnitName = Organizational Unit Name (eg, section)
-organizationalUnitName_default =
-organizationalUnitName_value = .
-
-commonName = Common Name (eg, YOUR name)
-commonName_value = Eric Young
-
-emailAddress = Email Address
-emailAddress_value = eay@mincom.oz.au
diff --git a/src/lib/libssl/test/testca b/src/lib/libssl/test/testca
deleted file mode 100644
index 88c186b6ab..0000000000
--- a/src/lib/libssl/test/testca
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-
-SH="/bin/sh"
-PATH=../apps:$PATH
-export SH PATH
-
-SSLEAY_CONFIG="-config CAss.cnf"
-export SSLEAY_CONFIG
-
-/bin/rm -fr demoCA
-$SH ../apps/CA.sh -newca <<EOF
-EOF
-
-if [ $? != 0 ]; then
- exit 1;
-fi
-
-SSLEAY_CONFIG="-config Uss.cnf"
-export SSLEAY_CONFIG
-$SH ../apps/CA.sh -newreq
-if [ $? != 0 ]; then
- exit 1;
-fi
-
-
-SSLEAY_CONFIG="-config ../apps/openssl.cnf"
-export SSLEAY_CONFIG
-$SH ../apps/CA.sh -sign <<EOF
-y
-y
-EOF
-if [ $? != 0 ]; then
- exit 1;
-fi
-
-
-$SH ../apps/CA.sh -verify newcert.pem
-if [ $? != 0 ]; then
- exit 1;
-fi
-
-/bin/rm -fr demoCA newcert.pem newreq.pem
-#usage: CA -newcert|-newreq|-newca|-sign|-verify
-
diff --git a/src/lib/libssl/test/testcrl.pem b/src/lib/libssl/test/testcrl.pem
deleted file mode 100644
index 0989788354..0000000000
--- a/src/lib/libssl/test/testcrl.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN X509 CRL-----
-MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
-F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
-IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw
-MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw
-MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw
-MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw
-MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw
-MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw
-MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw
-NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw
-NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF
-AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ
-wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt
-JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v
------END X509 CRL-----
diff --git a/src/lib/libssl/test/testenc b/src/lib/libssl/test/testenc
deleted file mode 100644
index 0656c7f525..0000000000
--- a/src/lib/libssl/test/testenc
+++ /dev/null
@@ -1,54 +0,0 @@
-#!/bin/sh
-
-testsrc=Makefile.ssl
-test=./p
-cmd=../apps/openssl
-
-cat $testsrc >$test;
-
-echo cat
-$cmd enc < $test > $test.cipher
-$cmd enc < $test.cipher >$test.clear
-cmp $test $test.clear
-if [ $? != 0 ]
-then
- exit 1
-else
- /bin/rm $test.cipher $test.clear
-fi
-echo base64
-$cmd enc -a -e < $test > $test.cipher
-$cmd enc -a -d < $test.cipher >$test.clear
-cmp $test $test.clear
-if [ $? != 0 ]
-then
- exit 1
-else
- /bin/rm $test.cipher $test.clear
-fi
-
-for i in `$cmd list-cipher-commands`
-do
- echo $i
- $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
- $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
- cmp $test $test.$i.clear
- if [ $? != 0 ]
- then
- exit 1
- else
- /bin/rm $test.$i.cipher $test.$i.clear
- fi
-
- echo $i base64
- $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
- $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
- cmp $test $test.$i.clear
- if [ $? != 0 ]
- then
- exit 1
- else
- /bin/rm $test.$i.cipher $test.$i.clear
- fi
-done
-rm -f $test
diff --git a/src/lib/libssl/test/testgen b/src/lib/libssl/test/testgen
deleted file mode 100644
index c5f61b582b..0000000000
--- a/src/lib/libssl/test/testgen
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/sh
-
-T=testcert
-KEY=512
-CA=../certs/testca.pem
-
-/bin/rm -f $T.1 $T.2 $T.key
-
-PATH=../apps:$PATH;
-export PATH
-
-echo "generating certificate request"
-
-echo "There should be a 2 sequences of .'s and some +'s."
-echo "There should not be more that at most 80 per line"
-echo "This could take some time."
-
-echo "string to make the random number generator think it has entropy" >> ./.rnd
-
-../apps/openssl req -config test.cnf -new -out testreq.pem
-if [ $? != 0 ]; then
-echo problems creating request
-exit 1
-fi
-
-../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
-if [ $? != 0 ]; then
-echo signature on req is wrong
-exit 1
-fi
-
-exit 0
diff --git a/src/lib/libssl/test/testp7.pem b/src/lib/libssl/test/testp7.pem
deleted file mode 100644
index e5b7866c31..0000000000
--- a/src/lib/libssl/test/testp7.pem
+++ /dev/null
@@ -1,46 +0,0 @@
------BEGIN PKCS7-----
-MIIIGAYJKoZIhvcNAQcCoIIICTCCCAUCAQExADALBgkqhkiG9w0BBwGgggY8MIIE
-cjCCBBygAwIBAgIQeS+OJfWJUZAx6cX0eAiMjzANBgkqhkiG9w0BAQQFADBiMREw
-DwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV
-BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIw
-HhcNOTYwNzE5MDAwMDAwWhcNOTcwMzMwMjM1OTU5WjCB1TERMA8GA1UEBxMISW50
-ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
-biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMSgwJgYDVQQLEx9E
-aWdpdGFsIElEIENsYXNzIDEgLSBTTUlNRSBUZXN0MUcwRQYDVQQLEz53d3cudmVy
-aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMCBJbmMuIGJ5IFJlZi4sTElBQi5M
-VEQoYyk5NjBbMA0GCSqGSIb3DQEBAQUAA0oAMEcCQA7LvHEIAiQ5+4gDYvJGnGAq
-UM5GXyG11diEXmIEZTHUZhorooX5sr8IIjSXiPY59YYUFSvAaharFM1xaBN8zNEC
-AwEAAaOCAjkwggI1MAkGA1UdEwQCMAAwggImBgNVHQMEggIdMIICGTCCAhUwggIR
-BgtghkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
-ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
-IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
-bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
-L0NQUy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29t
-OyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4s
-IE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04
-ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0
-cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJ
-QUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQEC
-MC8wLRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEu
-AzANBgkqhkiG9w0BAQQFAANBAMCYDuSb/eIlYSxY31nZZTaCZkCSfHjlacMofExr
-cF+A2yHoEuT+eCQkqM0pMNHXddUeoQ9RjV+VuMBNmm63DUYwggHCMIIBbKADAgEC
-AhB8CYTq1bkRFJBYOd67cp9JMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
-QTAeFw05NjA3MTcwMDAwMDBaFw05NzA3MTcyMzU5NTlaMGIxETAPBgNVBAcTCElu
-dGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNp
-Z24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDsVzrNgnDhbAJZrWeLd9g1vMZJA2W67D33TTbga6yMt+ES
-TWEywhS6RNP+fzLGg7utinjH4tL60cXa0G27GDsLAgMBAAGjIjAgMAsGA1UdDwQE
-AwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADQQAUp6bRwkaD
-2d1MBs/mjUcgTI2fXVmW8tTm/Ud6OzUwpC3vYgybiOOA4f6mOC5dbyUHrLOsrihU
-47ZQ0Jo1DUfboYIBrTCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
-QRcNOTYwNzE3MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANB
-AHitA0/xAukCjHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMl
-ExONA3ju10f7owIq3s3wx10wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UE
-BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytW
-ZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3
-MTcxNzU5MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsW
-sQmste9f+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9
-XfZsaiiIgotQHjEA
------END PKCS7-----
diff --git a/src/lib/libssl/test/testreq2.pem b/src/lib/libssl/test/testreq2.pem
deleted file mode 100644
index c3cdcffcbc..0000000000
--- a/src/lib/libssl/test/testreq2.pem
+++ /dev/null
@@ -1,7 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
-QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
-DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
-hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
-gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
------END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/test/testrsa.pem b/src/lib/libssl/test/testrsa.pem
deleted file mode 100644
index aad21067a8..0000000000
--- a/src/lib/libssl/test/testrsa.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
-Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
-rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
-oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
-mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
-rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
-mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
------END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/test/testsid.pem b/src/lib/libssl/test/testsid.pem
deleted file mode 100644
index 7ffd008f66..0000000000
--- a/src/lib/libssl/test/testsid.pem
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN SSL SESSION PARAMETERS-----
-MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
-bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
-ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
-YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
-A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
-LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
-CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
-TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
-hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
-CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0
------END SSL SESSION PARAMETERS-----
diff --git a/src/lib/libssl/test/testss b/src/lib/libssl/test/testss
deleted file mode 100644
index da62997a5f..0000000000
--- a/src/lib/libssl/test/testss
+++ /dev/null
@@ -1,90 +0,0 @@
-#!/bin/sh
-
-digest='-mdc2'
-reqcmd="../apps/openssl req"
-x509cmd="../apps/openssl x509 $digest"
-verifycmd="../apps/openssl verify"
-dummycnf="../apps/openssl.cnf"
-
-CAkey="keyCA.ss"
-CAcert="certCA.ss"
-CAreq="reqCA.ss"
-CAconf="CAss.cnf"
-CAreq2="req2CA.ss" # temp
-
-Uconf="Uss.cnf"
-Ukey="keyU.ss"
-Ureq="reqU.ss"
-Ucert="certU.ss"
-
-echo
-echo "make a certificate request using 'req'"
-$reqcmd -config $CAconf -out $CAreq -keyout $CAkey -new #>err.ss
-if [ $? != 0 ]; then
- echo "error using 'req' to generate a certificate request"
- exit 1
-fi
-echo
-echo "convert the certificate request into a self signed certificate using 'x509'"
-$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >err.ss
-if [ $? != 0 ]; then
- echo "error using 'x509' to self sign a certificate request"
- exit 1
-fi
-
-echo
-echo "convert a certificate into a certificate request using 'x509'"
-$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
-if [ $? != 0 ]; then
- echo "error using 'x509' convert a certificate to a certificate request"
- exit 1
-fi
-
-$reqcmd -config $dummycnf -verify -in $CAreq -noout
-if [ $? != 0 ]; then
- echo first generated request is invalid
- exit 1
-fi
-
-$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
-if [ $? != 0 ]; then
- echo second generated request is invalid
- exit 1
-fi
-
-$verifycmd -CAfile $CAcert $CAcert
-if [ $? != 0 ]; then
- echo first generated cert is invalid
- exit 1
-fi
-
-echo
-echo "make another certificate request using 'req'"
-$reqcmd -config $Uconf -out $Ureq -keyout $Ukey -new >err.ss
-if [ $? != 0 ]; then
- echo "error using 'req' to generate a certificate request"
- exit 1
-fi
-
-echo
-echo "sign certificate request with the just created CA via 'x509'"
-$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey >err.ss
-if [ $? != 0 ]; then
- echo "error using 'x509' to sign a certificate request"
- exit 1
-fi
-
-$verifycmd -CAfile $CAcert $Ucert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
-
-echo
-echo The generated CA certificate is $CAcert
-echo The generated CA private key is $CAkey
-
-echo The generated user certificate is $Ucert
-echo The generated user private key is $Ukey
-
-/bin/rm err.ss
-exit 0
diff --git a/src/lib/libssl/test/testssl b/src/lib/libssl/test/testssl
deleted file mode 100644
index a88e290c57..0000000000
--- a/src/lib/libssl/test/testssl
+++ /dev/null
@@ -1,81 +0,0 @@
-#!/bin/sh
-
-echo test sslv2
-./ssltest -ssl2 || exit 1
-
-echo test sslv2 with server authentication
-./ssltest -ssl2 -server_auth -CApath ../certs || exit 1
-
-echo test sslv2 with client authentication
-./ssltest -ssl2 -client_auth -CApath ../certs || exit 1
-
-echo test sslv2 with both client and server authentication
-./ssltest -ssl2 -server_auth -client_auth -CApath ../certs || exit 1
-
-echo test sslv3
-./ssltest -ssl3 || exit 1
-
-echo test sslv3 with server authentication
-./ssltest -ssl3 -server_auth -CApath ../certs || exit 1
-
-echo test sslv3 with client authentication
-./ssltest -ssl3 -client_auth -CApath ../certs || exit 1
-
-echo test sslv3 with both client and server authentication
-./ssltest -ssl3 -server_auth -client_auth -CApath ../certs || exit 1
-
-echo test sslv2/sslv3
-./ssltest || exit 1
-
-echo test sslv2/sslv3 with server authentication
-./ssltest -server_auth -CApath ../certs || exit 1
-
-echo test sslv2/sslv3 with client authentication
-./ssltest -client_auth -CApath ../certs || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication
-./ssltest -server_auth -client_auth -CApath ../certs || exit 1
-
-echo test sslv2 via BIO pair
-./ssltest -bio_pair -ssl2 || exit 1
-
-echo test sslv2 with server authentication via BIO pair
-./ssltest -bio_pair -ssl2 -server_auth -CApath ../certs || exit 1
-
-echo test sslv2 with client authentication via BIO pair
-./ssltest -bio_pair -ssl2 -client_auth -CApath ../certs || exit 1
-
-echo test sslv2 with both client and server authentication via BIO pair
-./ssltest -bio_pair -ssl2 -server_auth -client_auth -CApath ../certs || exit 1
-
-echo test sslv3 via BIO pair
-./ssltest -bio_pair -ssl3 || exit 1
-
-echo test sslv3 with server authentication via BIO pair
-./ssltest -bio_pair -ssl3 -server_auth -CApath ../certs || exit 1
-
-echo test sslv3 with client authentication via BIO pair
-./ssltest -bio_pair -ssl3 -client_auth -CApath ../certs || exit 1
-
-echo test sslv3 with both client and server authentication via BIO pair
-./ssltest -bio_pair -ssl3 -server_auth -client_auth -CApath ../certs || exit 1
-
-echo test sslv2/sslv3 via BIO pair
-./ssltest || exit 1
-
-echo test sslv2/sslv3 w/o DHE via BIO pair
-./ssltest -bio_pair -no_dhe || exit 1
-
-echo test sslv2/sslv3 with 1024bit DHE
-./ssltest -bio_pair -dhe1024 -v || exit 1
-
-echo test sslv2/sslv3 with server authentication
-./ssltest -bio_pair -server_auth -CApath ../certs || exit 1
-
-echo test sslv2/sslv3 with client authentication via BIO pair
-./ssltest -bio_pair -client_auth -CApath ../certs || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication via BIO pair
-./ssltest -bio_pair -server_auth -client_auth -CApath ../certs || exit 1
-
-exit 0
diff --git a/src/lib/libssl/test/testx509.pem b/src/lib/libssl/test/testx509.pem
deleted file mode 100644
index 8a85d14964..0000000000
--- a/src/lib/libssl/test/testx509.pem
+++ /dev/null
@@ -1,10 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
-BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
-MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
-RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
-AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
-/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
-Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
-zl9HYIMxATFyqSiD9jsx
------END CERTIFICATE-----
diff --git a/src/lib/libssl/test/times b/src/lib/libssl/test/times
deleted file mode 100644
index 49aeebf216..0000000000
--- a/src/lib/libssl/test/times
+++ /dev/null
@@ -1,113 +0,0 @@
-
-More number for the questions about SSL overheads....
-
-The following numbers were generated on a pentium pro 200, running linux.
-They give an indication of the SSL protocol and encryption overheads.
-
-The program that generated them is an unreleased version of ssl/ssltest.c
-which is the SSLeay ssl protocol testing program. It is a single process that
-talks both sides of the SSL protocol via a non-blocking memory buffer
-interface.
-
-How do I read this? The protocol and cipher are reasonable obvious.
-The next number is the number of connections being made. The next is the
-number of bytes exchanged bewteen the client and server side of the protocol.
-This is the number of bytes that the client sends to the server, and then
-the server sends back. Because this is all happening in one process,
-the data is being encrypted, decrypted, encrypted and then decrypted again.
-It is a round trip of that many bytes. Because the one process performs
-both the client and server sides of the protocol and it sends this many bytes
-each direction, multiply this number by 4 to generate the number
-of bytes encrypted/decrypted/MACed. The first time value is how many seconds
-elapsed doing a full SSL handshake, the second is the cost of one
-full handshake and the rest being session-id reuse.
-
-SSLv2 RC4-MD5 1000 x 1 12.83s 0.70s
-SSLv3 NULL-MD5 1000 x 1 14.35s 1.47s
-SSLv3 RC4-MD5 1000 x 1 14.46s 1.56s
-SSLv3 RC4-MD5 1000 x 1 51.93s 1.62s 1024bit RSA
-SSLv3 RC4-SHA 1000 x 1 14.61s 1.83s
-SSLv3 DES-CBC-SHA 1000 x 1 14.70s 1.89s
-SSLv3 DES-CBC3-SHA 1000 x 1 15.16s 2.16s
-
-SSLv2 RC4-MD5 1000 x 1024 13.72s 1.27s
-SSLv3 NULL-MD5 1000 x 1024 14.79s 1.92s
-SSLv3 RC4-MD5 1000 x 1024 52.58s 2.29s 1024bit RSA
-SSLv3 RC4-SHA 1000 x 1024 15.39s 2.67s
-SSLv3 DES-CBC-SHA 1000 x 1024 16.45s 3.55s
-SSLv3 DES-CBC3-SHA 1000 x 1024 18.21s 5.38s
-
-SSLv2 RC4-MD5 1000 x 10240 18.97s 6.52s
-SSLv3 NULL-MD5 1000 x 10240 17.79s 5.11s
-SSLv3 RC4-MD5 1000 x 10240 20.25s 7.90s
-SSLv3 RC4-MD5 1000 x 10240 58.26s 8.08s 1024bit RSA
-SSLv3 RC4-SHA 1000 x 10240 22.96s 11.44s
-SSLv3 DES-CBC-SHA 1000 x 10240 30.65s 18.41s
-SSLv3 DES-CBC3-SHA 1000 x 10240 47.04s 34.53s
-
-SSLv2 RC4-MD5 1000 x 102400 70.22s 57.74s
-SSLv3 NULL-MD5 1000 x 102400 43.73s 31.03s
-SSLv3 RC4-MD5 1000 x 102400 71.32s 58.83s
-SSLv3 RC4-MD5 1000 x 102400 109.66s 59.20s 1024bit RSA
-SSLv3 RC4-SHA 1000 x 102400 95.88s 82.21s
-SSLv3 DES-CBC-SHA 1000 x 102400 173.22s 160.55s
-SSLv3 DES-CBC3-SHA 1000 x 102400 336.61s 323.82s
-
-What does this all mean? Well for a server, with no session-id reuse, with
-a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
-a pentium pro 200 running linux can handle the SSLv3 protocol overheads of
-about 49 connections a second. Reality will be quite different :-).
-
-Remeber the first number is 1000 full ssl handshakes, the second is
-1 full and 999 with session-id reuse. The RSA overheads for each exchange
-would be one public and one private operation, but the protocol/MAC/cipher
-cost would be quite similar in both the client and server.
-
-eric (adding numbers to speculation)
-
---- Appendix ---
-- The time measured is user time but these number a very rough.
-- Remember this is the cost of both client and server sides of the protocol.
-- The TCP/kernal overhead of connection establishment is normally the
- killer in SSL. Often delays in the TCP protocol will make session-id
- reuse look slower that new sessions, but this would not be the case on
- a loaded server.
-- The TCP round trip latencies, while slowing indervidual connections,
- would have minimal impact on throughput.
-- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
-- the required number of bytes are processed.
-- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers.
-- A 512bit server key was being used except where noted.
-- No server key verification was being performed on the client side of the
- protocol. This would slow things down very little.
-- The library being used is SSLeay 0.8.x.
-- The normal mesauring system was commands of the form
- time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
- This modified version of ssltest should be in the next public release of
- SSLeay.
-
-The general cipher performace number for this platform are
-
-SSLeay 0.8.2a 04-Sep-1997
-built on Fri Sep 5 17:37:05 EST 1997
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
-C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
-The 'numbers' are in 1000s of bytes per second processed.
-type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
-md2 131.02k 368.41k 500.57k 549.21k 566.09k
-mdc2 535.60k 589.10k 595.88k 595.97k 594.54k
-md5 1801.53k 9674.77k 17484.03k 21849.43k 23592.96k
-sha 1261.63k 5533.25k 9285.63k 11187.88k 11913.90k
-sha1 1103.13k 4782.53k 7933.78k 9472.34k 10070.70k
-rc4 10722.53k 14443.93k 15215.79k 15299.24k 15219.59k
-des cbc 3286.57k 3827.73k 3913.39k 3931.82k 3926.70k
-des ede3 1443.50k 1549.08k 1561.17k 1566.38k 1564.67k
-idea cbc 2203.64k 2508.16k 2538.33k 2543.62k 2547.71k
-rc2 cbc 1430.94k 1511.59k 1524.82k 1527.13k 1523.33k
-blowfish cbc 4716.07k 5965.82k 6190.17k 6243.67k 6234.11k
- sign verify
-rsa 512 bits 0.0100s 0.0011s
-rsa 1024 bits 0.0451s 0.0012s
-rsa 2048 bits 0.2605s 0.0086s
-rsa 4096 bits 1.6883s 0.0302s
-
diff --git a/src/lib/libssl/test/tpkcs7 b/src/lib/libssl/test/tpkcs7
deleted file mode 100644
index 15bbba42c0..0000000000
--- a/src/lib/libssl/test/tpkcs7
+++ /dev/null
@@ -1,51 +0,0 @@
-#!/bin/sh
-
-PATH=../apps:$PATH
-export PATH
-
-cmd='../apps/openssl pkcs7'
-
-if [ "$1"x != "x" ]; then
- t=$1
-else
- t=testp7.pem
-fi
-
-echo testing pkcs7 conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/src/lib/libssl/test/tpkcs7d b/src/lib/libssl/test/tpkcs7d
deleted file mode 100644
index 46e5aa2bd6..0000000000
--- a/src/lib/libssl/test/tpkcs7d
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-
-PATH=../apps:$PATH
-export PATH
-
-cmd='../apps/openssl pkcs7'
-
-if [ "$1"x != "x" ]; then
- t=$1
-else
- t=pkcs7-1.pem
-fi
-
-echo "testing pkcs7 conversions (2)"
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/src/lib/libssl/test/treq b/src/lib/libssl/test/treq
deleted file mode 100644
index 0464c9d902..0000000000
--- a/src/lib/libssl/test/treq
+++ /dev/null
@@ -1,81 +0,0 @@
-#!/bin/sh
-
-PATH=../apps:$PATH
-export PATH
-
-cmd='../apps/openssl req -config ../apps/openssl.cnf'
-
-if [ "$1"x != "x" ]; then
- t=$1
-else
- t=testreq.pem
-fi
-
-echo testing req conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -verify -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -verify -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/src/lib/libssl/test/trsa b/src/lib/libssl/test/trsa
deleted file mode 100644
index d6a4dd826d..0000000000
--- a/src/lib/libssl/test/trsa
+++ /dev/null
@@ -1,81 +0,0 @@
-#!/bin/sh
-
-PATH=../apps:$PATH
-export PATH
-
-cmd='../apps/openssl rsa'
-
-if [ "$1"x != "x" ]; then
- t=$1
-else
- t=testrsa.pem
-fi
-
-echo testing rsa conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/src/lib/libssl/test/tsid b/src/lib/libssl/test/tsid
deleted file mode 100644
index 9e0854516c..0000000000
--- a/src/lib/libssl/test/tsid
+++ /dev/null
@@ -1,81 +0,0 @@
-#!/bin/sh
-
-PATH=../apps:$PATH
-export PATH
-
-cmd='../apps/openssl sess_id'
-
-if [ "$1"x != "x" ]; then
- t=$1
-else
- t=testsid.pem
-fi
-
-echo testing session-id conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/src/lib/libssl/test/tx509 b/src/lib/libssl/test/tx509
deleted file mode 100644
index 35169f3a43..0000000000
--- a/src/lib/libssl/test/tx509
+++ /dev/null
@@ -1,81 +0,0 @@
-#!/bin/sh
-
-PATH=../apps:$PATH
-export PATH
-
-cmd='../apps/openssl x509'
-
-if [ "$1"x != "x" ]; then
- t=$1
-else
- t=testx509.pem
-fi
-
-echo testing X509 conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> n"
-$cmd -in fff.p -inform p -outform n >f.n
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-echo "n -> d"
-$cmd -in f.n -inform n -outform d >ff.d2
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> n"
-$cmd -in f.d -inform d -outform n >ff.n1
-if [ $? != 0 ]; then exit 1; fi
-echo "n -> n"
-$cmd -in f.n -inform n -outform n >ff.n2
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> n"
-$cmd -in f.p -inform p -outform n >ff.n3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-echo "n -> p"
-$cmd -in f.n -inform n -outform p >ff.p2
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p2
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.n ff.n1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.n ff.n2
-if [ $? != 0 ]; then exit 1; fi
-cmp f.n ff.n3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p2
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/src/lib/libssl/test/v3-cert1.pem b/src/lib/libssl/test/v3-cert1.pem
deleted file mode 100644
index 0da253d5c3..0000000000
--- a/src/lib/libssl/test/v3-cert1.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx
-NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz
-dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw
-ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
-ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2
-ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp
-miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C
-AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
-Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
-DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR
-MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB
-AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21
-X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3
-WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO
------END CERTIFICATE-----
diff --git a/src/lib/libssl/test/v3-cert2.pem b/src/lib/libssl/test/v3-cert2.pem
deleted file mode 100644
index de0723ff8d..0000000000
--- a/src/lib/libssl/test/v3-cert2.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD
-YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0
-ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu
-dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1
-WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV
-BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx
-FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
-6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT
-G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ
-YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm
-b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc
-F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz
-lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap
-jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=
------END CERTIFICATE-----
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
deleted file mode 100644
index cf92ae034f..0000000000
--- a/src/lib/libssl/tls1.h
+++ /dev/null
@@ -1,164 +0,0 @@
-/* ssl/tls1.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_TLS1_H
-#define HEADER_TLS1_H
-
-#include <openssl/buffer.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1
-
-#define TLS1_VERSION 0x0301
-#define TLS1_VERSION_MAJOR 0x03
-#define TLS1_VERSION_MINOR 0x01
-
-#define TLS1_AD_DECRYPTION_FAILED 21
-#define TLS1_AD_RECORD_OVERFLOW 22
-#define TLS1_AD_UNKNOWN_CA 48 /* fatal */
-#define TLS1_AD_ACCESS_DENIED 49 /* fatal */
-#define TLS1_AD_DECODE_ERROR 50 /* fatal */
-#define TLS1_AD_DECRYPT_ERROR 51
-#define TLS1_AD_EXPORT_RESTRICTION 60 /* fatal */
-#define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */
-#define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */
-#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */
-#define TLS1_AD_USER_CANCELLED 90
-#define TLS1_AD_NO_RENEGOTIATION 100
-
-/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
- * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
- * s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably
- * shouldn't. */
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061
-#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062
-#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
-#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065
-#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
-
-/* XXX
- * Inconsistency alert:
- * The OpenSSL names of ciphers with ephemeral DH here include the string
- * "DHE", while elsewhere it has always been "EDH".
- * (The alias for the list of all such ciphers also is "EDH".)
- * The specifications speak of "EDH"; maybe we should allow both forms
- * for everything. */
-#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5"
-#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5"
-#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA"
-#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DHE-DSS-DES-CBC-SHA"
-#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
-#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
-
-
-#define TLS_CT_RSA_SIGN 1
-#define TLS_CT_DSS_SIGN 2
-#define TLS_CT_RSA_FIXED_DH 3
-#define TLS_CT_DSS_FIXED_DH 4
-#define TLS_CT_NUMBER 4
-
-#define TLS1_FINISH_MAC_LENGTH 12
-
-#define TLS_MD_MAX_CONST_SIZE 20
-#define TLS_MD_CLIENT_FINISH_CONST "client finished"
-#define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
-#define TLS_MD_SERVER_FINISH_CONST "server finished"
-#define TLS_MD_SERVER_FINISH_CONST_SIZE 15
-#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
-#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
-#define TLS_MD_KEY_EXPANSION_CONST "key expansion"
-#define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
-#define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key"
-#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
-#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
-#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
-#define TLS_MD_IV_BLOCK_CONST "IV block"
-#define TLS_MD_IV_BLOCK_CONST_SIZE 8
-#define TLS_MD_MASTER_SECRET_CONST "master secret"
-#define TLS_MD_MASTER_SECRET_CONST_SIZE 13
-
-#ifdef CHARSET_EBCDIC
-#undef TLS_MD_CLIENT_FINISH_CONST
-#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*client finished*/
-#undef TLS_MD_SERVER_FINISH_CONST
-#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*server finished*/
-#undef TLS_MD_SERVER_WRITE_KEY_CONST
-#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/
-#undef TLS_MD_KEY_EXPANSION_CONST
-#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e" /*key expansion*/
-#undef TLS_MD_CLIENT_WRITE_KEY_CONST
-#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*client write key*/
-#undef TLS_MD_SERVER_WRITE_KEY_CONST
-#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/
-#undef TLS_MD_IV_BLOCK_CONST
-#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b" /*IV block*/
-#undef TLS_MD_MASTER_SECRET_CONST
-#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
--
cgit v1.2.3-55-g6feb